urlscan.io logo urlscan.io
SecurityTrails logo

www.chicagotribune.com Open in urlscan Pro
184.84.165.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://leisureblogs.chicagotribune.com/the_theater_loop/just-for-laughs/
Effective URL: https://www.chicagotribune.com/entertainment/theater/
Submission: On December 24 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 174 IPs in 13 countries across 137 domains to perform 778 HTTP transactions. The main IP is 184.84.165.201, located in Sydney, Australia and belongs to AKAMAI-ASN1, NL. The main domain is www.chicagotribune.com. The Cisco Umbrella rank of the primary domain is 67149.
TLS certificate: Issued by R3 on November 6th 2023. Valid for: 3 months.
This is the only time www.chicagotribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.118.89.101 16509 (AMAZON-02)
1 1 104.99.59.17 20940 (AKAMAI-ASN1)
38 184.84.165.201 20940 (AKAMAI-ASN1)
8 142.250.67.10 15169 (GOOGLE)
3 18.67.93.77 16509 (AMAZON-02)
2 18.67.93.116 16509 (AMAZON-02)
10 13.35.147.92 16509 (AMAZON-02)
2 18.67.93.111 16509 (AMAZON-02)
1 152.199.39.108 15133 (EDGECAST)
3 172.217.167.104 15169 (GOOGLE)
1 23.202.168.127 16625 (AKAMAI-AS)
9 142.250.204.3 15169 (GOOGLE)
2 3.218.94.162 14618 (AMAZON-AES)
1 104.80.232.135 16625 (AKAMAI-AS)
1 18.67.97.57 16509 (AMAZON-02)
1 13.224.181.52 16509 (AMAZON-02)
1 4 13.224.181.14 16509 (AMAZON-02)
5 188.240.13.2 39572 (ADVANCEDH...)
1 6 18.67.111.116 16509 (AMAZON-02)
50 151.101.129.44 54113 (FASTLY)
2 5 23.55.12.201 16625 (AKAMAI-AS)
2 104.18.214.59 13335 (CLOUDFLAR...)
1 23.214.36.171 16625 (AKAMAI-AS)
5 18.67.111.102 16509 (AMAZON-02)
14 142.250.204.14 15169 (GOOGLE)
1 13.224.181.8 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
1 35.162.220.137 16509 (AMAZON-02)
1 54.70.109.25 16509 (AMAZON-02)
1 18.67.101.66 16509 (AMAZON-02)
6 52.223.1.76 16509 (AMAZON-02)
5 52.25.95.187 16509 (AMAZON-02)
1 142.251.175.157 15169 (GOOGLE)
1 18.67.93.11 16509 (AMAZON-02)
3 142.251.175.84 15169 (GOOGLE)
2 14 142.251.221.66 15169 (GOOGLE)
8 13.35.147.123 16509 (AMAZON-02)
6 18.67.92.138 16509 (AMAZON-02)
1 104.18.38.76 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
3 142.250.66.202 15169 (GOOGLE)
3 172.64.152.89 13335 (CLOUDFLAR...)
10 18.67.111.105 16509 (AMAZON-02)
10 184.73.232.225 14618 (AMAZON-AES)
4 54.198.156.105 14618 (AMAZON-AES)
2 18.67.111.13 16509 (AMAZON-02)
2 216.137.39.73 16509 (AMAZON-02)
18 29 15.197.193.217 16509 (AMAZON-02)
1 54.215.67.68 16509 (AMAZON-02)
1 34.149.26.226 396982 (GOOGLE-CL...)
1 5 35.244.193.51 15169 (GOOGLE)
2 18.67.111.14 16509 (AMAZON-02)
1 18.164.154.17 16509 (AMAZON-02)
3 172.217.167.68 15169 (GOOGLE)
3 142.250.67.3 15169 (GOOGLE)
2 23.38.131.47 16625 (AKAMAI-AS)
2 172.67.36.110 13335 (CLOUDFLAR...)
1 151.101.65.229 54113 (FASTLY)
3 4 103.229.10.171 16509 (AMAZON-02)
1 13.225.141.90 16509 (AMAZON-02)
1 52.216.170.91 16509 (AMAZON-02)
1 18.164.173.42 16509 (AMAZON-02)
2 52.89.2.84 16509 (AMAZON-02)
5 54.255.34.175 16509 (AMAZON-02)
2 69.173.158.65 26667 (RUBICONPR...)
12 16 103.43.90.19 29990 (ASN-APPNEX)
3 207.65.33.78 62713 (AS-PUBMATIC)
2 15.197.196.10 16509 (AMAZON-02)
3 18.140.162.50 16509 (AMAZON-02)
3 104.18.36.155 13335 (CLOUDFLAR...)
2 182.161.73.145 55569 (CRITEO-AS...)
4 18.67.114.43 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.161.181.197 16509 (AMAZON-02)
1 18.67.93.46 16509 (AMAZON-02)
1 172.217.167.70 15169 (GOOGLE)
7 142.250.67.2 15169 (GOOGLE)
7 142.250.71.66 15169 (GOOGLE)
1 104.22.53.86 13335 (CLOUDFLAR...)
1 182.161.73.136 55569 (CRITEO-AS...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
3 104.22.4.69 13335 (CLOUDFLAR...)
20 188.240.13.1 39572 (ADVANCEDH...)
7 151.101.65.44 54113 (FASTLY)
1 3 52.76.165.247 16509 (AMAZON-02)
3 33 209.54.182.161 16509 (AMAZON-02)
1 35.190.39.111 15169 (GOOGLE)
2 74.118.186.106 6336 (TURN-US-ASN)
1 69.173.158.92 26667 (RUBICONPR...)
2 18.67.111.126 16509 (AMAZON-02)
8 35.244.159.8 396982 (GOOGLE-CL...)
1 3.236.169.72 14618 (AMAZON-AES)
2 2 124.146.153.164 2514 (INFOSPHER...)
2 2 13.224.181.100 16509 (AMAZON-02)
20 39 142.250.66.194 15169 (GOOGLE)
2 104.18.43.90 13335 (CLOUDFLAR...)
1 12 104.22.5.69 13335 (CLOUDFLAR...)
9 141.226.229.48 200478 (TABOOLA-AS)
30 141.226.124.48 200478 (TABOOLA-AS)
2 4 142.250.204.6 15169 (GOOGLE)
1 18.67.93.60 16509 (AMAZON-02)
4 11 67.199.150.86 3257 (GTT-BACKB...)
24 50 69.173.158.64 26667 (RUBICONPR...)
6 9 34.111.113.62 396982 (GOOGLE-CL...)
15 18 74.118.186.107 6336 (TURN-US-ASN)
1 1 72.34.250.75 27630 (AS-XFERNET)
3 142.250.67.1 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
2 182.161.73.129 55569 (CRITEO-AS...)
7 9 35.213.12.39 15169 (GOOGLE)
4 8 51.79.154.29 16276 (OVH)
8 8 50.116.239.135 6336 (TURN-US-ASN)
1 1 35.208.249.213 15169 (GOOGLE)
9 9 18.180.45.14 16509 (AMAZON-02)
4 4 50.31.142.159 23352 (SERVERCEN...)
1 10 18.139.210.126 16509 (AMAZON-02)
4 23.55.6.117 16625 (AKAMAI-AS)
4 54.255.42.142 16509 (AMAZON-02)
8 23.204.65.234 16625 (AKAMAI-AS)
2 2 216.22.16.52 30633 (LEASEWEB-...)
3 3 52.223.2.229 16509 (AMAZON-02)
5 5 23.221.21.71 16625 (AKAMAI-AS)
1 1 13.35.147.91 16509 (AMAZON-02)
2 35.74.118.231 16509 (AMAZON-02)
8 8 13.228.126.19 16509 (AMAZON-02)
1 52.76.177.21 16509 (AMAZON-02)
6 207.65.33.83 62713 (AS-PUBMATIC)
7 10 18.143.230.122 16509 (AMAZON-02)
1 2 35.227.252.103 396982 (GOOGLE-CL...)
1 4 220.150.223.50 4686 (BEKKOAME ...)
2 3 34.98.64.218 396982 (GOOGLE-CL...)
1 34.120.58.62 396982 (GOOGLE-CL...)
14 13.112.54.241 16509 (AMAZON-02)
3 3 54.227.169.0 14618 (AMAZON-AES)
3 3 54.162.68.92 14618 (AMAZON-AES)
3 8.18.47.7 398989 (DEEPINTENT)
2 2 74.214.196.131 19189 (PULSEPOINT)
1 1 23.106.127.53 59253 (LEASEWEB-...)
8 10 185.84.60.20 198622 (ADFORM)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 1 104.68.31.231 16625 (AKAMAI-AS)
1 1 23.106.127.169 59253 (LEASEWEB-...)
6 6 67.199.150.82 3257 (GTT-BACKB...)
3 20 207.65.33.82 62713 (AS-PUBMATIC)
2 10 67.199.150.85 3257 (GTT-BACKB...)
1 1 8.43.72.98 26667 (RUBICONPR...)
31 104.74.46.234 16625 (AKAMAI-AS)
2 13 172.217.167.65 15169 (GOOGLE)
7 142.250.204.2 15169 (GOOGLE)
2 13.107.42.14 8068 (MICROSOFT...)
1 67.220.224.150 16509 (AMAZON-02)
1 131.153.206.101 59210 (PHOENIXNA...)
2 23.206.242.194 20940 (AKAMAI-ASN1)
1 1 18.161.180.118 16509 (AMAZON-02)
1 2 18.67.93.126 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
3 51.75.88.178 16276 (OVH)
3 51.75.89.188 16276 (OVH)
1 51.75.95.152 16276 (OVH)
2 51.75.95.199 16276 (OVH)
3 51.75.93.98 16276 (OVH)
1 51.75.89.127 16276 (OVH)
1 57.129.22.38 16276 (OVH)
2 51.75.92.250 16276 (OVH)
1 1 216.200.232.249 30419 (MEDIAMATH...)
3 4 119.9.108.211 45187 (RACKSPACE...)
3 3 35.194.66.159 396982 (GOOGLE-CL...)
2 192.9.186.67 31898 (ORACLE-BM...)
1 3 209.191.163.152 32475 (SINGLEHOP...)
1 1 64.38.119.43 18568 (BIDTELLECT)
1 34.149.50.64 396982 (GOOGLE-CL...)
2 2 182.161.73.146 55569 (CRITEO-AS...)
3 5 35.244.154.8 15169 (GOOGLE)
1 1 67.202.105.23 32748 (STEADFAST)
1 34.117.239.71 396982 (GOOGLE-CL...)
1 54.215.107.128 16509 (AMAZON-02)
1 52.89.208.126 16509 (AMAZON-02)
4 172.217.167.78 15169 (GOOGLE)
2 142.250.66.238 15169 (GOOGLE)
2 3 35.186.193.173 15169 (GOOGLE)
1 1 222.230.178.29 2519 (VECTANT A...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
2 2 35.214.187.199 15169 (GOOGLE)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 133.186.161.89 45974 (NHN-AS-KR...)
1 2 104.80.233.57 16625 (AKAMAI-AS)
8 9 162.19.138.82 16276 (OVH)
1 141.226.224.32 200478 (TABOOLA-AS)
3 89.207.22.114 399104 (CNVR-APAC)
2 173.194.193.94 15169 (GOOGLE)
3 104.21.64.98 13335 (CLOUDFLAR...)
2 2 3.215.25.133 14618 (AMAZON-AES)
3 205.234.175.175 23352 (SERVERCEN...)
1 18.67.111.99 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
2 2 18.138.18.111 16509 (AMAZON-02)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 2 35.213.93.179 15169 (GOOGLE)
4 13.224.181.66 16509 (AMAZON-02)
1 1 139.162.40.113 63949 (AKAMAI-LI...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 13.250.207.233 16509 (AMAZON-02)
2 2 89.207.22.73 399104 (CNVR-APAC)
5 54.183.248.142 16509 (AMAZON-02)
2 69.173.158.68 26667 (RUBICONPR...)
3 15.221.8.212 16509 (AMAZON-02)
1 69.173.158.67 26667 (RUBICONPR...)
1 1 13.251.208.106 16509 (AMAZON-02)
2 2 13.228.9.27 16509 (AMAZON-02)
1 13.251.27.98 16509 (AMAZON-02)
1 3.33.241.113 16509 (AMAZON-02)
1 18.65.25.29 16509 (AMAZON-02)
1 34.224.179.206 14618 (AMAZON-AES)
1 35.72.102.184 16509 (AMAZON-02)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 198.8.71.131 54312 (ROCKETFUEL)
778 174
1    18.118.89.101 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-118-89-101.us-east-2.compute.amazonaws.com
leisureblogs.chicagotribune.com
1    104.99.59.17 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-99-59-17.deploy.static.akamaitechnologies.com
www.chicagotribune.com
38    184.84.165.201 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-84-165-201.deploy.static.akamaitechnologies.com
www.chicagotribune.com
8    142.250.67.10 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net
fonts.googleapis.com
3    18.67.93.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-77.syd62.r.cloudfront.net
cmp.osano.com
2    18.67.93.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-116.syd62.r.cloudfront.net
htlbid.com
10    13.35.147.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-92.syd1.r.cloudfront.net
r610.chicagotribune.com
2    18.67.93.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-111.syd62.r.cloudfront.net
assets.zephr.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
3    172.217.167.104 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f8.1e100.net
www.googletagmanager.com
1    23.202.168.127 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-127.deploy.static.akamaitechnologies.com
s.go-mpulse.net
9    142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net
fonts.gstatic.com
2    3.218.94.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-94-162.compute-1.amazonaws.com
tribune.blueconic.net
1    104.80.232.135 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-232-135.deploy.static.akamaitechnologies.com
c.go-mpulse.net
1    18.67.97.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-97-57.syd62.r.cloudfront.net
cdn.parsely.com
1    13.224.181.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-52.syd1.r.cloudfront.net
launchpad-wrapper.privacymanager.io
4    13.224.181.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-14.syd1.r.cloudfront.net
sb.scorecardresearch.com
5    188.240.13.2 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn-p.cityspark.com
6    18.67.111.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-116.syd62.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
50    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
imprchmp.taboola.com
vidstatb.taboola.com
wf.taboola.com
opps.taboola.com
5    23.55.12.201 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-12-201.deploy.static.akamaitechnologies.com
www.tribdss.com
ssor.tribdss.com
2    104.18.214.59 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    23.214.36.171 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-36-171.deploy.static.akamaitechnologies.com
s.ntv.io
5    18.67.111.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-102.syd62.r.cloudfront.net
zephr.chicagotribune.com
14    142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
www.google-analytics.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
1    13.224.181.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-8.syd1.r.cloudfront.net
cdn.sophi.io
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    35.162.220.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-220-137.us-west-2.compute.amazonaws.com
p1.parsely.com
1    54.70.109.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-109-25.us-west-2.compute.amazonaws.com
authenticate.chicagotribune.com
1    18.67.101.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-101-66.syd62.r.cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
6    52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
collector2.sophi.io
5    52.25.95.187 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-95-187.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
1    142.251.175.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net
stats.g.doubleclick.net
1    18.67.93.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-11.syd62.r.cloudfront.net
launchpad.privacymanager.io
3    142.251.175.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f84.1e100.net
accounts.google.com
14    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
securepubads.g.doubleclick.net
8    13.35.147.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-123.syd1.r.cloudfront.net
tagan.adlightning.com
6    18.67.92.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-92-138.syd62.r.cloudfront.net
c.amazon-adsystem.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    142.250.66.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f10.1e100.net
imasdk.googleapis.com
3    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
10    18.67.111.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-105.syd62.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
10    184.73.232.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-232-225.compute-1.amazonaws.com
s2l.sendtonews.com
4    54.198.156.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-156-105.compute-1.amazonaws.com
www.i.matheranalytics.com
2    18.67.111.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-13.syd62.r.cloudfront.net
consent.api.osano.com
2    216.137.39.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-216-137-39-73.lax50.r.cloudfront.net
geo.privacymanager.io
29    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
1    54.215.67.68 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-67-68.us-west-1.compute.amazonaws.com
id.sv.rkdms.com
1    34.149.26.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.26.149.34.bc.googleusercontent.com
api.rlcdn.com
5    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    18.67.111.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-14.syd62.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.164.154.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-154-17.lax53.r.cloudfront.net
player.sendtonews.com
3    172.217.167.68 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f4.1e100.net
www.google.com
3    142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net
www.google.com.au
www.gstatic.com
2    23.38.131.47 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-131-47.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    172.67.36.110 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
1    13.225.141.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-141-90.lax3.r.cloudfront.net
d15kdpgjg3unno.cloudfront.net
1    52.216.170.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ams-pageview-public.s3.amazonaws.com
1    18.164.173.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-173-42.lax53.r.cloudfront.net
dyv1bugovvq1g.cloudfront.net
2    52.89.2.84 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-2-84.us-west-2.compute.amazonaws.com
hb.yellowblue.io
5    54.255.34.175 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-34-175.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
2    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
16    103.43.90.19 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    15.197.196.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae69789f15ba8a942.awsglobalaccelerator.com
direct.adsrvr.org
3    18.140.162.50 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-162-50.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
4    18.67.114.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-114-43.syd62.r.cloudfront.net
aax.amazon-adsystem.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.161.181.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-181-197.kul50.r.cloudfront.net
cdn.prod.uidapi.com
1    18.67.93.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-46.syd62.r.cloudfront.net
tags.crwdcntrl.net
1    172.217.167.70 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f6.1e100.net
s0.2mdn.net
7    142.250.67.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net
pagead2.googlesyndication.com
7    142.250.71.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net
pubads.g.doubleclick.net
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
3    104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
pixels.ad.gt
20    188.240.13.1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn59755463.blazingcdn.net
7    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
vidstat.taboola.com
pips.taboola.com
3    52.76.165.247 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-165-247.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
33    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    74.118.186.106 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
targeting.unrulymedia.com
1    69.173.158.92 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    18.67.111.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-126.syd62.r.cloudfront.net
hb.undertone.com
d24zb9qreavi2u.cloudfront.net
8    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
u.openx.net
taboola-d.openx.net
1    3.236.169.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-72.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
2    124.146.153.164 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.224.181.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-100.syd1.r.cloudfront.net
cr-p3.ladsp.com
39    142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
cm.g.doubleclick.net
2    104.18.43.90 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
12    104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
p.ad.gt
ids.ad.gt
9    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
30    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
ch-vid-events.taboola.com
ch-match.taboola.com
ch-wf.taboola.com
4    142.250.204.6 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f6.1e100.net
ad.doubleclick.net
1    18.67.93.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-60.syd62.r.cloudfront.net
mng-trib-tagan.adlightning.com
11    67.199.150.86 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
50    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
9    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
18    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
1    72.34.250.75 (Hemet, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    142.250.67.1 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f1.1e100.net
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
9    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
8    51.79.154.29 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip29.ip-51-79-154.net
onetag-sys.com
8    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
9    18.180.45.14 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-45-14.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
4    50.31.142.159 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
10    18.139.210.126 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
4    23.55.6.117 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-6-117.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    54.255.42.142 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-42-142.ap-southeast-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
8    23.204.65.234 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-65-234.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    216.22.16.52 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
3    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
5    23.221.21.71 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-21-71.deploy.static.akamaitechnologies.com
cs.media.net
1    13.35.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-91.syd1.r.cloudfront.net
s.ad.smaato.net
2    35.74.118.231 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-118-231.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
8    13.228.126.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.76.177.21 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-177-21.ap-southeast-1.compute.amazonaws.com
crb.kargo.com
6    207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    18.143.230.122 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-230-122.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
americanhometownmedia.com
14    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
3    54.227.169.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-169-0.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    54.162.68.92 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-68-92.compute-1.amazonaws.com
sync.ipredictive.com
3    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
10    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    104.68.31.231 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-31-231.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    23.106.127.169 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
6    67.199.150.82 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
20    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
10    67.199.150.85 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
31    104.74.46.234 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-46-234.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
svastx.moatads.com
13    172.217.167.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f1.1e100.net
tpc.googlesyndication.com
7    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
www.googletagservices.com
www.googleadservices.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    67.220.224.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    131.153.206.101 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
2    23.206.242.194 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-242-194.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    18.161.180.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-180-118.kul50.r.cloudfront.net
live.primis.tech
2    18.67.93.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-126.syd62.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
3    51.75.88.178 (Germany)

ASN16276 (OVH, FR)
c0.eu-3-id5-sync.com
c1.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
3    51.75.89.188 (Germany)

ASN16276 (OVH, FR)
c2.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
c2.eu-4-id5-sync.com
1    51.75.95.152 (Germany)

ASN16276 (OVH, FR)
c3.eu-3-id5-sync.com
2    51.75.95.199 (Germany)

ASN16276 (OVH, FR)
c4.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
3    51.75.93.98 (Germany)

ASN16276 (OVH, FR)
c5.eu-3-id5-sync.com
c7.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
1    51.75.89.127 (Germany)

ASN16276 (OVH, FR)
c6.eu-3-id5-sync.com
1    57.129.22.38 (France)

ASN16276 (OVH, FR)
c5.eu-4-id5-sync.com
2    51.75.92.250 (Germany)

ASN16276 (OVH, FR)
c6.eu-4-id5-sync.com
c7.eu-4-id5-sync.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    119.9.108.211 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
3    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    192.9.186.67 (Bungarribee, Australia)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
3    209.191.163.152 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
ap.lijit.com
1    64.38.119.43 (United States)

ASN18568 (BIDTELLECT, US)
bttrack.com
1    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
5    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    54.215.107.128 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-107-128.us-west-1.compute.amazonaws.com
exchange.mediavine.com
1    52.89.208.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-208-126.us-west-2.compute.amazonaws.com
cs.minutemedia-prebid.com
4    172.217.167.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f14.1e100.net
encrypted-tbn3.gstatic.com
2    142.250.66.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net
encrypted-tbn1.gstatic.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    222.230.178.29 (Minatomirai, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
rt.gsspat.jp
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    35.214.187.199 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 199.187.214.35.bc.googleusercontent.com
csync.loopme.me
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    133.186.161.89 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)
app.cauly.co.kr
2    104.80.233.57 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-233-57.deploy.static.akamaitechnologies.com
sync.teads.tv
9    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    89.207.22.114 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin02-convex-float1.dotomi.com
direct.ad.cpe.dotomi.com
2    173.194.193.94 (United States)

ASN15169 (GOOGLE, US)
PTR: iu-in-f94.1e100.net
csi.gstatic.com
3    104.21.64.98 (None, )

ASN13335 (CLOUDFLARENET, US)
js.brealtime.com
2    3.215.25.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-25-133.compute-1.amazonaws.com
dpm.demdex.net
3    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
edge.blockboardtech.com
1    18.67.111.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-99.syd62.r.cloudfront.net
choices.trustarc.com
1    51.68.39.188 (Créteil, France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
2    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
4    13.224.181.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-66.syd1.r.cloudfront.net
video-assets.brandcdn.com
1    139.162.40.113 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1453-113.members.linode.com
gocm.c.appier.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    13.250.207.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    89.207.22.73 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
5    54.183.248.142 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-248-142.us-west-1.compute.amazonaws.com
adservices.brandcdn.com
2    69.173.158.68 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
beacon-nf.rubiconproject.com
3    15.221.8.212 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
aax-fe-sin.amazon-adsystem.com
1    69.173.158.67 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
beacon-sin1.rubiconproject.com
1    13.251.208.106 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-208-106.ap-southeast-1.compute.amazonaws.com
i.w55c.net
2    13.228.9.27 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-9-27.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    13.251.27.98 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-27-98.ap-southeast-1.compute.amazonaws.com
s.update.rubiconproject.com
1    3.33.241.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae69789f15ba8a942.awsglobalaccelerator.com
sg2-bid.adsrvr.org
1    18.65.25.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-25-29.lax53.r.cloudfront.net
cache.sendtonews.com
1    34.224.179.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-179-206.compute-1.amazonaws.com
choices-or.trustarc.com
1    35.72.102.184 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-102-184.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
Apex Domain
Subdomains		 Transfer
97 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
pm-widget.taboola.com — Cisco Umbrella Rank: 3686
trc.taboola.com — Cisco Umbrella Rank: 648
vidstat.taboola.com — Cisco Umbrella Rank: 3027
trc-events.taboola.com — Cisco Umbrella Rank: 2040
ch-trc-events.taboola.com — Cisco Umbrella Rank: 4134
ch-vid-events.taboola.com — Cisco Umbrella Rank: 5066
imprchmp.taboola.com — Cisco Umbrella Rank: 5289
ch-match.taboola.com — Cisco Umbrella Rank: 5423
sync.taboola.com — Cisco Umbrella Rank: 1293
vidstatb.taboola.com — Cisco Umbrella Rank: 5135
wf.taboola.com — Cisco Umbrella Rank: 3217
pips.taboola.com — Cisco Umbrella Rank: 1659
opps.taboola.com — Cisco Umbrella Rank: 5870
cds.taboola.com — Cisco Umbrella Rank: 1860
ch-wf.taboola.com — Cisco Umbrella Rank: 5629
18 MB
67 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
token.rubiconproject.com — Cisco Umbrella Rank: 461
eus.rubiconproject.com — Cisco Umbrella Rank: 588
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
beacon-nf.rubiconproject.com — Cisco Umbrella Rank: 2170
beacon-sin1.rubiconproject.com — Cisco Umbrella Rank: 15180
s.update.rubiconproject.com — Cisco Umbrella Rank: 4121
97 KB
65 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
315 KB
60 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image2.pubmatic.com — Cisco Umbrella Rank: 859
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
image8.pubmatic.com — Cisco Umbrella Rank: 661
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image4.pubmatic.com — Cisco Umbrella Rank: 1224
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
55 KB
56 chicagotribune.com
leisureblogs.chicagotribune.com
www.chicagotribune.com — Cisco Umbrella Rank: 67149
r610.chicagotribune.com — Cisco Umbrella Rank: 90983
zephr.chicagotribune.com — Cisco Umbrella Rank: 103704
authenticate.chicagotribune.com — Cisco Umbrella Rank: 192203
922 KB
49 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
aax-fe-sin.amazon-adsystem.com — Cisco Umbrella Rank: 19309
248 KB
33 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
mb.moatads.com — Cisco Umbrella Rank: 766
px.moatads.com — Cisco Umbrella Rank: 594
svastx.moatads.com — Cisco Umbrella Rank: 2939
607 KB
32 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
direct.adsrvr.org — Cisco Umbrella Rank: 3147
insight.adsrvr.org — Cisco Umbrella Rank: 557
sg2-bid.adsrvr.org — Cisco Umbrella Rank: 18699
13 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
327 KB
23 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
csi.gstatic.com
570 KB
20 blazingcdn.net
cdn59755463.blazingcdn.net — Cisco Umbrella Rank: 26332
1 MB
18 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
8 KB
18 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 13026
embedcdn.sendtonews.com — Cisco Umbrella Rank: 14375
s2l.sendtonews.com — Cisco Umbrella Rank: 12998
player.sendtonews.com — Cisco Umbrella Rank: 15031
cache.sendtonews.com — Cisco Umbrella Rank: 419976
407 KB
16 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
5 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
12 KB
15 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1673
a.ad.gt — Cisco Umbrella Rank: 1869
p.ad.gt — Cisco Umbrella Rank: 2256
ids.ad.gt — Cisco Umbrella Rank: 1540
pixels.ad.gt — Cisco Umbrella Rank: 2064
21 KB
15 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
u.openx.net — Cisco Umbrella Rank: 672
rtb.openx.net — Cisco Umbrella Rank: 695
taboola-d.openx.net — Cisco Umbrella Rank: 6651
4 KB
14 cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
d24zb9qreavi2u.cloudfront.net
403 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
6 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
395 KB
10 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
6 KB
10 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
4 KB
10 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
45 KB
10 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
lexicon.33across.com — Cisco Umbrella Rank: 1596
ssc-cms.33across.com — Cisco Umbrella Rank: 904
events-ssc.33across.com — Cisco Umbrella Rank: 1493
15 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
44 KB
9 brandcdn.com
video-assets.brandcdn.com — Cisco Umbrella Rank: 40297
adservices.brandcdn.com — Cisco Umbrella Rank: 11575
639 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
5 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
4 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
9 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5099
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 7409
6 KB
9 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2257
mng-trib-tagan.adlightning.com
225 KB
8 eu-4-id5-sync.com
c0.eu-4-id5-sync.com — Cisco Umbrella Rank: 14551
c1.eu-4-id5-sync.com — Cisco Umbrella Rank: 14437
c2.eu-4-id5-sync.com — Cisco Umbrella Rank: 14516
c3.eu-4-id5-sync.com — Cisco Umbrella Rank: 14394
c4.eu-4-id5-sync.com — Cisco Umbrella Rank: 14454
c5.eu-4-id5-sync.com — Cisco Umbrella Rank: 14419
c6.eu-4-id5-sync.com — Cisco Umbrella Rank: 14463
c7.eu-4-id5-sync.com — Cisco Umbrella Rank: 14494
2 KB
8 eu-3-id5-sync.com
c0.eu-3-id5-sync.com — Cisco Umbrella Rank: 14378
c1.eu-3-id5-sync.com — Cisco Umbrella Rank: 14300
c2.eu-3-id5-sync.com — Cisco Umbrella Rank: 14269
c3.eu-3-id5-sync.com — Cisco Umbrella Rank: 14327
c4.eu-3-id5-sync.com — Cisco Umbrella Rank: 14309
c5.eu-3-id5-sync.com — Cisco Umbrella Rank: 14396
c6.eu-3-id5-sync.com — Cisco Umbrella Rank: 14279
c7.eu-3-id5-sync.com — Cisco Umbrella Rank: 14281
2 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
4 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
2 KB
8 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 805
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4341
3 KB
7 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 19956
collector2.sophi.io — Cisco Umbrella Rank: 101908
43 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
3 KB
6 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 983
id.rlcdn.com — Cisco Umbrella Rank: 711
idsync.rlcdn.com — Cisco Umbrella Rank: 408
2 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 23
www.google.com — Cisco Umbrella Rank: 2
81 KB
6 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11626
www.i.matheranalytics.com — Cisco Umbrella Rank: 11414
45 KB
6 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 31601
cdn-p.cityspark.com — Cisco Umbrella Rank: 22257
38 KB
5 dotomi.com
direct.ad.cpe.dotomi.com — Cisco Umbrella Rank: 18726
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
2 KB
5 media.net
cs.media.net — Cisco Umbrella Rank: 1381
2 KB
5 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
creativecdn.com — Cisco Umbrella Rank: 564
3 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
gum.criteo.com — Cisco Umbrella Rank: 424
dis.criteo.com — Cisco Umbrella Rank: 550
2 KB
5 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 936
5 KB
5 tribdss.com
www.tribdss.com — Cisco Umbrella Rank: 79872
ssor.tribdss.com — Cisco Umbrella Rank: 79963
41 KB
5 osano.com
cmp.osano.com — Cisco Umbrella Rank: 4989
consent.api.osano.com — Cisco Umbrella Rank: 9305
113 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
2 KB
4 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12406
1 KB
4 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6175
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
13 KB
4 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 1011
cms.quantserve.com — Cisco Umbrella Rank: 749
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
1 KB
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016
launchpad.privacymanager.io — Cisco Umbrella Rank: 2702
geo.privacymanager.io — Cisco Umbrella Rank: 2070
31 KB
3 w55c.net
i.w55c.net — Cisco Umbrella Rank: 1431
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
3 blockboardtech.com
edge.blockboardtech.com — Cisco Umbrella Rank: 16192
8 MB
3 brealtime.com
js.brealtime.com — Cisco Umbrella Rank: 47977
168 KB
3 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
1 KB
3 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
ap.lijit.com — Cisco Umbrella Rank: 650
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
193 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
122 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
2 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
234 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2269
968 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
881 B
2 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 28132
1 KB
2 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 875
choices-or.trustarc.com — Cisco Umbrella Rank: 3869
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
649 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
688 B
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8960
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
529 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
661 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
62 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
104 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
2 KB
2 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2147
868 B
2 amazonaws.com
ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 11520
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5637
1 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1790
19 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
34 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
25 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4165
71 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3052
p1.parsely.com — Cisco Umbrella Rank: 2300
21 KB
2 blueconic.net
tribune.blueconic.net — Cisco Umbrella Rank: 60750
2 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1309
c.go-mpulse.net — Cisco Umbrella Rank: 595
50 KB
2 zephr.com
assets.zephr.com — Cisco Umbrella Rank: 14796
17 KB
2 htlbid.com
htlbid.com — Cisco Umbrella Rank: 9948
131 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
795 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5215
277 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 21062
38 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
552 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2197
435 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4434
406 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3181
583 B
1 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 88638
161 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 55430
716 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7973
541 B
1 gsspat.jp
rt.gsspat.jp — Cisco Umbrella Rank: 62946
410 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1777
326 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1074
186 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
284 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 815
350 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
737 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
556 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
449 B
1 americanhometownmedia.com
americanhometownmedia.com — Cisco Umbrella Rank: 53692
103 KB
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 910
288 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
440 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
361 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
293 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
697 B
1 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3939
524 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4118
451 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
83 KB
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 29909
408 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5557
277 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
12 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3712
164 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net — Cisco Umbrella Rank: 685 Failed
0 nex8.net Failed
cs.nex8.net Failed
778 137
Domain Requested by
39 cm.g.doubleclick.net 20 redirects google-bidout-d.openx.net
www.chicagotribune.com
rtb.gumgum.com
sync-amz.ads.yieldmo.com
s.amazon-adsystem.com
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
39 www.chicagotribune.com 1 redirects www.chicagotribune.com
35 pixel.rubiconproject.com 14 redirects s.amazon-adsystem.com
www.chicagotribune.com
33 s.amazon-adsystem.com 3 redirects cmp.osano.com
c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
ads.pubmatic.com
www.chicagotribune.com
25 px.moatads.com www.chicagotribune.com
21 match.adsrvr.org 18 redirects js-sec.indexww.com
htlbid.com
www.chicagotribune.com
20 simage2.pubmatic.com 3 redirects s.amazon-adsystem.com
ads.pubmatic.com
www.chicagotribune.com
20 cdn59755463.blazingcdn.net www.chicagotribune.com
18 ch-trc-events.taboola.com www.chicagotribune.com
cdn.taboola.com
18 vidstat.taboola.com cmp.osano.com
www.chicagotribune.com
15 token.rubiconproject.com 10 redirects eus.rubiconproject.com
s.amazon-adsystem.com
www.chicagotribune.com
14 usersync.gumgum.com rtb.gumgum.com
s.amazon-adsystem.com
ads.pubmatic.com
14 securepubads.g.doubleclick.net 2 redirects cmp.osano.com
securepubads.g.doubleclick.net
www.chicagotribune.com
tagan.adlightning.com
14 cdn.taboola.com www.chicagotribune.com
cmp.osano.com
13 opps.taboola.com vidstat.taboola.com
13 tpc.googlesyndication.com 2 redirects 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
tagan.adlightning.com
12 sync.1rx.io 11 redirects www.chicagotribune.com
11 image2.pubmatic.com 4 redirects s.amazon-adsystem.com
ads.pubmatic.com
10 c1.adform.net 8 redirects ads.pubmatic.com
10 pr-bh.ybp.yahoo.com 7 redirects u.openx.net
rtb.gumgum.com
s.amazon-adsystem.com
10 match.sharethrough.com 1 redirects s.amazon-adsystem.com
match.sharethrough.com
10 s2l.sendtonews.com embed.sendtonews.com
10 d29xw9s9x32j3w.cloudfront.net www.chicagotribune.com
embed.sendtonews.com
10 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.chicagotribune.com
p.ad.gt
10 r610.chicagotribune.com www.chicagotribune.com
r610.chicagotribune.com
cmp.osano.com
9 id5-sync.com 8 redirects cdn.id5-sync.com
9 match.prod.bidr.io 9 redirects
9 x.bidswitch.net 7 redirects s.amazon-adsystem.com
ads.pubmatic.com
9 pixel.tapad.com 6 redirects sync-amz.ads.yieldmo.com
s.amazon-adsystem.com
9 ids.ad.gt 1 redirects www.chicagotribune.com
9 ib.adnxs.com 5 redirects htlbid.com
embed.sendtonews.com
s.amazon-adsystem.com
9 fonts.gstatic.com fonts.googleapis.com
8 insight.adsrvr.org www.chicagotribune.com
8 sync.taboola.com ch-match.taboola.com
imprchmp.taboola.com
8 ups.analytics.yahoo.com 8 redirects
8 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
embed.sendtonews.com
8 ad.turn.com 8 redirects
8 onetag-sys.com 4 redirects s.amazon-adsystem.com
www.chicagotribune.com
8 tagan.adlightning.com cmp.osano.com
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
tagan.adlightning.com
8 fonts.googleapis.com www.chicagotribune.com
client
embed.sendtonews.com
cmp.osano.com
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
7 ch-vid-events.taboola.com www.chicagotribune.com
vidstat.taboola.com
7 secure.adnxs.com 7 redirects
7 pubads.g.doubleclick.net embed.sendtonews.com
imasdk.googleapis.com
www.chicagotribune.com
7 pagead2.googlesyndication.com imasdk.googleapis.com
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
tagan.adlightning.com
6 simage4.pubmatic.com ads.pubmatic.com
6 image8.pubmatic.com 6 redirects
6 image6.pubmatic.com ads.pubmatic.com
6 c.amazon-adsystem.com cmp.osano.com
embed.sendtonews.com
c.amazon-adsystem.com
6 collector2.sophi.io cdn.sophi.io
5 adservices.brandcdn.com www.chicagotribune.com
5 z.moatads.com cmp.osano.com
www.chicagotribune.com
svastx.moatads.com
tagan.adlightning.com
5 cs.media.net 5 redirects
5 sync.targeting.unrulymedia.com 3 redirects match.sharethrough.com
sync-amz.ads.yieldmo.com
5 us-u.openx.net 2 redirects google-bidout-d.openx.net
u.openx.net
5 trc.taboola.com cdn.taboola.com
ch-match.taboola.com
imprchmp.taboola.com
5 ads.yieldmo.com htlbid.com
sync-amz.ads.yieldmo.com
5 lexicon.33across.com 1 redirects www.chicagotribune.com
cdn-ima.33across.com
embed.sendtonews.com
5 jadserve.postrelease.com cmp.osano.com
www.chicagotribune.com
5 zephr.chicagotribune.com assets.zephr.com
5 embed.sendtonews.com 1 redirects www.chicagotribune.com
embed.sendtonews.com
5 cdn-p.cityspark.com cdn.cityspark.com
cdn-p.cityspark.com
4 video-assets.brandcdn.com svastx.moatads.com
www.chicagotribune.com
4 idsync.rlcdn.com 2 redirects www.chicagotribune.com
4 www.googleadservices.com www.chicagotribune.com
4 encrypted-tbn3.gstatic.com 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
4 uipglob.semasio.net 3 redirects s.amazon-adsystem.com
4 image4.pubmatic.com 2 redirects ads.pubmatic.com
s.amazon-adsystem.com
4 creativecdn.com 4 redirects
4 sync-dsp.ad-m.asia 1 redirects u.openx.net
ch-match.taboola.com
ads.pubmatic.com
4 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
4 b1sync.zemanta.com 4 redirects
4 ad.doubleclick.net 2 redirects www.chicagotribune.com
4 aax.amazon-adsystem.com c.amazon-adsystem.com
imasdk.googleapis.com
4 www.i.matheranalytics.com www.chicagotribune.com
4 www.tribdss.com 2 redirects www.chicagotribune.com
4 sb.scorecardresearch.com 1 redirects www.chicagotribune.com
3 aax-fe-sin.amazon-adsystem.com www.chicagotribune.com
3 edge.blockboardtech.com www.chicagotribune.com
3 js.brealtime.com vidstat.taboola.com
tagan.adlightning.com
3 direct.ad.cpe.dotomi.com vidstat.taboola.com
3 ipac.ctnsnet.com 2 redirects ads.pubmatic.com
3 encrypted-tbn2.gstatic.com 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
3 um.simpli.fi 3 redirects
3 www.googletagservices.com 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
tagan.adlightning.com
3 match.deepintent.com rtb.gumgum.com
s.amazon-adsystem.com
ads.pubmatic.com
3 sync.ipredictive.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 cms.quantserve.com 3 redirects
3 eb2.3lift.com 3 redirects
3 ch-match.taboola.com cmp.osano.com
3 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com cmp.osano.com
3 htlb.casalemedia.com htlbid.com
embed.sendtonews.com
3 tlx.3lift.com htlbid.com
embed.sendtonews.com
3 hbopenbid.pubmatic.com htlbid.com
embed.sendtonews.com
3 www.google.com www.chicagotribune.com
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
3 cdn-ima.33across.com cmp.osano.com
www.chicagotribune.com
3 imasdk.googleapis.com cmp.osano.com
imasdk.googleapis.com
3 accounts.google.com cmp.osano.com
accounts.google.com
3 www.googletagmanager.com www.chicagotribune.com
cmp.osano.com
3 cmp.osano.com www.chicagotribune.com
cmp.osano.com
2 ch-wf.taboola.com vidstat.taboola.com
2 pm.w55c.net 2 redirects
2 beacon-nf.rubiconproject.com www.chicagotribune.com
2 pubmatic-match.dotomi.com 2 redirects
2 cm.adgrx.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 pippio.com 2 redirects
2 cm.ambientdsp.com 2 redirects
2 dpm.demdex.net 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 taboola-d.openx.net vidstat.taboola.com
2 sync.teads.tv 1 redirects 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
2 csync.loopme.me 2 redirects
2 rtb2-useast.e-volution.ai 2 redirects
2 encrypted-tbn1.gstatic.com 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects s.amazon-adsystem.com
2 mb.moatads.com cmp.osano.com
2 sync.crwdcntrl.net 1 redirects s.amazon-adsystem.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 hb.yahoo.net s.amazon-adsystem.com
www.chicagotribune.com
2 px.ads.linkedin.com s.amazon-adsystem.com
www.chicagotribune.com
2 www.gstatic.com 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
2 sync-pm.ads.yieldmo.com sync-amz.ads.yieldmo.com
2 bh.contextweb.com 2 redirects
2 rtb.openx.net 1 redirects u.openx.net
2 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
2 ssbsync-us.smartadserver.com 2 redirects
2 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
2 static.criteo.net cmp.osano.com
static.criteo.net
2 imprchmp.taboola.com www.chicagotribune.com
cmp.osano.com
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 cdn.confiant-integrations.net cmp.osano.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 tg.socdm.com 2 redirects
2 targeting.unrulymedia.com embed.sendtonews.com
2 id.hadron.ad.gt cdn.hadronid.net
2 oajs.openx.net 1 redirects www.chicagotribune.com
2 bidder.criteo.com htlbid.com
2 direct.adsrvr.org htlbid.com
2 fastlane.rubiconproject.com htlbid.com
2 hb.yellowblue.io htlbid.com
2 pm-widget.taboola.com cmp.osano.com
2 cdn.hadronid.net www.chicagotribune.com
a.ad.gt
2 secure.cdn.fastclick.net www.chicagotribune.com
cmp.osano.com
2 config.aps.amazon-adsystem.com c.amazon-adsystem.com
cmp.osano.com
2 geo.privacymanager.io launchpad.privacymanager.io
2 consent.api.osano.com cmp.osano.com
2 cdnjs.cloudflare.com cmp.osano.com
embed.sendtonews.com
2 js.matheranalytics.com 1 redirects www.chicagotribune.com
2 cdn.onesignal.com www.chicagotribune.com
cmp.osano.com
2 tribune.blueconic.net r610.chicagotribune.com
cmp.osano.com
2 assets.zephr.com www.chicagotribune.com
2 htlbid.com www.chicagotribune.com
1 usermatch.targeting.unrulymedia.com 1 redirects
1 p.rfihub.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 choices-or.trustarc.com imasdk.googleapis.com
1 cache.sendtonews.com embed.sendtonews.com
1 sg2-bid.adsrvr.org www.chicagotribune.com
1 s.update.rubiconproject.com www.chicagotribune.com
1 i.w55c.net 1 redirects
1 beacon-sin1.rubiconproject.com www.chicagotribune.com
1 t.adx.opera.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 ap.lijit.com americanhometownmedia.com
1 svastx.moatads.com cmp.osano.com
1 tags.rd.linksynergy.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 choices.trustarc.com www.chicagotribune.com
1 cds.taboola.com cdn.taboola.com
1 app.cauly.co.kr 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
1 sync.fout.jp 1 redirects
1 dsp.adkernel.com 1 redirects
1 rt.gsspat.jp 1 redirects
1 pips.taboola.com cdn.taboola.com
1 encrypted-tbn0.gstatic.com 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
1 cs.minutemedia-prebid.com s.amazon-adsystem.com
1 exchange.mediavine.com s.amazon-adsystem.com
1 events-ssc.33across.com s.amazon-adsystem.com
1 ssc-cms.33across.com 1 redirects
1 id.rlcdn.com 1 redirects
1 s.seedtag.com s.amazon-adsystem.com
1 bttrack.com 1 redirects
1 wf.taboola.com vidstat.taboola.com
1 sync.mathtag.com 1 redirects
1 c7.eu-4-id5-sync.com cdn.id5-sync.com
1 c6.eu-4-id5-sync.com cdn.id5-sync.com
1 c5.eu-4-id5-sync.com cdn.id5-sync.com
1 c4.eu-4-id5-sync.com cdn.id5-sync.com
1 c3.eu-4-id5-sync.com cdn.id5-sync.com
1 c2.eu-4-id5-sync.com cdn.id5-sync.com
1 c1.eu-4-id5-sync.com cdn.id5-sync.com
1 c0.eu-4-id5-sync.com cdn.id5-sync.com
1 c7.eu-3-id5-sync.com cdn.id5-sync.com
1 c6.eu-3-id5-sync.com cdn.id5-sync.com
1 c5.eu-3-id5-sync.com cdn.id5-sync.com
1 c4.eu-3-id5-sync.com cdn.id5-sync.com
1 c3.eu-3-id5-sync.com cdn.id5-sync.com
1 c2.eu-3-id5-sync.com cdn.id5-sync.com
1 c1.eu-3-id5-sync.com cdn.id5-sync.com
1 c0.eu-3-id5-sync.com cdn.id5-sync.com
1 sync1.intentiq.com www.chicagotribune.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 prebid.a-mo.net s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 americanhometownmedia.com cmp.osano.com
1 vidstatb.taboola.com www.chicagotribune.com
1 crb.kargo.com s.amazon-adsystem.com
1 u.openx.net s.amazon-adsystem.com
1 pixels.ad.gt p.ad.gt
1 s.ad.smaato.net 1 redirects
1 trace.mediago.io 1 redirects
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 sync.go.sonobi.com 1 redirects
1 p.ad.gt a.ad.gt
1 mng-trib-tagan.adlightning.com tagan.adlightning.com
1 d24zb9qreavi2u.cloudfront.net www.chicagotribune.com
1 trc-events.taboola.com www.chicagotribune.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 google-bidout-d.openx.net cmp.osano.com
1 hb.undertone.com embed.sendtonews.com
1 prebid-server.rubiconproject.com embed.sendtonews.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 gum.criteo.com cmp.osano.com
1 cdn.id5-sync.com cmp.osano.com
1 s0.2mdn.net cmp.osano.com
1 tags.crwdcntrl.net cmp.osano.com
1 cdn.prod.uidapi.com cmp.osano.com
1 invstatic101.creativecdn.com cmp.osano.com
1 oa.openxcdn.net cmp.osano.com
1 dyv1bugovvq1g.cloudfront.net htlbid.com
1 ams-pageview-public.s3.amazonaws.com www.chicagotribune.com
1 d15kdpgjg3unno.cloudfront.net cmp.osano.com
1 pixel.quantserve.com cdn.cityspark.com
1 cdn.jsdelivr.net cdn.cityspark.com
1 www.google.com.au www.chicagotribune.com
1 player.sendtonews.com embed.sendtonews.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 js-sec.indexww.com cmp.osano.com
1 launchpad.privacymanager.io cmp.osano.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d1y4ng3lozj2yp.cloudfront.net cmp.osano.com
1 authenticate.chicagotribune.com cmp.osano.com
1 p1.parsely.com www.chicagotribune.com
1 cdn.sophi.io www.chicagotribune.com
1 s.ntv.io www.chicagotribune.com
1 ssor.tribdss.com www.chicagotribune.com
1 embedcdn.sendtonews.com www.chicagotribune.com
1 launchpad-wrapper.privacymanager.io www.googletagmanager.com
1 cdn.parsely.com www.googletagmanager.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net www.chicagotribune.com
1 cdn.cityspark.com www.chicagotribune.com
1 leisureblogs.chicagotribune.com 1 redirects
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 cs.nex8.net Failed u.openx.net
778 269
Subject Issuer Validity Valid
tronc.web.arc-cdn.net
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
htlbid.com
Amazon RSA 2048 M01		 2023-09-21 -
2024-10-18		 a year crt.sh
r610.chicagotribune.com
Amazon RSA 2048 M02		 2023-01-24 -
2024-02-23		 a year crt.sh
assets.zephr.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-26		 a year crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-24 -
2024-08-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
cdn-p.cityspark.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
www.trbimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-24 -
2024-05-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
zephr.sun-sentinel.com
Amazon RSA 2048 M02		 2023-12-08 -
2025-01-05		 a year crt.sh
cdn.sophi.io
Amazon RSA 2048 M01		 2023-09-17 -
2024-10-15		 a year crt.sh
authenticate.baltimoresun.com
Amazon RSA 2048 M01		 2023-08-11 -
2024-09-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.sophi.io
Amazon RSA 2048 M01		 2023-04-11 -
2024-05-10		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-08-30 -
2024-09-28		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2023-10-22 -
2024-11-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
*.api.osano.com
Amazon RSA 2048 M03		 2023-09-27 -
2024-10-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
rkdms.com
Amazon RSA 2048 M03		 2023-10-30 -
2024-11-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M03		 2023-08-14 -
2024-09-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.blazingcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-07-05 -
2024-08-04		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-09-23 -
2024-10-20		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
*.prod.apse1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-05-14 -
2024-06-14		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.eu-3-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.eu-4-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.cauly.co.kr
Sectigo RSA Organization Validation Secure Server CA		 2023-02-17 -
2024-03-06		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2023-01-23 -
2024-02-24		 a year crt.sh
*.blockboardtech.com
Sectigo RSA Organization Validation Secure Server CA		 2023-10-13 -
2024-10-13		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.brandcdn.com
Amazon RSA 2048 M02		 2023-08-02 -
2024-08-30		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
aax-fe-sin.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-07-20 -
2024-03-31		 8 months crt.sh
post.update.rubiconproject.com
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh

This page contains 90 frames:

Primary Page: https://www.chicagotribune.com/entertainment/theater/
Frame ID: 20A0D6F4D624F16F5E24C1F58DFD34D9
Requests: 374 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 289C6ABDCBE18A0E244A58899CDC2DCD
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 88287CBDDFE58AC60B53EC51EBE2AE97
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: E1899F23E225C429F89B45F2770E75B3
Requests: 41 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Frame ID: E31934D98C285E93554419A1B2C9DA2D
Requests: 29 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 3894AB5326F7A2F3B7D5E2F58ABF01F7
Requests: 37 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 11242CE9F66FB144471221F5E46489B6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&dcc=t
Frame ID: B253E1022529A3309DB4F96227A0C41A
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A10FB1674403BC243DAE1EEC75293806
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&dcc=t
Frame ID: E7D11F49BF6D5B9E84C557BA61A12DF2
Requests: 1 HTTP requests in this frame

Frame: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A82FAA031D4D0E3CA209E32B1DC11303
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 852C4F3E84E0085173DD51DAAB5E874E
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: E8F230A988E4D00181EE91A19BF9E887
Requests: 7 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&cmcv=&pix=undefined&cb=1703406868822&uv=3369&tms=1703406868822&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=22868239-578d-453c-a786-86fd8262cd6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D9B5F11FF2449728225E735B436DC041
Requests: 4 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 55696AC39DF83EB4ECA152B31D7DA8EB
Requests: 4 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 0FAACCA9A25499EF93A2713E26F19A5F
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: CC4B239F5AC9531E5A8234FBA9C04574
Requests: 16 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 96AB134931069C59422788D1AE519DBD
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 0DE6640741C85557893EC4C8D75E64B9
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8373794662626828817&gdpr=0&gdpr_consent=
Frame ID: 73DCF146B23E1AD342D19D071ED4F59D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
Frame ID: 31833EE8708CF09931964EB317D313E1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 57FA1788D9A0BC67453FFC1E4B53ED3A
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 8CF9716DD8E6A7AE88232DEA04704ECC
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1464830199205929643&gdpr=0&gdpr_consent=
Frame ID: 00C83CBA21AFB376A4E33DFEBFF18A2C
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 480C00656D3E5303F8881CDD4D8DBA2F
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 28C8C3057B3DB6295C24F450278EE670
Requests: 7 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: A114C024AA8CD9BF7C197E0DD2D49D37
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: ECB9A62CC5F4D068BC3720ED78E463FC
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS05Y01vd1A5RTJ1S0xocEc0ZVZScFQ0RHlOOUpjNW00S35B&gdpr=0
Frame ID: C5A4E5159CF9E007DEF5E9AC063F6435
Requests: 1 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/dinitsync?partners=A9
Frame ID: C85EFB41D54A29F7A61EEC599E6DE25C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=399068538422166660&ex=appnexus.com&gdpr=0
Frame ID: 0E8190F8423524A77BD9C9149D1E167B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
Frame ID: 919A0CB4A9482BEDC8972272414C074D
Requests: 1 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D1690208FA2634F04CE70983FC5B1E9B
Requests: 4 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D589A5183F6E85CAE06AD050D9CDC1F7
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=8014188516637391106&gdpr=0&gdpr_consent=
Frame ID: F558A41BAE203EDBA5DCFB049CE602C5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84NDQ5NDMzNi1mMWUyLTQ3MWUtOTkzZi1lZTBkZWY5MWJhMWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 9B2E083DBABC954B3C42FDB6DDAF57E4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 4E4073981FED9BAEB3D41DE5FEB5DE61
Requests: 6 HTTP requests in this frame

Frame: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7A279C2F005AC021FA4C236737454E42
Requests: 22 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=da55406d-0593-41c8-8da4-7f3f342c02e4
Frame ID: 42A4EFE03F5A70A32E78D1F98598595B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZYftFcCo8X4AAJcvMlkAAAAA
Frame ID: A04A571B73F23893BBA46D11B2869640
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=gumgum&tc=1
Frame ID: 0AF54779B06C384B839983F52FAAA404
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 09F41187D4743046468159F85004D572
Requests: 4 HTTP requests in this frame

Frame: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 57D528EF80E25CEDA5CC425E488A3195
Requests: 20 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
Frame ID: 77EBA99DBFD09DE5D6570D754DB1F48F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3D86ADBB-57FD-485D-B899-815E8B54C115
Frame ID: E8175E1B511CF76F58E3023000F8052F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6CE963070C00D849CAE78772D4A30D13
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4159D33E73D5598671D6021F8378597D
Requests: 9 HTTP requests in this frame

Frame: https://js.brealtime.com/ovvbundle_moat.js
Frame ID: 2C418D75F66E7E54FFE94C7EC1F03309
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 99BA5522F1673FC5FDBB127DCA3D9F2E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 1CF01D2AFC9439CC452876E02C177195
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: FC14E84ACD1CDBC60B17F67B69564F63
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Frame ID: B780EB2B14AF0E1B9C007864B9819AFB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
Frame ID: 27538F1F577A0BFFB2C1B3F79BBD300C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 49941FB9B64D5EF9086D74ABAE3B2132
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
Frame ID: FEDFFD9FCA53EED2DCEE03A36219C083
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqrevdw
Frame ID: 9AADFFBA6696FD650F1B733DFB6E7A16
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYftGAAJRJlQNgBd
Frame ID: C05B047094A5426528BE57218BFAA7D3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3D86ADBB-57FD-485D-B899-815E8B54C115
Frame ID: D288B9A9EB79C7114B3D66E75AC74C1B
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Frame ID: 5AD161FECFBDE31C4BEDBEF20A4C2DE7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
Frame ID: 8B551D4372395F11063565723056154F
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=59b201f5-c634-4e16-bff3-57b346a63eba&ssp=pubmatic
Frame ID: 87A54E6213573CD10782648D1C1E2C1B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
Frame ID: E17981ED37901931F967E8BDA840FE7A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqzd5gu
Frame ID: 7DA3931B545B23191066D6927EC9DBBA
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYftGAAJRBlPvQBd
Frame ID: 797FBA12A88061E19500D2FE21E212A3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3D86ADBB-57FD-485D-B899-815E8B54C115
Frame ID: 6A31E1149D6B8D0E082D97D650B55C5F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 04EA71F6933483E98714F95949EB834F
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Frame ID: 190C8C4691779840F9B67FBAECBE44E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=3b2d592dc9ac45cbb2094f80984b7787
Frame ID: 72A6C4069F178D97A7D24DC6EB19F4D3
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F09AF6FA10383498AB670BD9F80B0234
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 35B44D48B484EE545B7CCEB3F8422AF2
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: B3B9A5D2D043B91AC0C3D72910EA7711
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LgFc_1bCCu-P20E8Ge2HZQ
Frame ID: CCDC478B830F2CF96541093F68972B9A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e769bebd2a24c9d831699de6e92e752
Frame ID: 4E60BBBEE88610C2A6959C25B472B126
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4429924a-a237-11ee-a3ad-6fd26945a56d
Frame ID: 9CFB574446D27CF46D6E4A2AB4ADD52A
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 3EC06D0D9592E1F2D3331E5B4C82E450
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=3D86ADBB-57FD-485D-B899-815E8B54C115
Frame ID: 4E6DE2CA72B18FBD6BAC8F000673F525
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Frame ID: CAB7458D219A253F75B775C0E94A9E53
Requests: 6 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3D86ADBB-57FD-485D-B899-815E8B54C115
Frame ID: F4C88B6FE36D58DD348F44D9BC388461
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 59FCFD7F306C90111C5AF17FDDC949F6
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: CECBC64DA6BFF108EC65330590944339
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A3BC5430F2FFE2165898BF85ED9C8A56
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 3BD32E4E2EF45CFBE58AD319DA855E1B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fwAVYZfJ1RhjWr5&gdpr=0&gdpr_consent=
Frame ID: 60D9B4627872B15E002D9AF22F60FA53
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3D86ADBB-57FD-485D-B899-815E8B54C115
Frame ID: FABAB4BEB7030EB1BD21668A014AFC1E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1977432095613495040
Frame ID: E8FDCF6833C217D7FD05DE0BC35A3FF1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Frame ID: FBE7D0BACCBB5327819A89F665B1E7ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C7638686559407991A04AAA71D259CA&gdpr=0&gdpr_consent=
Frame ID: D799B0E7C77B3A9AF257BB10B109F0F1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=3D86ADBB-57FD-485D-B899-815E8B54C115
Frame ID: 7EC9CBC0DA71EC454E3AE986CEB3929B
Requests: 1 HTTP requests in this frame

Frame: https://js.brealtime.com/ovvbundle_moat.js
Frame ID: D97B018EC0150F4A7E10DB946D489979
Requests: 2 HTTP requests in this frame

Frame: https://js.brealtime.com/ovvbundle_moat.js
Frame ID: 5DD0C0F6B470FAC53F83DBA43F0247A7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Theater Loop: Chicago Theater News & Reviews - Chicago TribuneClose this dialogGroup 3Group 3Group 3Group 3

Page URL History Show full URLs

  1. http://leisureblogs.chicagotribune.com/the_theater_loop/just-for-laughs/ HTTP 301
    http://www.chicagotribune.com/entertainment/theater/ HTTP 301
    https://www.chicagotribune.com/entertainment/theater/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

778
Requests

80 %
HTTPS

0 %
IPv6

137
Domains

269
Subdomains

174
IPs

13
Countries

34634 kB
Transfer

50358 kB
Size

229
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://leisureblogs.chicagotribune.com/the_theater_loop/just-for-laughs/ HTTP 301
    http://www.chicagotribune.com/entertainment/theater/ HTTP 301
    https://www.chicagotribune.com/entertainment/theater/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1703406865183&ns_c=UTF-8&c8=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1703406865183&ns_c=UTF-8&c8=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&c9=
Request Chain 49
  • https://embed.sendtonews.com/player3/embedcode.js?fk=oX3gvkbQ&cid=4591 HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.3/embed.js
Request Chain 51
  • https://www.tribdss.com/meter/chiarc.min.js HTTP 302
  • https://www.tribdss.com/meter/chiarc.min.js?disabled=international
Request Chain 58
  • https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1643 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma89701/fusion/15/ml.br.js
Request Chain 69
  • https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js HTTP 302
  • https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international
Request Chain 130
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---&b=1&g=8jduupS35%2Flp9DNaSO6ufsEtzFkHiLj%2FVaeQAcmSRyw%3D&fp=LFMoCKbD9SoGRa7X6Yy6mmXhYH5TKuL1PIH1Mgm3REskUGuvofZspvlnUFcg%2FoFvfwhZJVhQi4k2DSIOFsbkYg%3D%3D
Request Chain 207
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&rid=esp&cc=1
Request Chain 241
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&dcc=t
Request Chain 260
  • https://match.adsrvr.org/track/cmf/openx?oxid=62b80b6b-bf0b-7356-fbed-63b3780ef663&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=da55406d-0593-41c8-8da4-7f3f342c02e4&ttd_puid=62b80b6b-bf0b-7356-fbed-63b3780ef663&gdpr=0&gdpr_consent=
Request Chain 261
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYftFMCo8X4AAJcvMggAAAAA
Request Chain 262
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWTyUUvmQbZ3ks8AEDxkFOa8p88AAAGMmvYV1g
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGVkN2Q4YTEtNzY3Yy0yZGYyLWVlMGQtMzkwYWIyZWMzODAz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGVkN2Q4YTEtNzY3Yy0yZGYyLWVlMGQtMzkwYWIyZWMzODAz&google_tc=
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF7OUdK07DXpeNEGkWEErVg&google_cver=1
Request Chain 267
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&dcc=t
Request Chain 279
  • https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.377742089;dc_trk_aid=568855039;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=chicagotribune.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.377742089;dc_pre=CI-GrorVp4MDFb6crAIdQZgBPw;dc_trk_aid=568855039;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=chicagotribune.com
Request Chain 280
  • https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.382497703;dc_trk_aid=573526408;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=chicagotribune.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.382497703;dc_pre=CNCJrorVp4MDFfzUcwEd5pIGZw;dc_trk_aid=573526408;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=chicagotribune.com
Request Chain 291
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001703406868-JDOOG8VT-7B3G%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&adnxs_id=399068538422166660&gdpr=0
Request Chain 292
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703406868-JDOOG8VT-7B3G&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
Request Chain 293
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703406868-JDOOG8VT-7B3G HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703406868-JDOOG8VT-7B3G HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=73B371E3-A85A-4D1A-AD8C-90FAF9FA26DB&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
Request Chain 294
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001703406868-JDOOG8VT-7B3G&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&rub=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 295
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001703406868-JDOOG8VT-7B3G&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703406868-JDOOG8VT-7B3G%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001703406868-JDOOG8VT-7B3G&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703406868-JDOOG8VT-7B3G%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e42cd243-253d-41b2-a603-b0125185d9c0%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001703406868-JDOOG8VT-7B3G%252526tapad_id%25253De42cd243-253d-41b2-a603-b0125185d9c0%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=da55406d-0593-41c8-8da4-7f3f342c02e4&ttd_puid=e42cd243-253d-41b2-a603-b0125185d9c0%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001703406868-JDOOG8VT-7B3G%2526tapad_id%253De42cd243-253d-41b2-a603-b0125185d9c0%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&tapad_id=e42cd243-253d-41b2-a603-b0125185d9c0
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001703406868-JDOOG8VT-7B3G HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&google_gid=CAESEPO7eA9FESy2tQZQ3K9StN0&google_cver=1&google_ula=450542624,0
Request Chain 297
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001703406868-JDOOG8VT-7B3G HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNjg2OC1KRE9PRzhWVC03QjNH
Request Chain 299
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&uid=cf077e2d-1baa-45dc-a6b7-5ae6f51e5aa5&gdpr=0
Request Chain 340
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1703406869133 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3131816302 HTTP 302
  • https://sync.1rx.io/usersync/turn/3288562651539434917?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Request Chain 341
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=f5ef61cad29783d52lw51100lqj8gw9i
Request Chain 342
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AANRO07LD9oAABPGPvuH7w&ex=beeswax.com
Request Chain 343
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=inxaI5FQsZCutLXIcKrX
Request Chain 349
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8373794662626828817&gdpr=0&gdpr_consent=
Request Chain 350
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
Request Chain 351
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3464084682889919000V10
Request Chain 352
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=4a1dd63e35
Request Chain 358
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1464830199205929643&gdpr=0&gdpr_consent=
Request Chain 363
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS05Y01vd1A5RTJ1S0xocEc0ZVZScFQ0RHlOOUpjNW00S35B&gdpr=0
Request Chain 365
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=399068538422166660&ex=appnexus.com&gdpr=0
Request Chain 366
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
Request Chain 378
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ve6BVxaNyngdmS8EqxfM2Q==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 380
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3216505057501506981&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 381
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
Request Chain 382
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Request Chain 383
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-.Dcy.5VE2oQQ.bfRTkbShiNMcKPGqWhgjBi5Qg--~A
Request Chain 384
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
Request Chain 385
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-18kcs5dE2oRCZvNNqYRvd6PIXZ4dmG4s6VrUtQ--~A
Request Chain 386
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Request Chain 392
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
Request Chain 393
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CxSDwvRE2oRbuVtso9j96NjgVB2TwgzEkQ4ppw--~A
Request Chain 394
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Request Chain 395
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=399068538422166660
Request Chain 396
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_84494336-f1e2-471e-993f-ee0def91ba1d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_84494336-f1e2-471e-993f-ee0def91ba1d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=eZ_33CrO_thinPfeeMjiiCvJ-Ipinf-ILJ38XqmO HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 397
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=9585af1b-971e-4b00-9c96-735eb05ef725
Request Chain 398
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163
Request Chain 400
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2
Request Chain 402
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_84494336-f1e2-471e-993f-ee0def91ba1d&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=a_84494336-f1e2-471e-993f-ee0def91ba1d&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=J0E_35ZT18WcvxK00xMq&gdpr=0
Request Chain 403
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=VVZLKk9GD3eK&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 404
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1183772345424093850
Request Chain 407
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=8014188516637391106&gdpr=0&gdpr_consent=
Request Chain 411
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=da55406d-0593-41c8-8da4-7f3f342c02e4
Request Chain 412
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZYftFcCo8X4AAJcvMlkAAAAA
Request Chain 413
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=gumgum&tc=1
Request Chain 414
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZTEwZmQwZjEtNmMxNC00NTdmLThkYTYtZDk2NWYzMWQ0NjUy HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 419
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
Request Chain 420
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
Request Chain 421
  • https://sync.1rx.io/usersync2/sharethrough HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2262714961 HTTP 302
  • https://sync.1rx.io/usersync/turn/3288562651539434917?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MzA0NmZjZTUtMjBjZC00YjdiLTg4OTgtMmM3Y2Q5OTljNGEy HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 424
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
Request Chain 425
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFOUk8wN0xEOW9BQUJQR1B2dUg3dw&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AANRO07LD9oAABPGPvuH7w&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cshr%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AANRO07LD9oAABPGPvuH7w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cshr%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AANRO07LD9oAABPGPvuH7w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AANRO07LD9oAABPGPvuH7w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1183772345424093850&gdpr=0&gdpr_consent= HTTP 303
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AANRO07LD9oAABPGPvuH7w&gdpr=0
Request Chain 428
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zViwwwll1wyy78f92HY HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4
Request Chain 429
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3zViwwwll1wyy78f92HY HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De42cd243-253d-41b2-a603-b0125185d9c0%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=399068538422166660&pt=e42cd243-253d-41b2-a603-b0125185d9c0%2C%2C
Request Chain 430
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3288562651539434917&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D3D86ADBB-57FD-485D-B899-815E8B54C115%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Request Chain 431
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEBIg7KFCVnt1ntRbutSOPwU&google_cver=1
Request Chain 434
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=399068538422166660&pn_id=an
Request Chain 435
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5520538372 HTTP 302
  • https://sync.1rx.io/usersync/turn/3288562651539434917?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Request Chain 436
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3288562651539434917&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D3D86ADBB-57FD-485D-B899-815E8B54C115%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Request Chain 437
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zViwwwll1wyy78f92HY HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4
Request Chain 438
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Request Chain 439
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-nojwU2VE2oQXVBSXYGiNKUzpnvUKFiWhlchsYQ--~A
Request Chain 440
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
Request Chain 443
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LQJ8GVDY-1Y-64YE HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQJ8GVDY-1Y-64YE&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 468
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&expires=30
Request Chain 469
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFKOEdWRFktMVktNjRZRQ==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOOehj8ojSKGJMUwYevMOcw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKOEdWRFktMVktNjRZRQ==&google_push=&gdpr=0
Request Chain 470
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bR2C6MA-09iQFRpNIv4Jvsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0kaJxMFE2oLSihe_p94qUZLuezxETGtsetjFLQ--~A
Request Chain 471
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBMqHy1tO8SF2G2shYmKH_g&google_cver=1
Request Chain 473
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzViZjYwZjBiMmVkM2MyMTkxMDViNGM5NDNjNjdlMzY1MzBjNzQ2Mg&gdpr=0
Request Chain 474
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQJ8GVDY-1Y-64YE&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 476
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rcscWOiKQv6HEVCBIywU2A&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rcscWOiKQv6HEVCBIywU2A&gdpr=0
Request Chain 477
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AANRO07LD9oAABPGPvuH7w&expires=30&gdpr=0
Request Chain 478
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 479
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQJ8GVDY-1Y-64YE&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQJ8GVDY-1Y-64YE&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS14aEFuTEN0RTJ1R1ZnUFAuMmFxVHVGMHFBWVdwSnptZn5B&gdpr=0&ovsid=LQJ8GVDY-1Y-64YE&dpid=58160
Request Chain 480
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQJ8GVDY-1Y-64YE&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ8GVDY-1Y-64YE HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ8GVDY-1Y-64YE&ckls=true&ci=Cz6q3A3G0F&nc=false&trid=-1166247560
Request Chain 481
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 482
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 483
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQJ8GVDY-1Y-64YE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQJ8GVDY-1Y-64YE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Request Chain 500
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:05c66587-ed16-4e00-877f-4096355e4ab0&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D86ADBB-57FD-485D-B899-815E8B54C115&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
Request Chain 502
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PYatu1f9SF24mYFei1TBFQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 503
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3D86ADBB-57FD-485D-B899-815E8B54C115 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De42cd243-253d-41b2-a603-b0125185d9c0%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=399068538422166660&pt=e42cd243-253d-41b2-a603-b0125185d9c0%2C%2C
Request Chain 505
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3D86ADBB-57FD-485D-B899-815E8B54C115&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3D86ADBB-57FD-485D-B899-815E8B54C115&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 506
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q4NkFEQkItNTdGRC00ODVELUI4OTktODE1RThCNTRDMTE1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 507
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN7fmBqWyTve3HOV1Z0a1so&google_cver=1
Request Chain 508
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5C7638686559407991A04AAA71D259CA HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D86ADBB-57FD-485D-B899-815E8B54C115&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
Request Chain 510
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
Request Chain 527
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2&expires=30&gdpr=0
Request Chain 528
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 529
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQJ8GVDY-1Y-64YE&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQJ8GVDY-1Y-64YE&gdpr=0&dnr=1
Request Chain 530
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Request Chain 531
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=7c9e6dd1-b7e2-45bf-9abd-e3445a7b115c
Request Chain 532
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 533
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=d00171fc-9f97-4b7e-b540-f89192de852d&gdpr=0
Request Chain 534
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8877890029443442616
Request Chain 535
  • https://ad.turn.com/r/cs?pid=6&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3288562651539434917&expires=60&gdpr=0&gdpr_consent=
Request Chain 536
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=399068538422166660&expires=30&gdpr=0
Request Chain 537
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5740123107 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/da55406d-0593-41c8-8da4-7f3f342c02e4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004&expires=30
Request Chain 538
  • https://id.rlcdn.com/709414.gif?gdpr=0 HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 539
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQJ8GVDY-1Y-64YE&gdpr=0 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQJ8GVDY-1Y-64YE&ts=1703406871&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 541
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 542
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQJ8GVDY-1Y-64YE&gdpr=0
Request Chain 547
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LQJ8GVDY-1Y-64YE HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LQJ8GVDY-1Y-64YE&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 554
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF HTTP 301
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
Request Chain 559
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF HTTP 301
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
Request Chain 565
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEI9JpWKkN81kpjz0FMQmeNI&google_cver=1&google_push=AXcoOmTRCfYzfntlZeXXrNc-7Y1JGSreMI3AWngwBoo52-cmhh4ABNoWkNPmyOFPTtgk-LENjvkBTOlj2f_c1Vw5BrXONNmujiwOak63uLz2FQlf1sQxr-hogSShs1LH_RugFT1uOd2mmhoK4X0EiQ0bVsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTRCfYzfntlZeXXrNc-7Y1JGSreMI3AWngwBoo52-cmhh4ABNoWkNPmyOFPTtgk-LENjvkBTOlj2f_c1Vw5BrXONNmujiwOak63uLz2FQlf1sQxr-hogSShs1LH_RugFT1uOd2mmhoK4X0EiQ0bVsQ&google_hm=Oy1ZLcmsRcuyCU-AmEt3h6M
Request Chain 566
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmSW5R2chIvnd8sbp7zWcGZHKfCEtWkB4Ec3W5RzXGS9tL4KFo5EUNSsN7gJYpXZyAEvFqnED9XKXo8y5LX_xJQCqeM-lRLYy1d8qlmEB1O7Amo-PUtw-r1ZeCbYZNtzmMHdSChR_EI9uZkeJAI1_sQ&google_gid=CAESEADLu9-9dhzouyck4Rvrovw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=FRZkLMAFPgTVm7LE6nPmVA&google_push=AXcoOmSW5R2chIvnd8sbp7zWcGZHKfCEtWkB4Ec3W5RzXGS9tL4KFo5EUNSsN7gJYpXZyAEvFqnED9XKXo8y5LX_xJQCqeM-lRLYy1d8qlmEB1O7Amo-PUtw-r1ZeCbYZNtzmMHdSChR_EI9uZkeJAI1_sQ
Request Chain 567
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC8apaMwMQCHrOfR0uc78OI&google_cver=1&google_push=AXcoOmTibGWK2v-sm7vmlPx5HVXlmPMGQ7mWkdX00FtcJOM231xnCmGmo1UOzW1OxwTIqR1CpPR7wPfbwX-z2rSXDk5Ii7kYVpbzewlxe7HwVkuqRDHtqBI5jObjRrNCap_WFXgBDFGqGHGXcxliWtXJxnc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTibGWK2v-sm7vmlPx5HVXlmPMGQ7mWkdX00FtcJOM231xnCmGmo1UOzW1OxwTIqR1CpPR7wPfbwX-z2rSXDk5Ii7kYVpbzewlxe7HwVkuqRDHtqBI5jObjRrNCap_WFXgBDFGqGHGXcxliWtXJxnc
Request Chain 568
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFTNTz4uiS61fOzw6LFbCQA&google_cver=1&google_push=AXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0ASGw5XROpIaVvb5BP83-d8pSmis0V1UCZy4B3bGC0s_R3pnNtOBg9k5-ydduzL0WCVowXnZTcQaZQFAJ9IYXWd3Vi9mXi_Vcq8cIntGSML HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEFTNTz4uiS61fOzw6LFbCQA%26google_cver%3D1%26google_push%3DAXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0ASGw5XROpIaVvb5BP83-d8pSmis0V1UCZy4B3bGC0s_R3pnNtOBg9k5-ydduzL0WCVowXnZTcQaZQFAJ9IYXWd3Vi9mXi_Vcq8cIntGSML HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8883016734441585047&exchange=193&google_gid=CAESEFTNTz4uiS61fOzw6LFbCQA&google_cver=1&google_push=AXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0ASGw5XROpIaVvb5BP83-d8pSmis0V1UCZy4B3bGC0s_R3pnNtOBg9k5-ydduzL0WCVowXnZTcQaZQFAJ9IYXWd3Vi9mXi_Vcq8cIntGSML HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg4ODMwMTY3MzQ0NDE1ODUwNDc&google_push=AXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0ASGw5XROpIaVvb5BP83-d8pSmis0V1UCZy4B3bGC0s_R3pnNtOBg9k5-ydduzL0WCVowXnZTcQaZQFAJ9IYXWd3Vi9mXi_Vcq8cIntGSML
Request Chain 569
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPUfaZt878aR-oGmjuXGa9Y&google_cver=1&google_push=AXcoOmQT72FvVHPpfH41Ewq2t5zsOvK5cC3wZA2jClSN1B32hiDuHEhSfLhgDZr_QKip60ucdy9kOfTFnjjVGYFHdKyWwQbaakRcfJMvtmtCoiVuF8poj4u0ZNmigWPCw_qlJyvwcDiLFKWyTs4KWfhNohcn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MzA0NmZjZTUtMjBjZC00YjdiLTg4OTgtMmM3Y2Q5OTljNGEy&google_push=AXcoOmQT72FvVHPpfH41Ewq2t5zsOvK5cC3wZA2jClSN1B32hiDuHEhSfLhgDZr_QKip60ucdy9kOfTFnjjVGYFHdKyWwQbaakRcfJMvtmtCoiVuF8poj4u0ZNmigWPCw_qlJyvwcDiLFKWyTs4KWfhNohcn
Request Chain 570
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC8apaMwMQCHrOfR0uc78OI&google_cver=1&google_push=AXcoOmQK7RIlMvWAB9V8btfYdouzJDi7dUcrJbN5vW_qKaCwhM5m5ma5WjRNfmvvdznJjZl4wGhTj19QTQ-RF9SHaJUNxkYrGbxZGWLdKmH0lw-72djLJV_M5oR_VSIwMhiXMiI4O37AAiqyfZfGQjLuaFei HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQK7RIlMvWAB9V8btfYdouzJDi7dUcrJbN5vW_qKaCwhM5m5ma5WjRNfmvvdznJjZl4wGhTj19QTQ-RF9SHaJUNxkYrGbxZGWLdKmH0lw-72djLJV_M5oR_VSIwMhiXMiI4O37AAiqyfZfGQjLuaFei HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 571
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEC_3qMYgEXz-EjrXnTlHhAg&google_cver=1&google_push=AXcoOmQFj2HztU9S3DcQkQR_85IcAW5Ne5jIGV0vKzRGVzsST_Ns-49d8Y4f9I4czHhrtDnlT_91T_TbMpLhWORzKVrvsY8jD3vfLNXeKMxaRXGDk5RZOZfLMwP36zpYTkgSD4AmsRgV3qMElHlR3nTFxJY HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=e35333ea-1399-4000-97f1-5028b5962308&google_cver=1&google_gid=CAESEC_3qMYgEXz-EjrXnTlHhAg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQFj2HztU9S3DcQkQR_85IcAW5Ne5jIGV0vKzRGVzsST_Ns-49d8Y4f9I4czHhrtDnlT_91T_TbMpLhWORzKVrvsY8jD3vfLNXeKMxaRXGDk5RZOZfLMwP36zpYTkgSD4AmsRgV3qMElHlR3nTFxJY&gdpr=${GDPR}
Request Chain 574
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESED7hK80NcPmce4YZa3t2qlw&google_cver=1&google_push=AXcoOmQagvbr-aGPPs1Znfb_qWoxIA3kBHIw9Xl7wXkOarpQA9qMaeLNzVb6Oe1ZswHI_rvg4xgN9M8l_Lsc2zSeTPyoxn1G_sNKmfHmYhJPqRxKQ__YUVzzw8wNWVxjSPGXIbz0gKBIX72uMDS0kU3Ouqs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQagvbr-aGPPs1Znfb_qWoxIA3kBHIw9Xl7wXkOarpQA9qMaeLNzVb6Oe1ZswHI_rvg4xgN9M8l_Lsc2zSeTPyoxn1G_sNKmfHmYhJPqRxKQ__YUVzzw8wNWVxjSPGXIbz0gKBIX72uMDS0kU3Ouqs&google_hm=aE92Z2w4Yk5wZmJWdDFyUzBZYVlySVM0dU5F&from_google=sp1
Request Chain 575
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIlqIySYe0fAnyENiwHjZWs&google_cver=1&google_push=AXcoOmTOxDrXo52GyzLnAQa1muc2h4WO8Xrdo65f1NNoMK5ivP3e43YW7HjAeW-7UIE0Hhjl585ZlHEgiF0kMTpup7zzhEovIHUVt4b9cF_pYThWaaPLEG3wbyJk2I-UstatoB3GlMeLmId_2re_U-dupc4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg3Nzg5MDAyOTQ0MzQ0MjYxNg&google_push=AXcoOmTOxDrXo52GyzLnAQa1muc2h4WO8Xrdo65f1NNoMK5ivP3e43YW7HjAeW-7UIE0Hhjl585ZlHEgiF0kMTpup7zzhEovIHUVt4b9cF_pYThWaaPLEG3wbyJk2I-UstatoB3GlMeLmId_2re_U-dupc4
Request Chain 577
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC8apaMwMQCHrOfR0uc78OI&google_cver=1&google_push=AXcoOmQHDBgrJqfjoHfpjJTGLyvOAYd4QUgtSiBbQt6zeIi_nvOa_yuuHyzdCYpgcHIb88J4wclLt7jBCo5n9m5A69U1kWpJfQf-VUrvU0hhAgrRDelgWzUymO7JF0J5VUu4_ktgeM1Ihqss3Gh4DHPoNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQHDBgrJqfjoHfpjJTGLyvOAYd4QUgtSiBbQt6zeIi_nvOa_yuuHyzdCYpgcHIb88J4wclLt7jBCo5n9m5A69U1kWpJfQf-VUrvU0hhAgrRDelgWzUymO7JF0J5VUu4_ktgeM1Ihqss3Gh4DHPoNg
Request Chain 578
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKtlK91TDEeeZzuVfj0Yi8I&google_cver=1&google_push=AXcoOmT8guh-59y62e1pLN9pdWBYceldiK0rYoMrKZjQJ6VECc7JzjWD1l631xRYgmiQj_gRSXuLKy9Fa-cPEvDsKNbJ-p4Dy-16o9kQiNVfB91tuMCWWn9wzdn5zVAfBIq-Si1kJZ73j5BU5E0oNveJCxQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkyNTQ4OTcyMjU3NTcyMzI5NzU1&google_push=AXcoOmT8guh-59y62e1pLN9pdWBYceldiK0rYoMrKZjQJ6VECc7JzjWD1l631xRYgmiQj_gRSXuLKy9Fa-cPEvDsKNbJ-p4Dy-16o9kQiNVfB91tuMCWWn9wzdn5zVAfBIq-Si1kJZ73j5BU5E0oNveJCxQ
Request Chain 579
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC8apaMwMQCHrOfR0uc78OI&google_cver=1&google_push=AXcoOmRqxVHW_M6TwgCJDcEwiyY0x4E6_Z4-6w6s3nZKjOu_YhHfoUE6UciU6GjjI04i-xap4pdn-RGocrr4PTp8z0z7CAlyxuLZKEO6RbzWyyOaG1hrrx8HXIpsCiGGrdUBYmcw62Py6XNLo2gWGi9ZoSs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRqxVHW_M6TwgCJDcEwiyY0x4E6_Z4-6w6s3nZKjOu_YhHfoUE6UciU6GjjI04i-xap4pdn-RGocrr4PTp8z0z7CAlyxuLZKEO6RbzWyyOaG1hrrx8HXIpsCiGGrdUBYmcw62Py6XNLo2gWGi9ZoSs HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 580
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENvR1Mk0vIrORAmSG2NVS_I&google_cver=1&google_push=AXcoOmR6LizgejXi1ttLOEsLgJ5ZrVBqZp-ekyLWYRIUbbIGaMfw8ixH4l_URB1RQR3g4wFU4qHaY1pmXZiZOT4t4yPED3OQwSlGM5XnPKYUSmJjN0DNR20rkPgw9vYJJ3341L5r8ozhH-iTZ7D9-tI2lYbM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzIzOGUxYTgtNTA2Yy00NTdhLWIyYjQtMjJiMDhkYmI4ODMz&google_push=AXcoOmR6LizgejXi1ttLOEsLgJ5ZrVBqZp-ekyLWYRIUbbIGaMfw8ixH4l_URB1RQR3g4wFU4qHaY1pmXZiZOT4t4yPED3OQwSlGM5XnPKYUSmJjN0DNR20rkPgw9vYJJ3341L5r8ozhH-iTZ7D9-tI2lYbM HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 600
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=da55406d-0593-41c8-8da4-7f3f342c02e4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS14aEFuTEN0RTJ1R1ZnUFAuMmFxVHVGMHFBWVdwSnptZn5B&gdpr=0&ovsid=da55406d-0593-41c8-8da4-7f3f342c02e4&dpid=55953
Request Chain 602
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CUq7rFO2HZb25KrKnz7sPqM6X6A2ggbrSdL6kwonREeSCu_uaAhABILTOlQhgpfiRgJABoAGhwJjxKMgBCakCxZcMiifPgj7gAgCoAwHIA8sEqgTkAk_Q1qtFbHYPxGhZNzYRYyO0ctSntdShgY3x8_WB6PitSwJROUA9uFmDGBvzpO9kuux3pXFdC0XgWfQoyNgVTmK4G8dWcVx_kAE4DY4jvO-XYkNasTQH-0UAy5V_t7iSQjZcVss7tGwsE-k5YW73T27_BIdGJYTpPUuU-PfkeyYZiRaNscAPB2Ycvp6NRId5m_ROvmcN6tUGj_WgaYzhP9_nn_zLjpoc7k5TyMm2zXTKErynnKMCjmJjf1PijeBaE84-atzIxvTJms5jXMpHeWZgiPU5uqcZ72FGBnnEWUIWX2-mVB6YKjqSRSAiOJHqhTNblYvmaslSaxUD2VnqChCgD-m0ovbYDWCMl-G3W19RHmsh2p2zy6ubnF74C8MEQMPPWYLizCyskNV4AO5U6K8fcIyo3HhI64L3pA7GO2TOzUPJPM3zesqVEh66Bagdd-SnUzaZe6m0lU1ltxeUyAD09BC4wAS6otfWtgTgBAGIBd3Nk59MkgUECAQYAZIFBAgFGASgBi6AB9yp5ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEJWsF9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpYgpHCitWngwOaCYACaHR0cHM6Ly93d3cudGVtdS5jb20vYXUva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0xMn5lbn5BVUQmZ29vZHNfaWQ9NjAxMDk5NTE0OTU5Njg1Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDk3Mzc4OC0xJnRvcGljX2NsYXNzaWZ5PTExM4AKA8gLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAtoMEQoLENCIw7r_q6-t2wESAgED4g0TCMrQworVp4MDFbLTcwEdKOcF3dgTC9AVAYAXAbIXHgocCAASFHB1Yi05OTg3NTAxNDk4NTI5MDg4GMCGEA&sigh=_j369NO_zYs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_rYFh4MvpDtdqKeOiGmuK_7UHjOiNdssQPDH0As6SR9rlkFbu4_oOa4OGJLdX9WQogx_X0C7O8hgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78ace5f7dc4389ec0000000000000000%22,%222%22:%220x66e35b66edcdd0a30000000000000000%22,%223%22:%220xebdb0ca6d1979dad0000000000000000%22,%224%22:%220xa15ee07948bd08500000000000000000%22,%225%22:%220x26c1666a7541fe150000000000000000%22},%22debug_key%22:%2215499590619962919408%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229861506702110122097%22}&andc=true
Request Chain 604
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=ChoVfFO2HZcbQKO6n3LUPvZqOwA2ggbrSdL6kwonREeSCu_uaAhABILTOlQhgpfiRgJABoAGhwJjxKMgBCakCxZcMiifPgj7gAgCoAwHIA8sEqgTmAk_Qikb8xW0Xr5F1cP228CHldaxOfmRP0MUiaPmYQCmY_q6lCxAXve2d7a7Ui6C1x8zTuYlyLWhQ3St3ndnXYqTgqkWzg_rg5GU6ooJj5EOcADPv9_Pd5eJlMMeW_TnmJ3hHTWqG6YqmqJWis3Dv9NaIKVrJJsv0tG7VK5nzFh28anJu1P6abMgMgwYYsdglTPH_zqLJwuzVzltzyby4iTRMemdhNkrBidlrdh02bWkQpPadg-zQWZDO4ue3YKjNKqARvsQ9WUmZ9lxX0vSnrUR_6qnXziIz5HG0cvgpBXbhA8J-yFH6B7YVHwmrq5Z70Le86jJ8HeC80lydOztd7aNSngStpHVo7od-rAMZ3ZrvCgPpMLxbavFopmafNXF-Tc008JMEAoWLrrn6gVjBKMZmYoKtxAoipGT3JPmtEdTfQbRzhuNilNmAGsCKVTY8DMWDy967iKySqAEBQ3bQmHgbNQC2FsbABLqi19a2BOAEAYgF3c2Tn0ySBQQIBBgBkgUECAUYBKAGLoAH3KnlkgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQv9gG0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli608CK1aeDA5oJgAJodHRwczovL3d3dy50ZW11LmNvbS9hdS9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTEyfmVufkFVRCZnb29kc19pZD02MDEwOTk1MTQ5NTk2ODUmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkOTczNzg4LTEmdG9waWNfY2xhc3NpZnk9MTEzgAoDyAsBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwRCgsQoJqvn8rqlMDBARICAQPiDRMI8oTBitWngwMV7hO3AB09jQPY2BML0BUBgBcBshceChwIABIUcHViLTk5ODc1MDE0OTg1MjkwODgYwIYQ&sigh=JJR_-CI4Jds&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_ABJQsoUWErVWkylloGTchBSz4hvsewJAc6sWHECaGWacXrPOy3oPxKhDcVlEaFx4KKE3HtZKGAE&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78ace5f7dc4389ec0000000000000000%22,%222%22:%220x66e35b66edcdd0a30000000000000000%22,%223%22:%220xebdb0ca6d1979dad0000000000000000%22,%224%22:%220xa15ee07948bd08500000000000000000%22,%225%22:%220x26c1666a7541fe150000000000000000%22},%22debug_key%22:%222462932738271424318%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215816305688724689345%22}&andc=true
Request Chain 617
  • https://id5-sync.com/i/687/8.gif?id5id=ID5*7qtIKOYEfgMyzcRKl37GpNOKzIo1wpXIgtlD0W8MLj13VC8-K6eEVX1lnDDvubigd1Xz9lKt1WEfWUlwpzCy9w&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/687/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/2/7/2.gif?puid=399068538422166660&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=da55406d-0593-41c8-8da4-7f3f342c02e4&ttl=%%TTL%% HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/687/112/5/4.gif?puid=8E5EDCF1381479C7&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/108/4/5.gif?puid=e42cd243-253d-41b2-a603-b0125185d9c0&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/687/10/3/6.gif?puid=8877890029443442616&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/687/19/2/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/19/2/7.gif?puid=a0b644e93e3181bab4f54ac0864fd0bf&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LQJ8GVDY-1Y-64YE&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OEU1RURDRjEzODE0NzlDNw%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-0127OJ4EHOxXvlVJ5Ly7DRC2letY79dcQznOsZZUIg HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEMkhl4LAUlEnwneR6Nrie2Y&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-0127OJ4EHOxXvlVJ5Ly7DRC2letY79dcQznOsZZUIg&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Request Chain 631
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
Request Chain 632
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=21265b1c-1cf4-4d81-b7b1-ba02b21f8ab4&expires=1&user_group=5&ssp=pubmatic&bsw_param=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 633
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
Request Chain 634
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqrevdw
Request Chain 635
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYftGAAJRJlQNgBd
Request Chain 637
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3D86ADBB-57FD-485D-B899-815E8B54C115 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3af510ecb0fe64718fe87f6bd0c9c95457ac469761113e2b39ae2a799bb59869791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzYWY1MTBlY2IwZmU2NDcxOGZlODdmNmJkMGM5Yzk1NDU3YWM0Njk3NjExMTNlMmIzOWFlMmE3OTliYjU5ODY5NzkxNDI2YjU0MTdkY2UyMRAAGgwImNqfrAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzYWY1MTBlY2IwZmU2NDcxOGZlODdmNmJkMGM5Yzk1NDU3YWM0Njk3NjExMTNlMmIzOWFlMmE3OTliYjU5ODY5NzkxNDI2YjU0MTdkY2UyMRAAGgwImNqfrAYSBAgCEABCAEoA&google_gid=CAESEHAuawnTVyBPUk6bKYjKyns&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=b32af544-3a9f-4640-8156-2a007582d395
Request Chain 638
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8877890029443442616
Request Chain 641
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3D86ADBB-57FD-485D-B899-815E8B54C115 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=377e740d-724c-4536-a494-e340419597bb
Request Chain 642
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
Request Chain 643
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=59b201f5-c634-4e16-bff3-57b346a63eba&ssp=pubmatic
Request Chain 644
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
Request Chain 645
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqzd5gu
Request Chain 646
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYftGAAJRBlPvQBd
Request Chain 647
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8877890029443442616
Request Chain 661
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Request Chain 662
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=3b2d592dc9ac45cbb2094f80984b7787
Request Chain 664
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 666
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LgFc_1bCCu-P20E8Ge2HZQ
Request Chain 667
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e769bebd2a24c9d831699de6e92e752
Request Chain 668
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4429924a-a237-11ee-a3ad-6fd26945a56d
Request Chain 671
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2b95229fd3321f25&is_secure=true&networkId=17100&version=1&nuid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMWCo8lLfl9wMBMRSCAAAAAAA&expiration=1703493274&nuid=3D86ADBB-57FD-485D-B899-815E8B54C115&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 695
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&expires=30
Request Chain 696
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5C7638686559407991A04AAA71D259CA&expires=365
Request Chain 697
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBMqHy1tO8SF2G2shYmKH_g&google_cver=1
Request Chain 698
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AANRO07LD9oAABPGPvuH7w&expires=30
Request Chain 699
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bR2C6MA-09iQFRpNIv4Jvsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0kaJxMFE2oLSihe_p94qUZLuezxETGtsetjFLQ--~A
Request Chain 700
  • https://sync.ipredictive.com/d/sync/cookie/generic?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D17149%26nid%3D2861%26put%3D%24%7BADELPHIC_CUID%7D%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2&expires=30
Request Chain 701
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3288562651539434917&expires=60&gdpr=0&gdpr_consent=
Request Chain 702
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=399068538422166660&expires=30
Request Chain 704
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=fwAVYZfJ1RhjWr5&expires=30
Request Chain 705
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ8GVDY-1Y-64YE
Request Chain 729
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 731
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 733
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fwAVYZfJ1RhjWr5&gdpr=0&gdpr_consent=
Request Chain 741
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1977432095613495040
Request Chain 742
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=1380393634 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-OSaF8XJE2oVeUKKmqY.3k2nO7j8Hnq7dqg5W~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-OSaF8XJE2oVeUKKmqY.3k2nO7j8Hnq7dqg5W~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Request Chain 743
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C7638686559407991A04AAA71D259CA&gdpr=0&gdpr_consent=

778 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.chicagotribune.com/entertainment/theater/
Redirect Chain
  • http://leisureblogs.chicagotribune.com/the_theater_loop/just-for-laughs/
  • http://www.chicagotribune.com/entertainment/theater/
  • https://www.chicagotribune.com/entertainment/theater/
291 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
cb7323431468fe62348f734ab7c502ca1132272f1bd7487b5ea2d967b22bdccd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 08:34:23 GMT
etag
W/"47aec-f6w0miVd4xFOe+dPLGJk2x0c4hY"
expires
Sun, 24 Dec 2023 08:35:23 GMT
last-modified
Sun, 24 Dec 2023 08:34:23 GMT
link
<https://cmp.osano.com>;rel="preconnect",<https://htlbid.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://www.tribdss.com>;rel="preconnect",<https://tagan.adlightning.com>;rel="preconnect",<https://ssor.tribdss.com>;rel="preconnect",<https://cdn.onesignal.com>;rel="preconnect",<https://cdn.sophi.io>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect"
prerender-cache-tag
prerender-tronc-chicago-tribune-prod-48287213
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=925 origin; dur=1019 ak_p; desc="1703406861870_3092555205_520005496_194412_9032_1_19_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 52150 0 pmb=mRUM,2
x-amz-cf-id
-Z-SJ-H_F-oXIsSUkhldPRixkPl_La1dbf2VpX6XTbAoXkeYBzLJHQ==
x-amz-cf-pop
IAD12-P2
x-arc-pb-request-id
faeeec47-ba08-4c27-8692-9f01cdf4cd99
x-arc-request-id
0.c5a554b8.1703406861.1efea778

Redirect headers

Akamai-True-TTL
-1
Cache-Control
private, max-age=60
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 08:34:21 GMT
Expires
Sun, 24 Dec 2023 08:35:21 GMT
Location
https://www.chicagotribune.com/entertainment/theater/
Server
AkamaiGHost
Server-Timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1703406861554_1751333645_575930403_13_9025_1_0_-";dur=1
x-arc-request-id
0.0d3b6368.1703406861.22540023
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 08:34:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:34:24 GMT
Menu_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pf/resources/icons/Menu_Icon.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:23 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406863.1efeb0d8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406863961_3092555205_520007896_65_7109_1_0_219";dur=1
content-length
505
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"3078b03aa176e280460db6374ed5934b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
LPCD3kaAoR-PoF9goxiDX9kvm_6PLuUgfe_Gwyi-n5h6OpWTWX5pLw==
expires
Mon, 23 Dec 2024 08:34:23 GMT
Search_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pf/resources/icons/Search_Icon.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:23 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD52-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406863.1efeb0d9
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406863961_3092555205_520007897_75_6909_1_0_219";dur=1
content-length
700
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"d947de375e50e50a1aa4f7951e3c56b0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
1QptNB4oA7cn69H6IsSXFOlZE8TC8x5X4F4lbSi8FcQbjmy-FcWFYQ==
expires
Mon, 23 Dec 2024 08:34:23 GMT
logo_theater_loop.svg
www.chicagotribune.com/pb/resources/images/ct_icons/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pb/resources/images/ct_icons/logo_theater_loop.svg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
8786744e07b6de2109b10b047a7997c5d0aaf29444ba2fc96bc0e97a3b474c0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:23 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-arc-request-id
0.c5a554b8.1703406863.1efeb0da
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406863961_3092555205_520007898_77_6878_1_0_219";dur=1
content-length
5713
arc-version
__default__
server
openresty
etag
"c5020"
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-datastream-cache-status
1
expires
Mon, 23 Dec 2024 08:34:23 GMT
CZIDAMK55VAO5M7OS4CZHR2UD4
www.chicagotribune.com/resizer/i5a1MQMNBN8ZJ5xtaKHkV4vKa5s=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/i5a1MQMNBN8ZJ5xtaKHkV4vKa5s=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/CZIDAMK55VAO5M7OS4CZHR2UD4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
056d91bee178e92d43ec10d38fd831c115cb9c17f71a13a69d3ef43aa1980f7d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:24 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 23 Dec 2023 18:24:02 GMT
server
Akamai Image Manager
etag
"732f84f9696bfe210d298c7e3248bf0f61118410"
x-arc-request-id
0.c5a554b8.1703406863.1efeb0dc
content-type
image/avif
cache-control
private, no-transform, max-age=31484957
server-timing
cdn-cache; desc=HIT, edge; dur=349, origin; dur=0, ak_p; desc="1703406863960_3092555205_520007900_34861_11010_2_0_182";dur=1
content-length
11458
expires
Sun, 22 Dec 2024 18:23:41 GMT
CZIDAMK55VAO5M7OS4CZHR2UD4
www.chicagotribune.com/resizer/Ahozi2LIZVEnbPFT6fYNj0zbasY=/274x154/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/Ahozi2LIZVEnbPFT6fYNj0zbasY=/274x154/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/CZIDAMK55VAO5M7OS4CZHR2UD4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
a118b2a282917efb92f3736b8b424ad058ab9f467fcff51bdedbc4745e08d802
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
86400, 1800
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
etag
"34ae6db420eebb73012cf5d0600e46d81583198e"
x-arc-request-id
0.c5a554b8.1703406864.1efeb3b3
content-type
image/jpeg
x-akamai-im-skip-dlr
1
cache-control
private, max-age=1800
server-timing
cdn-cache; desc=HIT, edge; dur=849, origin; dur=0, ak_p; desc="1703406864576_3092555205_520008627_88543_13548_1_0_146";dur=1
x-akamai-note
original-image
content-length
9251
expires
Sun, 24 Dec 2023 09:04:25 GMT
CZIDAMK55VAO5M7OS4CZHR2UD4
www.chicagotribune.com/resizer/mTHTf_MQVutoLKLDuqIQFZaOGqw=/377x212/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/mTHTf_MQVutoLKLDuqIQFZaOGqw=/377x212/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/CZIDAMK55VAO5M7OS4CZHR2UD4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
3c486a0179c2c6ec8027953c94dfd076d4e358bd22498ead877f4f875c95e93c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
1800, 1800
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Akamai Image Server
etag
"acc8c9dcb535e850555f230beafa20882318dc0a"
x-arc-request-id
0.c5a554b8.1703406864.1efeb460
content-type
image/jpeg
x-akamai-im-skip-dlr
1
cache-control
private, max-age=1800
server-timing
cdn-cache; desc=HIT, edge; dur=646, origin; dur=0, ak_p; desc="1703406864698_3092555205_520008800_64933_13993_1_0_146";dur=1
x-akamai-note
original-image
content-length
14674
expires
Sun, 24 Dec 2023 09:04:25 GMT
osano.js
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ 		434 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-77.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
ad7ae8af2e7b8439c0296da88adc1682b2047a37a8440a7c3e54bc2ac846b677
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 10:07:22 GMT
content-encoding
br
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
SYD62-P1
age
80822
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
112043
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 17 Dec 2023 04:11:42 GMT
server
CloudFront
etag
"7c59669d5720c721968323319bc1e277"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
TL7v0Bw8vGXc9Vta-ecDupcqrJuTY98hR6b95fwe3wvnOIJKlgCMdg==
htlbid.css
htlbid.com/v3/chicagotribune.com/ 		470 B
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/chicagotribune.com/htlbid.css
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
def6a9d822627b0ea4a61278103db2436736304a64d6c3efb2557984528f8f25

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 4bfeb1eae9544366893e37b97eee8e6e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 15:05:52 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
etag
"2052e0db26785bd18c4db0edc6ca8eee"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
max-age=600
accept-ranges
bytes
content-length
470
x-amz-cf-id
5oYzsd2iCXrPkcsv8i9d_yKVX1Psbw4NghrW3OfeYwe-xEJVKO2lAA==
htlbid.js
htlbid.com/v3/chicagotribune.com/ 		498 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/chicagotribune.com/htlbid.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee530192da166d11e1d801b163236c36d40b99a1807e003c41d5107e5d73e5f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
br
via
1.1 4bfeb1eae9544366893e37b97eee8e6e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 15:05:52 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
etag
W/"85b315d9bb67d74ed71a6612bd60e1ea"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=600
x-amz-cf-id
MLZ8HVmleIosXwHRrdii8odXcks2MnTPHjKFya3W1kRaD__F5yYGXA==
script.js
r610.chicagotribune.com/ 		136 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/script.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
5686bcb387468aa4aee44c7777977fb187f48cd6c324171647e2342ebfac423b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
age
161
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
41846
x-xss-protection
1; mode=block
last-modified
Sun, 24 Dec 2023 08:30:32 GMT
server
-
etag
2fd7d8ab5ca09052f21fa4dc48385200
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
VMJJdctKkPltxl-zl38TRTBYrA4kyBJw9xJYp5qesK4MC-FylzQ9YQ==
expires
Sun, 24 Dec 2023 08:41:43 GMT
react.js
www.chicagotribune.com/pf/dist/engine/ 		338 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pf/dist/engine/react.js?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
b96832ee49d210ef7b2adf148c33b05b9cf79278df177af263e13731769fa352
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406864.1efeb485
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406864726_3092555205_520008837_486_7349_1_0_146";dur=1
content-length
102205
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"4bf4f75bce01baf4a560525cc04dc5a0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
gKKkSes49eg5D83OqT1tMf1QF4Dnu45zJqSkuoYC53FS6US9W9OpIQ==
expires
Mon, 23 Dec 2024 08:34:24 GMT
default.js
www.chicagotribune.com/pf/dist/components/combinations/ 		844 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
cc0c1be5c480b126b4c776ad4c2b29bee9663e1da188a965f2c0beea327dc558
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406864.1efeb486
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406864726_3092555205_520008838_505_7133_1_0_146";dur=1
content-length
226879
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"3a3e929fab77bfc141aac4307736bffc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
NarwxUC1rHcGAO9_7sU_UmDD3CU8Ty4XWxJroPpZmJ6eE_dWSYtH1w==
expires
Mon, 23 Dec 2024 08:34:24 GMT
default.css
www.chicagotribune.com/pf/dist/components/output-types/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pf/dist/components/output-types/default.css?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
1d94c96db9e0666e51f97a821f8d812010b44ae4d25683c25ba71d45ae622f70
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:23 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406863.1efeb0d6
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406863972_3092555205_520007894_1008_8730_1_0_255";dur=1
content-length
5521
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"ba3f67fe84a7b88db84d9999b442383f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
B_8fB0TAS7vm2jBFNx2VY37svkvsMhPWYesgqhIIf6eKf5zokEP74A==
expires
Mon, 23 Dec 2024 08:34:23 GMT
default.css
www.chicagotribune.com/pf/dist/components/combinations/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pf/dist/components/combinations/default.css?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
af4566bb9dc17bbdac65cb62445451255ccec18c0698ac5d04c825ccb1b12e24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:23 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406863.1efeb0d7
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406863960_3092555205_520007895_38_7201_1_0_255";dur=1
content-length
10944
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"5ab617761b4ac7c27746fc4b6890a219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
Tv7qB4Cnie-b4zA8VsqNNCrL1xdJcOsssELrbMfLFcNMK4tOHYMAiQ==
expires
Mon, 23 Dec 2024 08:34:23 GMT
zephr-browser.umd.js
assets.zephr.com/zephr-browser/1.3.9/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-111.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:33:49 GMT
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 11:02:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
43253
etag
W/"c531ce77a9ff6380e9671dee680a2102"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
kP2gZkaBCE0rVaZw4MO26ds1dpPJc6O2TokbJZr9dUdgHrB6s3M8AQ==
zephr-minify.1.0.1.js
assets.zephr.com/tribune/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.zephr.com/tribune/zephr-minify.1.0.1.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-111.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 09:15:04 GMT
content-encoding
gzip
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 11:32:39 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
83996
etag
W/"d9f4fec80c2b61c13ef9d38b99f5708c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
gOrXtf-V_-wxN9TyTVcrvCzjSOpmAjOYQ4u804MB3L03WCVNJ8XNrA==
Chicago_Tribune-chiblue.svg
www.chicagotribune.com/pf/resources/logo/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pf/resources/logo/Chicago_Tribune-chiblue.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:23 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD52-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406863.1efeb0db
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406863960_3092555205_520007899_32_7227_1_0_219";dur=1
content-length
5118
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"71456cc06238c3a185cccb135bec0329"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
Eidf9M1c83d8Ow7RnOxj2EXH4praYLVuNV181x2IW74m8boff6ZANA==
expires
Mon, 23 Dec 2024 08:34:23 GMT
20.svg
www.chicagotribune.com/pf/resources/images/weather_icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pf/resources/images/weather_icons/20.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
7da8ed02f662c043e8ffd867b6cc772564a08c7d2fe38b8ef06500e968ced3ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406864.1efeb487
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406864726_3092555205_520008839_488_7295_1_0_219";dur=1
content-length
1053
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"0d3a5a7bb684a6699c308a3821e100c0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
_EoTKuzWW7JWlPOqHVrzP28R7Fb-FgScRZgpj9C1DrCPyD8uMA-9Lw==
expires
Mon, 23 Dec 2024 08:34:24 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7D0) /
Resource Hash
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:25 GMT
content-encoding
gzip
content-md5
8ouzdXeMpGxUBMAUF/mhkg==
age
135122
x-cache
HIT
content-length
1002
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 18:25:29 GMT
server
ECAcc (nwa/E7D0)
etag
"0x8DB2194D3ACD75C+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a1db617b-301e-00d6-1b09-35f6e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
gtm.js
www.googletagmanager.com/ 		380 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1543fe3f4af7cf88491360677e7ad4049ee50e4fd23e81e2a06c1f79e09afb89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106256
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 08:34:24 GMT
DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.202.168.127 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Wed, 06 Dec 2023 17:23:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 19:34:21 GMT
x-content-type-options
nosniff
age
219604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 19:34:21 GMT
2MA2WYVLRVCAVPLPVULN4GCG7A.JPG
www.chicagotribune.com/resizer/sfocMTUKZHGFZujHT-5E7f8indI=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/sfocMTUKZHGFZujHT-5E7f8indI=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/2MA2WYVLRVCAVPLPVULN4GCG7A.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f240ca8aec3183c8868781f35215178c466b30aaf818e8492439dd1bb6058e06
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 22 Dec 2023 17:36:49 GMT
x-serial
1304
server
Akamai Image Manager
x-check-cacheable
YES
etag
"123a8d931e6e3b57bc04a5dd68653a13f9e0bbec"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4aa
content-type
image/avif
cache-control
private, no-transform, max-age=31395763
server-timing
cdn-cache; desc=HIT, edge; dur=559, ak_p; desc="1703406864756_3092555205_520008874_56159_11559_1_0_219";dur=1
content-length
12965
expires
Sat, 21 Dec 2024 17:37:08 GMT
3NQDVSV4CJDFHBYAFWU24HF5HI.JPG
www.chicagotribune.com/resizer/KlWJEhAJRzXETDWC7xuCXVfqpGc=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/KlWJEhAJRzXETDWC7xuCXVfqpGc=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/3NQDVSV4CJDFHBYAFWU24HF5HI.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
03e16c767841f2ab4ee4c09f8ea9904590c07914f0929d115af79ad6538c39d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 20 Dec 2023 11:30:20 GMT
server
Akamai Image Manager
etag
"cff0b630b62245d5ea10ca662bdcf8f4ff28421f"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4ab
content-type
image/avif
cache-control
private, no-transform, max-age=31200934
server-timing
cdn-cache; desc=HIT, edge; dur=529, ak_p; desc="1703406864756_3092555205_520008875_53250_13499_1_0_219";dur=1
content-length
8501
expires
Thu, 19 Dec 2024 11:29:59 GMT
OZYYQFAAMBBKHMQF5TUMKXIQQA.JPG
www.chicagotribune.com/resizer/0-MkfdV99mwHbBtPRPKv4Z1TvIU=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/0-MkfdV99mwHbBtPRPKv4Z1TvIU=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/OZYYQFAAMBBKHMQF5TUMKXIQQA.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
094c53f3d2ab17cba20238510906cb255868348f2fc899cd7500359fc678f65a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 19 Dec 2023 11:45:45 GMT
x-serial
1314
server
Akamai Image Manager
x-check-cacheable
YES
etag
"bd55e21bffdbe1dc9d2485100b65ad4f321f791a"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4ac
content-type
image/avif
cache-control
private, no-transform, max-age=31115473
server-timing
cdn-cache; desc=HIT, edge; dur=465, ak_p; desc="1703406864759_3092555205_520008876_47073_10141_2_0_146";dur=1
content-length
5467
expires
Wed, 18 Dec 2024 11:45:38 GMT
422UUBGPQBH75PV3SPGMJRJJOY.JPG
www.chicagotribune.com/resizer/HJmdhoYHLngvHg7uUGMAsBjEtPQ=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/HJmdhoYHLngvHg7uUGMAsBjEtPQ=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/422UUBGPQBH75PV3SPGMJRJJOY.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e24b15b9d2a1112a3c686d9029d649e2ceb76737af94b17ff692143775ec30fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 19 Dec 2023 03:01:38 GMT
x-serial
1011
server
Akamai Image Manager
x-check-cacheable
YES
etag
"f6e84601d899fd723ff4a32d9cf2fc0adcbab984"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4ad
content-type
image/avif
cache-control
private, no-transform, max-age=31083973
server-timing
cdn-cache; desc=HIT, edge; dur=478, ak_p; desc="1703406864756_3092555205_520008877_48124_11407_1_0_146";dur=1
content-length
8786
expires
Wed, 18 Dec 2024 03:00:38 GMT
KIR7TRP6URHSNIZUISJLDG27QY
www.chicagotribune.com/resizer/FmKHri-TfjQALv1d1-EkVdQTAeM=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/FmKHri-TfjQALv1d1-EkVdQTAeM=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/KIR7TRP6URHSNIZUISJLDG27QY
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
00780e70e73b7298c973ec9c7f95340abccc7a8cc9c64c92095636d9423a7be8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 14 Dec 2023 11:52:14 GMT
server
Akamai Image Manager
etag
"9657b6d0f90ac096efdbec2dad8d6ada4df31000"
x-edgeconnect-cache-status
1
x-arc-request-id
0.c5a554b8.1703406864.1efeb4ae
content-type
image/avif
cache-control
private, no-transform, max-age=30683947
server-timing
cdn-cache; desc=HIT, edge; dur=666, origin; dur=0, ak_p; desc="1703406864757_3092555205_520008878_66988_12187_1_0_146";dur=1
content-length
5981
expires
Fri, 13 Dec 2024 11:53:32 GMT
7ERGNIDN3ZGCNFT3MK4D33ZVQI.jpg
www.chicagotribune.com/resizer/42QawuulPN8j_c3FMPly74NG2fs=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/42QawuulPN8j_c3FMPly74NG2fs=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/7ERGNIDN3ZGCNFT3MK4D33ZVQI.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2b746f6fd9fe6894f10d0780594408a714619fedf6cc7b1da4d70ebb81949d86
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 07 Nov 2023 23:20:44 GMT
x-serial
740
server
Akamai Image Manager
x-check-cacheable
YES
etag
"4aa242fc9c3678b5029f2f39bcb754ba16257ba2"
x-edgeconnect-cache-status
1
x-arc-request-id
0.c5a554b8.1703406864.1efeb4af
content-type
image/avif
cache-control
private, no-transform, max-age=29912989
server-timing
cdn-cache; desc=HIT, edge; dur=864, ak_p; desc="1703406864761_3092555205_520008879_87169_12559_1_0_146";dur=1
content-length
15485
expires
Wed, 04 Dec 2024 13:44:14 GMT
IB7235EYYNF2PAOG75LOP4RCZA.JPG
www.chicagotribune.com/resizer/yvQhxcDax-zZE2io2Adq8cZCqUY=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/yvQhxcDax-zZE2io2Adq8cZCqUY=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/IB7235EYYNF2PAOG75LOP4RCZA.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
12ac85e52c7f9f79b9ca04f745b8031ce61269ed2738be934d0f91a4e2709e15
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 12 Dec 2023 17:53:39 GMT
server
Akamai Image Manager
etag
"eacc0fee9b3a2a8b8c31f846af0fe19f10be1c88"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4b0
content-type
image/avif
cache-control
private, no-transform, max-age=30532777
server-timing
cdn-cache; desc=HIT, edge; dur=559, ak_p; desc="1703406864756_3092555205_520008880_56226_11349_1_0_146";dur=1
content-length
15795
expires
Wed, 11 Dec 2024 17:54:02 GMT
TGVCOMQZFBC5XPF3MCQXUWJG2A.JPG
www.chicagotribune.com/resizer/aAx-hpysT8uU4DLsFacGa8Q04ak=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/aAx-hpysT8uU4DLsFacGa8Q04ak=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/TGVCOMQZFBC5XPF3MCQXUWJG2A.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1803c7af697e8608efea1365af8bc4c908525993052e54380f93641409cea184
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 11 Dec 2023 20:12:18 GMT
x-serial
339
server
Akamai Image Manager
x-check-cacheable
YES
etag
"ac89e33cffd9ae50e3a00b87a8b8c81f393ca5a3"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4b1
content-type
image/avif
cache-control
private, no-transform, max-age=30454626
server-timing
cdn-cache; desc=HIT, edge; dur=663, ak_p; desc="1703406864756_3092555205_520008881_66660_17767_1_0_146";dur=1
content-length
9640
expires
Tue, 10 Dec 2024 20:11:31 GMT
EOPCGO3F3ZFD7NVE5C5M4GDZQM.JPG
www.chicagotribune.com/resizer/LH9wBwirfSXDCgBmmjl2eqdNor8=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/LH9wBwirfSXDCgBmmjl2eqdNor8=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/EOPCGO3F3ZFD7NVE5C5M4GDZQM.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0295dc9ffa05332413a394e59e9c5aa4333d7b92075052ea4ab14809ceaae4ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 11 Dec 2023 14:30:38 GMT
x-serial
124
server
Akamai Image Manager
x-check-cacheable
YES
etag
"b7e60fb182e16a21bbd1b4bd1b1b73f876bfd5ff"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4b2
content-type
image/avif
cache-control
private, no-transform, max-age=30434142
server-timing
cdn-cache; desc=HIT, edge; dur=558, ak_p; desc="1703406864756_3092555205_520008882_56169_13060_1_0_146";dur=1
content-length
11991
expires
Tue, 10 Dec 2024 14:30:07 GMT
K25CT2SL4ZGPZJG7DXD4Z23XBM.JPG
www.chicagotribune.com/resizer/F47WXKrg6oLbIV2LWfrYsK0Pguk=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/F47WXKrg6oLbIV2LWfrYsK0Pguk=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/K25CT2SL4ZGPZJG7DXD4Z23XBM.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2e68f001139068648a00b789f6f8239168506c84b94615bfe0271e83a1ebe153
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 19 Dec 2023 11:17:59 GMT
x-serial
625
server
Akamai Image Manager
x-check-cacheable
YES
etag
"58efdcccd80d8427666830af43da24efb1f8cf69"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4b3
content-type
image/avif
cache-control
private, no-transform, max-age=31113891
server-timing
cdn-cache; desc=HIT, edge; dur=655, origin; dur=0, ak_p; desc="1703406864759_3092555205_520008883_66142_9833_1_0_219";dur=1
content-length
7290
expires
Wed, 18 Dec 2024 11:19:16 GMT
T74MLXASZFFH5PQWXIVLSFVPIY.JPG
www.chicagotribune.com/resizer/gwNWuyaXQzSNQy6DcqkW4SZSnw0=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/gwNWuyaXQzSNQy6DcqkW4SZSnw0=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/T74MLXASZFFH5PQWXIVLSFVPIY.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d29d17f6dbfebe7a1e08285f002483bc0a530a529b21bb7010a34a78a2d41dc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 23 Dec 2023 11:06:06 GMT
server
Akamai Image Manager
etag
"df51d8f0f3d15f3a7078549abbe4129922a634e4"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4b4
content-type
image/avif
cache-control
private, no-transform, max-age=31458694
server-timing
cdn-cache; desc=HIT, edge; dur=689, origin; dur=0, ak_p; desc="1703406864759_3092555205_520008884_69456_10235_1_0_219";dur=1
content-length
4879
expires
Sun, 22 Dec 2024 11:05:59 GMT
422UUBGPQBH75PV3SPGMJRJJOY.JPG
www.chicagotribune.com/resizer/sz0VCW06dGKkkFJJ5jXSES3QohE=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/sz0VCW06dGKkkFJJ5jXSES3QohE=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/422UUBGPQBH75PV3SPGMJRJJOY.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
44a5b80c9809c9323c5393246317d5ca563893b092659e96cebc9ddab67018dc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 19 Dec 2023 03:02:43 GMT
server
Akamai Image Manager
etag
"8043106a94faf6718d14d2fda3112e6a4b13dc31"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4b5
content-type
image/avif
cache-control
private, no-transform, max-age=31084179
server-timing
cdn-cache; desc=HIT, edge; dur=684, origin; dur=0, ak_p; desc="1703406864756_3092555205_520008885_68779_13028_1_0_146";dur=1
content-length
7184
expires
Wed, 18 Dec 2024 03:04:04 GMT
C4GJPOEPJFBZ5HDQDGC5KITFGQ.jpg
www.chicagotribune.com/resizer/oLF5z-jblzpLfVXtCMZPMBw1-k8=/600x338/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/oLF5z-jblzpLfVXtCMZPMBw1-k8=/600x338/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/C4GJPOEPJFBZ5HDQDGC5KITFGQ.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e46220ddbd3ae53145397f9422a5ab3c877bee95563fee635f883f559644b17c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 07 Nov 2023 23:48:09 GMT
server
Akamai Image Manager
etag
"03ecea8c02f7d19c1ca827329c215d2984ab161b"
x-edgeconnect-cache-status
1
x-arc-request-id
0.c5a554b8.1703406864.1efeb4b6
content-type
image/avif
cache-control
private, no-transform, max-age=30680958
server-timing
cdn-cache; desc=HIT, edge; dur=795, origin; dur=0, ak_p; desc="1703406864756_3092555205_520008886_79807_11043_1_0_146";dur=1
content-length
40038
expires
Fri, 13 Dec 2024 11:03:43 GMT
HOCYSWPN5VGELCERIHT2IHBR3M.jpg
www.chicagotribune.com/resizer/fl1RvpRcUMImxwwEGl8Ypfj7OxE=/158x158/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/fl1RvpRcUMImxwwEGl8Ypfj7OxE=/158x158/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/HOCYSWPN5VGELCERIHT2IHBR3M.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7a7ccde200c03e143c3b59d166adc4aca2566d057611dc7efd2e28c4c9ffe905
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 07 Nov 2023 23:39:48 GMT
x-serial
1300
server
Akamai Image Manager
x-check-cacheable
YES
etag
"e62250ed1ab0abc15432deacc15f983e6bee32ae"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4c2
content-type
image/avif
cache-control
private, no-transform, max-age=29736933
server-timing
cdn-cache; desc=HIT, edge; dur=720, origin; dur=0, ak_p; desc="1703406864773_3092555205_520008898_73617_12320_1_0_146";dur=1
content-length
3803
expires
Mon, 02 Dec 2024 12:49:58 GMT
MHGQKO2XRBCV7MBZ5LONWG2BDQ.jpg
www.chicagotribune.com/resizer/uVfiSBJsoj7jYJoBvvI6aeEtsKQ=/158x158/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/uVfiSBJsoj7jYJoBvvI6aeEtsKQ=/158x158/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/MHGQKO2XRBCV7MBZ5LONWG2BDQ.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d4d1f101ee5e3c8c23779dedb2b965f5eeac2191eaf06672c0a1f964d3e04061
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:24 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 07 Nov 2023 23:11:09 GMT
server
Akamai Image Manager
etag
"8c744d598aebed2ab4db02d08a00aefc60efec30"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4c4
content-type
image/avif
cache-control
private, no-transform, max-age=29738343
server-timing
cdn-cache; desc=HIT, edge; dur=205, origin; dur=0, ak_p; desc="1703406864774_3092555205_520008900_22171_12080_3_0_146";dur=1
content-length
4634
expires
Mon, 02 Dec 2024 13:13:27 GMT
UTW4ZKPDRZH55PGQYJMGEAEIYI.jpg
www.chicagotribune.com/resizer/CcRgtlWQkVycJEzMoUBhahJAE6g=/158x158/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/CcRgtlWQkVycJEzMoUBhahJAE6g=/158x158/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/UTW4ZKPDRZH55PGQYJMGEAEIYI.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fd58f313532303eb27bfd39c29d3cda5b94db119cf9e0aedd9f4d34e172034da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:24 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 07 Nov 2023 23:32:56 GMT
server
Akamai Image Manager
etag
"2a1606684d48a8c2a5e5fc10cf1b26fe70865648"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4c5
content-type
image/avif
cache-control
private, no-transform, max-age=29768322
server-timing
cdn-cache; desc=HIT, edge; dur=24, origin; dur=0, ak_p; desc="1703406864773_3092555205_520008901_2937_12492_1_0_146";dur=1
content-length
3995
expires
Mon, 02 Dec 2024 21:33:06 GMT
GU546UC2HJCD3FE6KOXYJ4YVFU.jpg
www.chicagotribune.com/resizer/CgV9OnEHIdKBKDwYm_SV0S4aSW4=/158x158/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/CgV9OnEHIdKBKDwYm_SV0S4aSW4=/158x158/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/GU546UC2HJCD3FE6KOXYJ4YVFU.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
38eb4b0e66b3a70db4cf4070cd713c2d6ff5abaf35d0ad27a22c9038ece0b3ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:24 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 07 Nov 2023 23:20:08 GMT
server
Akamai Image Manager
etag
"89e1414d3e59ee2964ea19bf4836266e7f175fb4"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4c6
content-type
image/avif
cache-control
private, no-transform, max-age=30347035
server-timing
cdn-cache; desc=HIT, edge; dur=37, origin; dur=0, ak_p; desc="1703406864773_3092555205_520008902_4237_12342_1_0_146";dur=1
content-length
3885
expires
Mon, 09 Dec 2024 14:18:19 GMT
E42WQ7TQ6NCOJII5HNO36GPJHU.jpg
www.chicagotribune.com/resizer/M0hTshEW1fUBHXHmijP7pMiL7vU=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/M0hTshEW1fUBHXHmijP7pMiL7vU=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/E42WQ7TQ6NCOJII5HNO36GPJHU.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e478e1fa7ba9f662392f0c065d22e9c2114c4075cb73d70823e84088cec90a64
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 11 Dec 2023 02:33:31 GMT
x-serial
281
server
Akamai Image Manager
x-check-cacheable
YES
etag
"3c50db3822c33ba2c2cb673a273b939243d54448"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4c7
content-type
image/avif
cache-control
private, no-transform, max-age=30391120
server-timing
cdn-cache; desc=HIT, edge; dur=293, ak_p; desc="1703406864773_3092555205_520008903_30042_15691_2_0_146";dur=1
content-length
15166
expires
Tue, 10 Dec 2024 02:33:05 GMT
PFT32FQDRZBHFKAUGD4Z6JJFPE.JPG
www.chicagotribune.com/resizer/NdU_RtjBhJ_T7kM5umqq30sVb28=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/NdU_RtjBhJ_T7kM5umqq30sVb28=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/PFT32FQDRZBHFKAUGD4Z6JJFPE.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
38a6615419cf824b4b42cd20fb3ab7d2fcb7c270a38b8c1b286629ce6770b693
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 10 Dec 2023 16:31:46 GMT
x-serial
3
server
Akamai Image Manager
x-check-cacheable
YES
etag
"07a40d5b843a6aa66fb2f111046985e42e344ebe"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4c8
content-type
image/avif
cache-control
private, no-transform, max-age=30355055
server-timing
cdn-cache; desc=HIT, edge; dur=578, ak_p; desc="1703406864773_3092555205_520008904_58417_12035_2_0_146";dur=1
content-length
14922
expires
Mon, 09 Dec 2024 16:32:00 GMT
UXX7ZFJ45RHT3PZHAKXWPMBL2Y.jpg
www.chicagotribune.com/resizer/Hrjcwh5ZrE-dtU-JmJ_2mVbgE_U=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/Hrjcwh5ZrE-dtU-JmJ_2mVbgE_U=/400x225/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/UXX7ZFJ45RHT3PZHAKXWPMBL2Y.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
92ebc538989ef11b951bdd2d72ad137ea78ca9079924507ce551cdb664df6ccc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 09 Dec 2023 13:09:22 GMT
server
Akamai Image Manager
etag
"2cec95b203f49b616dfe69d6aed68d76a1c9345c"
x-arc-request-id
0.c5a554b8.1703406864.1efeb4c9
content-type
image/avif
cache-control
private, no-transform, max-age=30256552
server-timing
cdn-cache; desc=HIT, edge; dur=429, ak_p; desc="1703406864773_3092555205_520008905_43416_12388_7_0_146";dur=1
content-length
14728
expires
Sun, 08 Dec 2024 13:10:17 GMT
cs
tribune.blueconic.net/DG/DEFAULT/ 		16 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tribune.blueconic.net/DG/DEFAULT/cs?&callback=bc_json267
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.94.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-94-162.compute-1.amazonaws.com
Software
- /
Resource Hash
365e791282ddd2777064c34441974960191378938aa5763c7bcdb15630fc8c12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=DA9NK-5NF4A-5FWA6-EFVPV-RL87Z&d=www.chicagotribune.com&t=5678023&v=1.720.0&sl=0&si=1f3f5547-9536-44d5-8e4f-bc3df1e870f0-s65x58&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=544467
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.80.232.135 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
385b775f1349e9d369a6c6f63a0aafc11c22515ca8c97f2303038a2c6cdaf858

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Dec 2023 08:34:25 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
p.js
cdn.parsely.com/keys/chicagotribune.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/chicagotribune.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-97-57.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 23 Dec 2023 09:42:44 GMT
content-encoding
gzip
via
1.1 4279a60193243ca3cf62feedc7fe581e.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jan 2022 19:15:41 GMT
server
nginx
x-amz-cf-pop
SYD62-P1
age
82316
etag
W/"61d5ee5d-df47"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
5WDdafvcer9YwWHajU6pBTFrzrxmQcdyM-K9steeCu9hiXpPbp8Uyw==
expires
Sun, 24 Dec 2023 09:42:29 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/launchpad-liveramp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-52.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f35a7a3eb28e1da39e87276b8f75d6203b808e26b63218ffb0be3fd62e0de605

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 06:47:54 GMT
x-amz-version-id
0wgTlvozKv_yHsVhsA.bHuhm0r2Cnphv
content-encoding
gzip
via
1.1 483c7c88d4db2ecfd894042db6a4e9c8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
6391
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Sun, 27 Aug 2023 22:55:22 GMT
server
AmazonS3
etag
W/"e1e9408aa4a994afbbb535269e3387fb"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
2CSLbMKrHEbB-iPBeV-6DLceqL633NAlbJSiCFRYFLyGeHDEh5x7lQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1703406865183&ns_c=UTF-8&c8=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww....
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1703406865183&ns_c=UTF-8&c8=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww...
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1703406865183&ns_c=UTF-8&c8=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&c9=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
13.224.181.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-14.syd1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 d464a17a20fc9cad7861828ec660c392.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD1-C2
x-amz-cf-id
3Q4aczBfqBn1tYL44b0qncuO-a21t9idhL1uoH4guGStX46E62WK_g==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 d464a17a20fc9cad7861828ec660c392.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6036462&ns__t=1703406865183&ns_c=UTF-8&c8=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&c9=
content-length
0
x-amz-cf-id
MRiQhlZQ7uAISKq2KXjA4X1pHzYUPAMcgQo_cRgMmd5XUjuuZaMFNw==
10012.jsx
cdn-p.cityspark.com/wid/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/wid/10012.jsx?b=1703406865195&on=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tL2VudGVydGFpbm1lbnQvdGhlYXRlci8=&callback=jsonp10012
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf6c7a931468e1f33cfd7b4330320d233f647740f5c373ef0cec2820e59ca0d8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 10:34:26 GMT
date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
strict-transport-security
max-age=0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.29.3/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=oX3gvkbQ&cid=4591
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.3/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.29.3/embed.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
18.67.111.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12899275c1df5d2c9bc427847d07cf596ad57f8a569064f7dfad2475605986ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:33:36 GMT
x-amz-version-id
fHzA7lMBMzQoOwwMUuvOxRBOplQ0kvch
content-encoding
br
last-modified
Thu, 14 Dec 2023 00:10:26 GMT
server
AmazonS3
via
1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
etag
W/"00f9d8bc432c39018154f35f1607decf"
age
50
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
K5-OqparRdIc7E0oM5rIf5Np9xJaX_uM6ewGkm58AJVQ3mdxF1wTjw==

Redirect headers

date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P2
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.29.3/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
zZTByox_TwegGCacn7wEJdHQsnvU6PqUq_AJL4fMTCC-95zVVT6jpg==
loader.js
cdn.taboola.com/libtrc/tribunedigital-network/ 		834 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f36587ed878f51c314bb01bedbf234ded1f269f8a38e44f7c8c507e0ddf71d4d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
A7T6YKQXG69j3fbQEjOxm9rU0yRdLNm_
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:26 GMT
x-amz-request-id
R6WVD9GGJ1VX3D13
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
20
x-amz-replication-status
FAILED
content-length
88180
x-amz-id-2
GUoJzxOsCPwOH2mfX5ICDKG0/vq38X2UBpDppAgUdK53gxT5ZDvSWhz8WEGKwqqINyVc8AdSuKo=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Sun, 24 Dec 2023 08:23:32 UTC
server
nginx
x-timer
S1703406866.658472,VS0,VE385
etag
"a054144739ee74a2df1a30f4739a9de30e1c3ebe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
23
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
chiarc.min.js
www.tribdss.com/meter/
Redirect Chain
  • https://www.tribdss.com/meter/chiarc.min.js
  • https://www.tribdss.com/meter/chiarc.min.js?disabled=international
40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tribdss.com/meter/chiarc.min.js?disabled=international
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
23.55.12.201 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-12-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8064a688c1f37a0d7827fb5cac7592182ac98212f367948c366f409eff8c808c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
12311
X-Request-Id
6b7a8effd0f2e7d087796a83c482cdd1
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.009968
X-Content-Digest
7dcf5129dca8fff99faaf47a382387604556050e
Last-Modified
Tue, 05 Dec 2023 11:35:11 GMT
Server
Apache
X-Host-Info
b14cc2124cc1,; 0b042392306259fe3b65b42be279193e6d53dcbe (HEAD -> refs/heads/release/2311.1.0, refs/remotes/origin/release/2311.1.0) dsub 1195 postgresql adapter issue
ETag
12857682144216439628R
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, must-revalidate, max-age=101
Httpd-Identifier
b14cc2124cc1
X-Rack-Cache
fresh

Redirect headers

Location
/meter/chiarc.min.js?disabled=international
Date
Sun, 24 Dec 2023 08:34:25 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
chiarc.min.js
ssor.tribdss.com/reg/tribune/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssor.tribdss.com/reg/tribune/chiarc.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.12.201 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-12-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af23b8f21cea418d2f5e814675580bb5ab5b5215dad3aa741ee42f8725c9b70c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
12230
X-Request-Id
b88e2763ca8ad601c8cd04f8fd8f3864
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.007636
X-Content-Digest
0faed5453d2a10c593fde5733cec8f39e8b38ff9
Last-Modified
Tue, 12 Dec 2023 10:52:02 GMT
Server
Apache
X-Host-Info
76d9392d18a8,; c1868610bf6e00aff964d92259894aabbee1f364 (HEAD -> refs/heads/release/2312.1.0, refs/remotes/origin/release/2312.1.0) delete _sp_uid cookie when user logout
ETag
10092305475230148034
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, must-revalidate, max-age=258
Httpd-Identifier
76d9392d18a8
X-Rack-Cache
fresh
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1552
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83a7814dfb4b5d1a-SYD
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Dec 2023 08:34:25 GMT
load.js
s.ntv.io/serve/ 		621 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.214.36.171 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-36-171.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f9a5f24c4d1eb64942b68f1e4fbadf78a8a1a3d15c49d32f3507fd321b8f53c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:25 GMT
Content-Encoding
gzip
x-amz-request-id
J0XMTXQBMS8YM53N
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
eZBC3DXXlJrUDzlZJod/UfAVoresdugkeKUH0SuNEan+Kak6ZyaM0mfH903lu8xWs4+dfggm+DM=
Last-Modified
Fri, 15 Dec 2023 03:25:54 GMT
Server
AmazonS3
ETag
"b8c7a72b1ba3639b0dcbafd3b20372ae"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
features
zephr.chicagotribune.com/zephr/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/features
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-102.syd62.r.cloudfront.net
Software
/
Resource Hash
65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
content-encoding
br
via
1.1 9ce11977697b826548974c991c092622.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
public, max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Eu9IbeHvplEenpmsonX5OdaneHC-NLbTpvpnI4E0LgsHqRWewUSX7A==
x-blaize-request
7f3d506a
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 07:16:38 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4667
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Dec 2023 09:16:38 GMT
sophi.min.js
cdn.sophi.io/latest/ 		125 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/latest/sophi.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72d4bde5ff8cdb3db436c3077fbc4a7556367c5b5099ecea01950b90333c74f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:05:45 GMT
content-encoding
br
via
1.1 ac2d783151ad01d001afb8d6b8b16550.cloudfront.net (CloudFront)
x-amz-version-id
OQLXxDEcuM.BfZcCuJIMKMD_UfW3s6Su
last-modified
Thu, 05 Oct 2023 17:29:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C2
age
5321
x-amz-server-side-encryption
AES256
etag
W/"cac135c94c5030bdae26fd56d8b7e507"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
8N8rS241t59jsP0B12iYBHYlypIHU3gxRl0qwvCRcqWpN9_ttGh29w==
ml.br.js
js.matheranalytics.com/static/ltm/ma89701/fusion/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1643
  • https://js.matheranalytics.com/static/ltm/ma89701/fusion/15/ml.br.js
153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma89701/fusion/15/ml.br.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
94f21bce369a8f9527205fdbdd4d7a310695cd522d20af1c189768865b41737c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:46:38 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:30:35 GMT
server
nginx
age
42467
etag
"bce5326199ddbc98e2a76bc534fc850b"
vary
Accept-Encoding
x-cache
HIT Tue, 21 Nov 2023 17:39:12 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45175

Redirect headers

date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma89701/fusion/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-served-by
2-gc-uswest1-t41p1037
/
cmp.osano.com/ Frame 289C 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-77.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
25453
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Sun, 24 Dec 2023 01:30:13 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
x-amz-cf-id
VyMX03vT97r-DTw9MQyrbGXDbEi4y3m2gUIqYjYYRWTGLfKOkS3SQw==
x-amz-cf-pop
SYD62-P1
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1703406865496&plid=12662742&idsite=chicagotribune.com&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&sref=&sts=1703406865491&slts=0&title=The+Theater+Loop%3A+Chicago+Theater+News+%26+Reviews+-+Chicago+Tribune&date=Sun+Dec+24+2023+16%3A34%3A25+GMT%2B0800+(Australian+Western+Standard+Time)&action=pageview&pvid=81439092&u=pid%3D48738134ab3150350a1d141cb51a0039
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.220.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-220-137.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:26 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 24-Dec-2023 08:34:26 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
13643a97-384a-4a61-b464-537871e37f43
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/13643a97-384a-4a61-b464-537871e37f43
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
266
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 		70 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/266?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-12-24T16%3A34%3A25%2B08%3A00&ts=1703406865543
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
02c5a06b4c13fd58a5f56263cc1486ea41ceae047e48912a062fe5ee9d962caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
13102
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Vp0H1ClthQK7g8VOBzG1RuSEF0aW2ZA2UNiDCUXVcBenE3BbAQaAuA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
read_auth
authenticate.chicagotribune.com/ 		101 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://authenticate.chicagotribune.com/read_auth?product_code=chiarc&master_id=&callback=jQuery575101973002481540_928988869169769200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.109.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-109-25.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
62cd9d59f2633ccf99d5dfefb7065610b62648e345138b4391e75c255b9b0aa8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-request-id
cab90f35978d0425b3ddad91ab288128
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.002887
server
Apache
x-host-info
76d9392d18a8,; c1868610bf6e00aff964d92259894aabbee1f364 (HEAD -> refs/heads/release/2312.1.0, refs/remotes/origin/release/2312.1.0) delete _sp_uid cookie when user logout
etag
"43334d05a35359783d6c753b71ac1c0b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, private, max-age=0
httpd-identifier
76d9392d18a8
x-rack-cache
miss
newsletter_sign_up.js
d1y4ng3lozj2yp.cloudfront.net/automatic_signups/v1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1y4ng3lozj2yp.cloudfront.net/automatic_signups/v1/newsletter_sign_up.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.101.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-101-66.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0ef3c7799e3c9c428e77633c733c2ba9eee2abb80a35284bdeaeb47650b7afd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 12:59:28 GMT
Via
1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront)
Last-Modified
Tue, 16 Aug 2022 14:45:31 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P1
Age
70537
ETag
"508c4a3d84c260589666d872bf03f49f"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2027
X-Amz-Cf-Id
H7Rv6S9IW-CrwJcxKkLNdWRWvt64lu62G5HrcgIiOTHOBNcWVSnXbg==
feature-decisions
zephr.chicagotribune.com/zephr/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.111.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-102.syd62.r.cloudfront.net
Software
/
Resource Hash
e1ef8cf9b812fef11186e3427458c238a5559295740d710aea8916ff7b6c3a98

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
content-encoding
br
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
_tY6t2SC7xaqyrs73whxHqzrXq-l7RfHO814QENh-H2pRqLAUU05lQ==
x-blaize-request
ffffffffc10a701a
feature-decisions
zephr.chicagotribune.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-102.syd62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://www.chicagotribune.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 9ce11977697b826548974c991c092622.cloudfront.net (CloudFront)
x-amz-cf-id
uzjS3d6ZO8vW_jcr9AwgCyLuiw14Y2zw9g4JyXor037TL7qZerpqGw==
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
600
content-length
0
date
Sun, 24 Dec 2023 08:34:26 GMT
server
nginx
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:26 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
chiarc-reaction-1q2w3-1580939748189956228.min.js
www.tribdss.com/meter/assets/
Redirect Chain
  • https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js
  • https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international
64 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
23.55.12.201 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-12-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
14251
X-Request-Id
36790d8fb9e612530b4ba84a3465a1e4
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.009261
X-Content-Digest
c9ca80d4d04a3c68e0ddbe3fb7bf02448f0875e0
Last-Modified
Tue, 27 Sep 2022 09:54:52 GMT
Server
Apache
X-Host-Info
e810c620889b,; 6bc1041e00adf70b2570b8110e71a863d7d26646 (HEAD -> refs/heads/release/2208.1.0, refs/remotes/origin/release/2208.1.0, refs/remotes/origin/release/2207.1.0) dss-17031 added service account for health check app
ETag
1580939748189956228
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=22382050
Httpd-Identifier
e810c620889b
X-Rack-Cache
miss, store

Redirect headers

Location
/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international
Date
Sun, 24 Dec 2023 08:34:25 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
t
jadserve.postrelease.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&ntv_mvi&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.95.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-95-187.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
278fd25ce778a3057a3cec28ef5fd1d72e02c8f83ac85aec6f05040d7f285a52

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1933
expires
Mon, 1 Jan 1990 12:00:00 GMT
d7755165-af00-4b49-906f-12670cbe90e8
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/d7755165-af00-4b49-906f-12670cbe90e8
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
b17cea05-6b9d-4cbe-861b-75105ef93f57
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/b17cea05-6b9d-4cbe-861b-75105ef93f57
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1433
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83a7814eabb65d1a-SYD
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Dec 2023 08:34:25 GMT
feature-decisions
zephr.chicagotribune.com/zephr/ 		31 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.111.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-102.syd62.r.cloudfront.net
Software
/
Resource Hash
99fe472b69f07a75391845fd2b287546896f9165d7ad2f6d95445530a78f0896

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
content-encoding
br
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
61KUXCEnCzsAxPkzAnBlB2P9PtRsaPWIcdrOdDE1dctnLMofFQ16_w==
x-blaize-request
ffffffffc06b8e99
feature-decisions
zephr.chicagotribune.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.111.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-102.syd62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://www.chicagotribune.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 24 Dec 2023 08:34:25 GMT
via
1.1 902b6168cd46b8e2de576dabe4e7f0f8.cloudfront.net (CloudFront)
x-amz-cf-id
S0Hacmt-hKSQG7foMvCU9pH7XKrCw4gGX9nDUEb6Lk57TFVIiymo8Q==
x-amz-cf-pop
SYD62-P2
x-cache
Hit from cloudfront
496abf42-1c69-4d26-8e21-26190236dd22
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/496abf42-1c69-4d26-8e21-26190236dd22
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
collect
www.google-analytics.com/j/ 		4 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=400281181&t=pageview&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&ul=en-us&de=UTF-8&dt=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=880930343&gjid=1155567311&cid=61678404.1703406866&tid=UA-6459251-3&_gid=983766581.1703406866&_r=1&_slc=1&gtm=45He3bt0n815K8DK4Vv843672834&cd1=chicagotribune&cd2=entertainment%3Atheater&cd3=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones&cd5=arc%20fusion&cd6=section&cd7=section&cd8=section&cd21=(none)&cd29=(none)&cd30=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd44=1025%7C%7C1223&cd95=(none)&cd96=signed-out&cd97=0&cd98=(none)&cd99=(none)&cd100=(none)&cd102=(none)&cd103=(none)&cd119=(none)&cd123=no%20subtype&cd124=(none)&cd135=(none)&cd139=&cd163=%2Fentertainment%2Ftheater&cm81=1&gcd=11l1l1l1l1&dma=0&z=1179273019
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=400281181&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&ul=en-us&de=UTF-8&dt=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ARC%20Sophi%20Rec~undefined~anonymous&ea=(none)&el=false%2C&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=61678404.1703406866&tid=UA-6459251-3&_gid=983766581.1703406866&gtm=45He3bt0n815K8DK4Vv843672834&cd1=chicagotribune&cd2=entertainment%3Atheater&cd3=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones&cd5=arc%20fusion&cd6=section&cd7=section&cd8=section&cd21=(none)&cd29=(none)&cd30=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd44=1025%7C%7C1223&cd95=(none)&cd96=signed-out&cd97=0&cd98=(none)&cd99=(none)&cd100=(none)&cd102=(none)&cd103=(none)&cd119=(none)&cd123=no%20subtype&cd124=(none)&cd135=(none)&cd139=&cd163=%2Fentertainment%2Ftheater&gcd=11l1l1l1l1&dma=0&z=479232931
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 04:26:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14851
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.29.3/ 		683 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.111.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87706e2ede4d13be9c333401097c8a2254f04f043c26b3b4f0a844900e5a237c

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:33:53 GMT
x-amz-version-id
QF7GvYlLwIOYYshNiCb1oBZWUgUoIHGE
content-encoding
br
last-modified
Thu, 14 Dec 2023 00:10:25 GMT
server
AmazonS3
age
33
x-amz-cf-pop
SYD62-P2
etag
W/"5c622a4f09c73cff35594c6895fc1edd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
mKzOUxB9YIqKWfUJSWQrwkmV3BK8f4n6R-t_NSnNtVBhBtHm3tPryw==
cc63486b-84f5-47a2-bcf3-f4df7049d7f2
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/cc63486b-84f5-47a2-bcf3-f4df7049d7f2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
84e9047b-87cd-4710-a2a3-7cdfcd39c59a
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/84e9047b-87cd-4710-a2a3-7cdfcd39c59a
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
a1d9a248-ed23-499d-b0a4-e408335c443e
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/a1d9a248-ed23-499d-b0a4-e408335c443e
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
5ee8a990-0519-4db5-b4fd-bc70247085c2
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/5ee8a990-0519-4db5-b4fd-bc70247085c2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
css2
fonts.googleapis.com/ 		2 KB
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
b6b7fdb86156778e845356bd7e5a5115fa013e525f6ddb6e604b8f31de1f5b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 08:34:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:34:25 GMT
ear-flash-sale-left.svg
www.chicagotribune.com/subscriptions/ad-arc-ears/img/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/subscriptions/ad-arc-ears/img/ear-flash-sale-left.svg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
41f11f646e259f22baac637aa29f6e84dff447b532c3f2d22cd435d8da1f8302
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
120, 120
x-amz-version-id
CZyA7RkECZoZmw5DNagGK_Dmtr3QUi4o
content-encoding
gzip
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
SYD1-C2
x-arc-request-id
0.c5a554b8.1703406865.1efeb982
server-timing
ak_p; desc="1703406865832_3092555205_520010114_4609_9848_1_0_146";dur=1
content-length
3833
last-modified
Thu, 28 Jul 2022 21:14:01 GMT
server
AmazonS3
etag
"a2e408c1a18b1deb52a40178d439e3f8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=1
x-amz-cf-id
QbdcBHElR2abQIwnHbILfV1Vh-6bNzufM4SvADw7BEzgNhFF15w5Gg==
expires
Sun, 24 Dec 2023 08:34:26 GMT
ear-flash-sale-a-right.svg
www.chicagotribune.com/subscriptions/ad-arc-ears/img/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/subscriptions/ad-arc-ears/img/ear-flash-sale-a-right.svg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
43222dd3c165ca832722ebd99e62517b3991a313f867870c3fc3cc21e928e4a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
120, 120
x-amz-version-id
EOCythw.C4HAqsi.aV_CKijKPvzO.Kon
content-encoding
gzip
date
Sun, 24 Dec 2023 08:34:25 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
SYD1-C2
x-arc-request-id
0.c5a554b8.1703406865.1efeb983
server-timing
ak_p; desc="1703406865833_3092555205_520010115_3882_9700_1_0_219";dur=1
content-length
4406
last-modified
Wed, 20 Jul 2022 18:16:59 GMT
server
AmazonS3
etag
"cc1b349815395028c0337f9907840b7b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=1
x-amz-cf-id
f4goXhIWL2q1ns1tou6g1ES6XbKPZ4vK2tPfWS3EhzxjdG980xzYZQ==
expires
Sun, 24 Dec 2023 08:34:26 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6459251-3&cid=61678404.1703406866&jid=880930343&gjid=1155567311&_gid=983766581.1703406866&_u=YEBAAEAAAAAAACAAI~&z=663041967
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 24 Dec 2023 08:34:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cmp.osano.com/ Frame 8828 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-77.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
25453
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Sun, 24 Dec 2023 01:30:13 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
x-amz-cf-id
w0NcJ_naMGTRjM2QQtWzO4NZslrxjss0IxUhsdvXQjXmD9wCkf2cGw==
x-amz-cf-pop
SYD62-P1
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-11.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding
gzip
via
1.1 8bec138951dfffa4e8e0ac983bb30e76.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 07:35:40 GMT
last-modified
Tue, 12 Dec 2023 13:01:22 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
3525
x-amz-server-side-encryption
AES256
etag
W/"6f5acc886b373331d622309f643f2f89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
5ThBzTxQvmrX0EpyjLHqc2w72JEMXG-K-IO_sIol1zij3g9HwzF01Q==
client
accounts.google.com/gsi/ 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client?ver=6.1.1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f84.1e100.net
Software
ESF /
Resource Hash
b4043947b3bdcbb076641350ad99bc53f5d150531eb73c8048e9102e8c4b0b70
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-KTJ6N5RIs_75u241vUjKGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-KTJ6N5RIs_75u241vUjKGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sun, 24 Dec 2023 08:34:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3bb6496bdc7cfb00d98bfdc7957e368fe0c701fc8012f2b612d1ee73f0132f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29501
x-xss-protection
0
server
cafe
etag
930 / 19715 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 08:34:26 GMT
op.js
tagan.adlightning.com/mng-trib/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/op.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-123.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c74a3d5627a4499efc5379666949261385df07c358d6405529065ef352f46eb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
w3q0IqZXlnJ_n1_8R2Mxd4QFzXEWXBiY
content-encoding
gzip
via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 08:29:43 GMT
x-amz-cf-pop
SYD1-C1
age
283
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8605
x-amz-meta-git_commit
552b890
last-modified
Fri, 22 Dec 2023 01:00:17 GMT
server
AmazonS3
etag
"86b667c792ac6affe58f6d3b4d7d62a4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
qEmN4DbOjrOU8JyfyEdY2BH-l_v5hNyj509AkXMNcwuHb1EMcpBqJg==
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:02:48 GMT
content-encoding
gzip
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront), 1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD62-P1
age
1898
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
7J6YOHMIZ7GjBDiotvxxwvz_jEepvPgC_exO8cPaigQFcHjDo2pMPw==
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Dec 2023 08:26:14 GMT
server
cloudflare
age
315
etag
W/"7649bc-856b-60d3d33e0e21c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
83a781505bb1aaff-SYD
expires
Sun, 24 Dec 2023 12:34:25 GMT
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:38:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:34:26 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 08:34:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:34:26 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1948311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXqsPxSa3evVSgK4PVgbY8NHMNdeyo%2FyCX83KoE96Stf8UAwJo4ogGdYQlhmY3MV0u%2FYPjfFd24HYtnF6PaKk8H7wOxbMp%2BpSFht48he4XCAyu36ugsGLClvNchh3iQW3uwCeQ5b"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83a781527efea97f-SYD
expires
Fri, 13 Dec 2024 08:34:26 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame E189 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2741220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GipMkojAdlTJmk5o9n%2FrNMISgS4TU0%2BxuXx0sv9kLdyN65xTIqO6SBTK3kos2ukpeO6ZrxmJmcXF2n%2BjUpKglfdPmy3McK0dpuP8PTz9krmHZUj1QEjdntBS3xHEcFP3Lf76lZ2n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83a781527f00a97f-SYD
expires
Fri, 13 Dec 2024 08:34:26 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sun, 24 Dec 2023 08:34:26 GMT
prebid.js
embed.sendtonews.com/library/prebid/8.6.0/ Frame E189 		443 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.111.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
i3B_jjvrdw.lF4dn27SHtSate1_g8CWu
content-encoding
gzip
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 00:53:56 GMT
last-modified
Wed, 29 Nov 2023 21:48:59 GMT
server
AmazonS3
age
27631
x-amz-cf-pop
SYD62-P2
etag
W/"4b9ce2a8c4f2b111ada55ff0f82ba870"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
6LSCGdMNEjlhSIU_BzlsffwBupw9cJpOR_z96PDBm2BkRRxK_73Kiw==
ppid.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ppid.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:46 GMT
server
cloudflare
age
304143
etag
W/"65833eca-2947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83a781518b34aabb-SYD
expires
Wed, 27 Dec 2023 08:34:26 GMT
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame E189 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.111.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-116.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
gzip
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 21:08:05 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
41181
x-amz-cf-pop
SYD62-P2
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Lqx17Ay8MHtiIOL-gNk2U3cEuvhsbrhFnsb4WUd0N7Gkab88ThmPFg==
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 16:05:11 GMT
via
1.1 7fe70ef74e6a71dc6fcd4b1b62861ffc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
59358
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
8YlWp2WSm1aD1tfgHmv8lG7nfyhG2305IEy1ra0mAdHYfBPs3nSmXQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 14:24:11 GMT
via
1.1 7fe70ef74e6a71dc6fcd4b1b62861ffc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
65420
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
NkadyN5XSDm4vNI3sWcoc3S4KeEWtUA9wkBM--IjMVSgILCJ64w2gA==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 16:05:09 GMT
via
1.1 7fe70ef74e6a71dc6fcd4b1b62861ffc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
59358
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
ko3ygc3wJf5t9PCDQYfVZIpYwai_8sbn94-ZOmKm-YTbVtnlUj_Z8A==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 10:12:20 GMT
via
1.1 7fe70ef74e6a71dc6fcd4b1b62861ffc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
80526
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
8Tjiukaw7vnOT04tw8KrSnwOF4xG_O1PgU3MrpV8HtYIvL8bqZVscw==
apstag.js
c.amazon-adsystem.com/aax2/ Frame E189 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:02:48 GMT
content-encoding
gzip
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront), 1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD62-P1
age
1899
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
kpRSqKCOnK1N1_CvjZ42x__fpglgNHyD4rf39ievcHT2ODPhiWudjQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=107495&version=7.29.3&age=231224&cmd=PRE_INIT&key=oX3gvkbQ&seq=1&order=1&vIndex=0&absoluteTime=6488.8&relativeTime=0.3&canonical=https://www.chicagotribune.com/entertainment/theater/&EXTREF=https://www.chicagotribune.com/entertainment/theater/&REF=https://www.chicagotribune.com/entertainment/theater/&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		39 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=GoaenNCxjVFrYolu&instance=107495&version=7.29.3&age=231224&ESG_key=oX3gvkbQ&type=FULL&EXTREF=https://www.chicagotribune.com/entertainment/theater/&REF=https://www.chicagotribune.com/entertainment/theater/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.111.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-116.syd62.r.cloudfront.net
Software
Apache /
Resource Hash
cd578ce3134a5ee11a46a6c33e523521450542920959bd514428a9fbffd3744e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
SYD62-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
8132
x-amz-cf-id
ftlxzpfCuNjM_eFvk82MTAolbj5gSYO9aepa9X2TzHokAMOcQxuH8A==
expires
Sun, 24 Dec 2023 08:34:27 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 20:50:20 GMT
x-content-type-options
nosniff
age
128646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 20:50:20 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 03:47:19 GMT
x-content-type-options
nosniff
age
449227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 03:47:19 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&cms=fusion&ptype=section&pubname=chicagotribune&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=fusion&tid=c6178bb4-2b73-4c93-8d9d-d87bc4e68e8e&pid=9aeb7356-a4d5-45fe-b720-504946290d17&dtm=1703406866040&qnm=_matherq&visible=1&tabid=f75b207f-ab21-434a-b501-15f6e94a8f8f&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&vp=1600x1200&ds=1600x11151&tofa=1703406866&vid=1&lvidt=1703406866&duid=a23b5d70-719a-4890-9c43-2dc77d15c83c&fp=757557249&cid=ma89701&mrk=197837611&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwMzQwNjg1OTUyOSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiI1MjI3IiwiZmV0Y2hTIjoiMjAzNyIsImRvbWFpblMiOiIyMDM4IiwiZG9tYWluRSI6IjIwMzgiLCJjb25uUyI6IjIwMzgiLCJjb25uRSI6IjIzNTciLCJzc2xTIjoiMjM0MCIsInJlcXVTIjoiMjM1NyIsInJlc3BTIjoiNDMxNiIsInJlc3BFIjoiNDcyMCIsImRvbUxvYWQiOiI0MzIwIiwiZG9tSW50ZXIiOiI1MjM3IiwiZG9tTG9hZFMiOiI1NjY3IiwiZG9tTG9hZEUiOiI1NzE4In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiNjE2Nzg0MDQiLCJyZWZUaW1lIjoiMTcwMzQwNjg2NjAzOSJ9XSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiOWFlYjczNTYtYTRkNS00NWZlLWI3MjAtNTA0OTQ2MjkwZDE3In0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiOWFlYjczNTYtYTRkNS00NWZlLWI3MjAtNTA0OTQ2MjkwZDE3In1dfQ
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-156-105.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sun, 24 Dec 2023 08:34:26 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
record
consent.api.osano.com/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-13.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
x-amzn-trace-id
Root=1-6587ed12-5e0b991d07496a953e751a5a
x-amzn-requestid
ef0a1190-ad32-4a1e-880b-d644d0d4efd9
x-cache
Miss from cloudfront
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id
QcH6_FrSoAMEt4Q=
x-amz-cf-id
g5hNZQhFUYzQlfesYv27CDenVR3syfqCte9cL76JZM9v8Z5sWdRjOA==
/
geo.privacymanager.io/ 		31 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.137.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-216-137-39-73.lax50.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 23 Dec 2023 09:15:35 GMT
via
1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1c5a7e2dbc29e2ce87f40dbbc168a96c.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, LAX50-P2
age
83931
x-amzn-requestid
c0f8ce7a-43fb-454e-856e-766921d43974
x-amzn-trace-id
Root=1-6586a537-315abcad102e71c37b82aae0;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
QY7AqENwDoEEgbw=
content-length
31
x-amz-cf-id
y401mGGPONp_YH9gkHLuvvrWjl7bg2lsiyx1S3YP87ZnbH9n1WTsJA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-13.syd62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
x-amz-apigw-id
QcH65EYNoAMEIoA=
x-amz-cf-id
rJYv7JFg7TXMMtG2yY4Z1lXlbWCWdsbV-mPgm12sWm6arVxErE63wA==
x-amz-cf-pop
SYD62-P2
x-amzn-requestid
4c516692-666e-4f95-b2a0-5c61da18206f
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.137.39.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-216-137-39-73.lax50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 cc451f1e6cde51f8161a259ce310b804.cloudfront.net (CloudFront), 1.1 1c5a7e2dbc29e2ce87f40dbbc168a96c.cloudfront.net (CloudFront)
x-amz-apigw-id
QcH68F7HDoEEYRA=
x-amz-cf-id
4oo5W6x-sMc5xoiRUCEmapkWlgGUYMU9Bn8JO7p2jDmI6SHWaahkXw==
x-amz-cf-pop
LAX54-P1 LAX50-P2
x-amzn-requestid
572108ca-984f-41ed-b69b-f5062994e7e9
x-cache
Miss from cloudfront
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 03:47:23 GMT
x-content-type-options
nosniff
age
449223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 03:47:23 GMT
rid
match.adsrvr.org/track/ 		109 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
d0e033699ca8e03daa29d6bcb4c8b5fe1ee98c1dd10765c463e68567702de8a6

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 23 Jan 2024 08:34:26 GMT
/
id.sv.rkdms.com/identity/ 		2 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.chicagotribune.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.215.67.68 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-67-68.us-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:26 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
2
vary
Accept-Encoding
content-type
application/json
identity
api.rlcdn.com/api/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.26.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.26.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 01:33:53 GMT
x-amz-cf-pop
SYD62-P1
age
25234
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Q5lz1OZnK5KtsSA8cbDTWkRymcBUBnan2EuQfQlMCQ4e-cLi6JmpPw==
b-552b890-bc02cc4e.js
tagan.adlightning.com/mng-trib/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-123.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f4b617a984bb7bec5fea820558b71b5099c61ce8c7875a9df9d97445e70206e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 18:57:37 GMT
content-encoding
gzip
via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront)
x-amz-version-id
PXIOVZBA8xVAtZRHb5a3mVGkB6wrDYt4
x-amz-cf-pop
SYD1-C1
age
653809
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26507
x-amz-meta-git_commit
552b890
last-modified
Thu, 14 Dec 2023 16:48:08 GMT
server
AmazonS3
etag
"d330a68b62242aead5b751bfa8e111f1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ENY_IQTNdHC1Jru0TO7oCLIkaxLb0B9y1gMi6WrICb8OKe79t-5eXQ==
bl-81a0f85-14a8a7f6.js
tagan.adlightning.com/mng-trib/ 		87 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/bl-81a0f85-14a8a7f6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-123.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3cb63a459e305a56ffb0e4363c5a396a935338fc4e213e642a12d25b7836974

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:16:20 GMT
content-encoding
gzip
via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront)
x-amz-version-id
74.LDNvkCeix1mtmsBvlAwRcPjQjgyyN
x-amz-cf-pop
SYD1-C1
age
199087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37126
x-amz-meta-git_commit
81a0f85
last-modified
Fri, 22 Dec 2023 00:59:48 GMT
server
AmazonS3
etag
"fbb19806ba9e016b6d5b46c99f0f6284"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WPGb1FIOCAs7vJ0qqcnRRMFvW_SLJeJenmkthLi_qzwJXxcs1atAiQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E189 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 01:33:53 GMT
x-amz-cf-pop
SYD62-P1
age
25234
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
GSHGNxCE5qcdFl6YPnCKgohyS9SU6ZeuKggCSnWGw0vMs4bUB_umhg==
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2841341&ntv_pl=1183930
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.95.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-95-187.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:26 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=3dc53313-6b90-40b4-9ec4-409f6ab9daa7&ntv_fl=6oLsmdSTO-lQX5QqUukckN5xpWlWeECuG87ZwnoQSGS_1NkBOmmBlfrjDWf_fg0OuLhWNzprrZ22p7ZwC4M1JUm9XN5haph29Ja9K6jGBTpZQW1WeYzYbXdzfgQ4XBLnnXBliKtAO_19sSgSXRbNNf98dR-u8a_A1Q7yYnszqyLsXkG7lBm1Y_DLcG-3jhynVTWdetJAiGN-uGzQXeyKN5EpDEWzuYFJR3xlGT-eBtgrobJYXHIuiir40ZiF_173-mAcdgzVSJLpusv1l7ShG7ZFnoyh2PA9-1T1NqQuEdRZgxG58fTJc8Wp_rugert0pvZPt0rFnPi5T5vPZrfS_7I0K9-y03HUVGeKoMAGqQQTx67vw0mvohko9dMjxi0LK8YTfbEzxit_gEtf2JgUtp00PwfiM2gB6qSQJu_oMK42TBAyTlCJGH22BLF2K07uUudQv6N5KuXSM32Wjd980g==&ntv_ht=Eu2HZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAuhASA&ord=1703406866290&ntv_it
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.95.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-95-187.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:26 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=7f215faa-d3dc-4bf7-a0aa-70a0dbebafda&ntv_fl=dTCpuUZogtWrkRtQPgWSJRKryYCjDD2VGKyI_mL8oAoRre_kbQ-IBwj0IBKc8ha8ej9lEJQ97f2Br27xkAsDJpGKAG1Ug26ds4gJ3BtStVcgp5dgm8Mr7omU4Qq1xLycrXul3jvW7AZJKyWveNtj3ncwxTnsWQdHABDDeDIIUvbYG6uQxHOwbu8F4WaWH1LRn9BKPtmbOeP8t1tSCA8kXMlA5NbG3yOdqua1jrMxxkUOVXB1W_Gxo3X8mDCKore2FevoQOpfDIU6MqWfYp1ahs-oSF4zUmz7_jhc0NAHozAfnzHt7BGhmbicPcPq6Lt8E_7Oh500gIbFjpmo2jY-aUTaNd-cP47pOVPD-Kpr3k2o3PBUCT-MGC5CDX0Ai9RxWsFTWFTh6tZ5sMom58_aG3Nw1nDpXZ6_00nsLKfZXj3_s8XB1-OBm0F4ERLK4YqbOUm0JLRLr9cZXfoQPHnMZQ==&ntv_ht=Eu2HZQA&ntv_at=303&ntv_a=AAAAAAAAAAuxASA&ord=1703406866294&ntv_it
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.95.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-95-187.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:26 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ccdb8b7b-2e98-488e-8daa-5094fb9bea9f&ntv_fl=eD_RDNbxmreDzs4s5X1tnugAxNBmRM8s3VmTQ01-yrKuiZELn_jJT9ALVMqABYKvwYVYZq88VAVSbWvKiO2gJ1CfKSe1IqPDjy3kYeXFy1SDeScfDmBQ7PeBO0tkgN7gvRzThiWZeBxb91OW7rAJN5zLlLpCDbseTV0YkxFwC0cm4ydMdanpVeyt54ZGo-pFlAfVto09HvECZH2B1iT0Y8JvFN5EmhB0GKMlDIr20r9jrUPGC5nmz5AUHtwxF25YQr0tTQheZxCAbkTRW6p6gRDqrjlqG4lQHR6Ra0bZ0MR5EtqbHGkOhoWjIz695wIJn_6Phrv6AHrVuh6bG5lP6VX9jMWqmDjKtwNIC9DAOYvLvfxEzB6_1vRgYgbkMZEGNGBKo-uPyMFA74wwuDzcJsjeYWKkQvJ3jyP_SZze8T10e0TnFngyxaT6D72AMymbRXB8FS14Rwm20L40KnzX9A==&ntv_ht=Eu2HZQA&ntv_at=303&ntv_a=AAAAAAAAAAvBASA&ord=1703406866294&ntv_it
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.95.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-95-187.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:26 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
ppid
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---&b=1&g=8jduupS35%2Flp9DNaSO6ufsEtzFkHiLj%2FVaeQAcmSRyw%3D&fp=LFMoCKbD9SoGRa7X6Yy6mmXhYH5TKuL1PIH1Mgm3REskUGuvofZ...
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---&b=1&g=8jduupS35%2Flp9DNaSO6ufsEtzFkHiLj%2FVaeQAcmSRyw%3D&fp=LFMoCKbD9SoGRa7X6Yy6mmXhYH5TKuL1PIH1Mgm3REskUGuvofZspvlnUFcg%2FoFvfwhZJVhQi4k2DSIOFsbkYg%3D%3D
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.chicagotribune.com
location
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---&b=1&g=8jduupS35%2Flp9DNaSO6ufsEtzFkHiLj%2FVaeQAcmSRyw%3D&fp=LFMoCKbD9SoGRa7X6Yy6mmXhYH5TKuL1PIH1Mgm3REskUGuvofZspvlnUFcg%2FoFvfwhZJVhQi4k2DSIOFsbkYg%3D%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
51f0a6c47cee4a664a92b67e0d552d94
r610.chicagotribune.com/plugin/plugin/ 		145 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/plugin/plugin/51f0a6c47cee4a664a92b67e0d552d94
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
5757f49e783830cc9fc1f2d675544f1a315c69952d203ea1331d3a55ac46d230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
age
951630
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
36838
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 08:13:55 GMT
server
-
etag
51f0a6c47cee4a664a92b67e0d552d94
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
yYhnAalvBzZu-KLTNNCJJAZcf4UvXZf96nUkrG5JXxS44okgn-mT0Q==
expires
Thu, 12 Dec 2024 08:13:55 GMT
6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
config.aps.amazon-adsystem.com/configs/ Frame E189 		564 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-14.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
14e06db8878ce6fcd09fd513ca16170901efdf36aef798feb62c4fda48d0c05d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:48:27 GMT
via
1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P2
age
2759
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
9F4FaU5G67UX-dGe_hCpsDBH6Q_fSucgAexP_x8vJO0G3sssKPjfcQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame E189 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.chicagotribune.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
Server /
Resource Hash
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:29:47 GMT
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P1
age
18278
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1764
x-amz-cf-id
-1pojrpvTl-hAzjxcHVLO8sVLPwPsEhjyocK9BQNiIo71VMyHLgE4Q==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&cmd=GET&key=oX3gvkbQ&c_id=4591&seq=1&order=2&vIndex=0&absoluteTime=6870.8&relativeTime=382.3&canonical=https://www.chicagotribune.com/entertainment/theater/&EXTREF=https://www.chicagotribune.com/entertainment/theater/&REF=https://www.chicagotribune.com/entertainment/theater/&playerCfg=BR&playerType=BARKER&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
q2xmtpqwbrmdkxui8g50eyylu6ll2npm.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/q2xmtpqwbrmdkxui8g50eyylu6ll2npm.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc4f07e9617f39f9e15807db90fb898a82bf309b1429de50209aad9c0a1e406f

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
41667
last-modified
Wed, 14 Jun 2023 16:28:38 GMT
server
AmazonS3
etag
"03a59d73457bede3c9d03f9b13b44cd2"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
P6e2NLeIjUy05CYSautzBDGuRp2lyzMgQHwzfVaJCAD5BtMNyy7KQQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&cmd=RTP&key=oX3gvkbQ&c_id=4591&seq=1&order=3&vIndex=0&absoluteTime=6872.5&relativeTime=384&sC_ID=9683&sm_id=2798099&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.chicagotribune.com/entertainment/theater/&REF=https://www.chicagotribune.com/entertainment/theater/&playerCfg=BR&playerType=BARKER&DS=found&eg.enabled=true&eg.delay=5&eg.ctdwn=7&eg.vl=12&eg.mid=rm&eg.source=p6&eg.time=false
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&ldt=API&key=oX3gvkbQ&c_id=4591&seq=1&order=4&vIndex=0&absoluteTime=6874.4&relativeTime=385.9&sm_id=2798099&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=9683&load=1&status=LVFNSNIY&ac_id=2008&api=float&float.float=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.154.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-154-17.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2db9dbe9e508943befef93ba539d3675a5e2c5701ce0671d5f2baab3070a116

Request headers

Referer
https://embed.sendtonews.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
7tPeP2y06Lzrusrk7vibUMM21T6DB.Rc
content-encoding
gzip
via
1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 1b0ec06e2dc8a07d495632f96e0234b4.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 11:07:33 GMT
x-amz-cf-pop
SEA19-C3, LAX53-P3
age
77214
x-cache
Hit from cloudfront
last-modified
Wed, 29 Nov 2023 22:05:10 GMT
server
AmazonS3
etag
W/"8c05f771b7f1423915f231f2744056e0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
_RSzC_0LmzEbOUEGamZ8nbbtzCRJsejtH0Gort8xDK8i0fLgb56fFw==
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 02:26:12 GMT
x-content-type-options
nosniff
age
454094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 02:26:12 GMT
impl.20231221-6-RELEASE.js
cdn.taboola.com/libtrc/ 		828 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fe663eec60a09befbe1ead3fbd8efea2cb0f4eceac379cf812c5e8f39bfe721b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vNZAYZ60TOWTB9Ads6U8C7BOy9GG6RmI
content-encoding
br
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:26 GMT
x-amz-request-id
JVW1MA9VN6YG1856
age
22400
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
175420
x-amz-id-2
7C4r8+vX6NiII7bpfe4gEU3tIyK6DCpmbNfryL61Z1L1BTbeFQY+ElK0kF36+S6DLHLyDA3doAA=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 21 Dec 2023 10:13:58 GMT
server
AmazonS3-br
x-timer
S1703406867.577743,VS0,VE0
etag
"2e5fc0835e8fbe3a1c0438d18f279d96"
vary
Accept-Encoding
content-type
application/javascript
abp
26
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3700
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=400281181&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&ul=en-us&de=UTF-8&dt=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SendtoNews%20Player&ea=readyToPlay&el=oX3gvkbQ&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=61678404.1703406866&tid=UA-6459251-3&_gid=983766581.1703406866&gtm=45He3bt0n815K8DK4Vv843672834&cd1=chicagotribune&cd2=entertainment%3Atheater&cd3=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones&cd5=arc%20fusion&cd6=section&cd7=section&cd8=section&cd21=(none)&cd29=(none)&cd30=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd44=1025%7C%7C1223&cd95=(none)&cd96=signed-out&cd97=0&cd98=(none)&cd99=(none)&cd100=(none)&cd102=(none)&cd103=(none)&cd119=(none)&cd123=no%20subtype&cd124=(none)&cd135=(none)&cd139=&cd163=%2Fentertainment%2Ftheater&gcd=11l1l1l1l1&dma=0&tcfd=10000&cm26=1&z=324939265
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 04:26:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14852
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6459251-3&cid=61678404.1703406866&jid=880930343&_u=YEBAAEAAAAAAACAAI~&z=1050847419
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6459251-3&cid=61678404.1703406866&jid=880930343&_u=YEBAAEAAAAAAACAAI~&z=1050847419
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame E189 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.131.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-131-47.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 24 Dec 2023 08:49:26 GMT
ima.js
cdn-ima.33across.com/ Frame E189 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
304143
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83a781545d2daabb-SYD
expires
Wed, 27 Dec 2023 08:34:26 GMT
hadron.js
cdn.hadronid.net/ Frame E189 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&ref=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&_it=amazon&partner_id=694
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
3662
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83a7815669265551-SYD
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
1ee6348d-c1b9-42b8-9a08-a54a52464323
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/1ee6348d-c1b9-42b8-9a08-a54a52464323
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
4271bd877997374149bf277d8710bacf
r610.chicagotribune.com/plugin/library/ 		408 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/plugin/library/4271bd877997374149bf277d8710bacf
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
b0cafd16bf0a7c3f7217d764a4d01f1394bc19052eb6b2cef6ff6800ef7e9459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
age
951629
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
133359
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 08:13:56 GMT
server
-
etag
4271bd877997374149bf277d8710bacf
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
KOZ4yh3zGRB20_dD8_mEEssiCWgEfnuSO33qOk8pcjkkEAyzBYyBag==
expires
Thu, 12 Dec 2024 08:13:56 GMT
LB-Zone-2
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/266/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/266/LB-Zone-2?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bcsessionid=&bctempid=d99160ac-1157-47b6-9e72-f7a336c35dd3&overruleReferrer=&time=2023-12-24T16%3A34%3A26%2B08%3A00&ts=1703406866636
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
0a3679f626fcbcad905b59d7f6e91d0e443da550a82d393a64aadd4c1c200135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
784
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ct8UHZd8-gGFaiian2kSCvtM1DEKFQObt96LcCoqdGnMQdWhhbmO5Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame E319 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bbeaa7b9b9943967557992f03a470ab9687e6324a86b1110e0d5c9ff2313342c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80232
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 08:34:26 GMT
WidgetTemplate.min.css
cdn-p.cityspark.com/cdn/widget/ Frame E319 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66e7656dc57ecf05b433ebae0948744b817616f643cc85099147f0cf89f21bba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 10:34:26 GMT
date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 08 Dec 2023 19:36:08 GMT
server
Microsoft-IIS/10.0
etag
"1da2a0dca6e2185"
x-powered-by
ASP.NET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
angular.min.js
cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/ Frame E319 		233 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 08:34:26 GMT
age
21537413
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
84345
x-served-by
cache-fra-eddf8230123-FRA, cache-bne12525-BNE
etag
W/"3a3d1-mQhO7M4PisJK9aOZxo7KSLWf0fo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
widgetcombined2.min.js
cdn-p.cityspark.com/cdn/widget/ Frame E319 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/widgetcombined2.min.js?v=11
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 10:34:26 GMT
date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b701231"
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame E319 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 23:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
30926
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 22 Dec 2024 23:59:00 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		119 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.141.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-141-90.lax3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2f2770331da97454b49f5da15de4b42f8d7f3e08f8cb69552ab7900b6a786a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
fE9wnnCNh5kwxr0cmWeHKRcxuMhW3U42
content-encoding
gzip
via
1.1 dec9922b433a67965d989132dbf95420.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 15:48:07 GMT
last-modified
Fri, 22 Dec 2023 16:18:01 GMT
server
AmazonS3
x-amz-cf-pop
LAX3-C4
age
60381
x-amz-server-side-encryption
AES256
etag
W/"66c3ad13a9422db4ec3a470300c6732f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
x-amz-cf-id
uVbRqvV6TMPLDeRpfJ_qXfWgBuJfVzWKQRcwIQuOw2S4r-buI_C6mA==
1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 		68 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=b82feaa73aa9
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.170.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:28 GMT
Last-Modified
Mon, 26 Oct 2020 16:52:19 GMT
Server
AmazonS3
x-amz-request-id
HK3M1JHNCPE9Y5Z4
ETag
"91e42db1c66c0b276abf6234dc50b2eb"
Content-Type
image/png
Cache-Control
no-store
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
q9K8BHK8bNqm5pbksd3lCltCzSmtO868C75H0Oaj/OGdlQu8O56BL9GUulL5qYaDJZcXnai7ZZc=
envelope
lexicon.33across.com/v1/ Frame E189 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
load.js
pm-widget.taboola.com/tribunedigital-network/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/tribunedigital-network/load.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a67fe1e3752a0a0fa3db75543bb7eaa6acc2e9627f903967e93225e205eb987

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vF2T8aSXjRlxqWyMzT2Z0V0wy42_Z.Xk
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:26 GMT
x-amz-request-id
VC24F7W65SHZBZTD
age
2681
x-cache
HIT
content-length
1509
x-amz-id-2
LMUQfUkzAgilfFkWiEuVP3f3WvQB4Kh0PX4w1TksqX7tkkATgUDmDdROqmYuyyFNg73qOnVrpGI=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 28 Sep 2023 13:46:10 GMT
server
AmazonS3
x-timer
S1703406867.889718,VS0,VE1
etag
"b70dde6d8e1125cd827915529558b476"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
.js
dyv1bugovvq1g.cloudfront.net/3/www.chicagotribune.com/entertainment/theater/ 		787 B
867 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/3/www.chicagotribune.com/entertainment/theater/.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.173.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-173-42.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
743aff87bd9a634c1ae32e122e1c8c40f957fdad1dc396f2f09af9138ce22c58

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
via
1.1 46fad0fa90a137a4d3e3f5f29cbccffc.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
230
x-amz-expiration
expiry-date="Fri, 23 Feb 2024 00:00:00 GMT", rule-id="cleanup"
last-modified
Sun, 24 Dec 2023 06:54:56 GMT
server
AmazonS3
etag
"ffce1aed09e34e7b37c87968711382ee"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=300
access-control-allow-credentials
true
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
-yNH3kDScROQ4YNCHgtqPBztMZMM153HnMXIWnD3vMDDMHauE_HEnw==
hb-multi
hb.yellowblue.io/ 		83 B
434 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.89.2.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-2-84.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
2c3f9e7a3da6579940bfdaa2eec384c08e8936546c755f78f58936ebf1d15d20

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.chicagotribune.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
prebid
ads.yieldmo.com/exchange/ 		0
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.24.0&p=%5B%7B%22placement_id%22%3A%22htlad-1-gpt%22%2C%22callback_id%22%3A%224a5fccf1d70fc%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223261757601590747474%22%2C%22gpid%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%231%22%2C%22tid%22%3A%2263063eff-2762-40c0-a473-5642594f03d5%22%2C%22auctionId%22%3A%22dd0d8885-46b0-4bf3-b077-938462871ed2%22%7D%5D&page_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bust=1703406866805&dnt=false&description=Chicago%20Tribune&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&w=1600&h=1200
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.34.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-34-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ 		439 B
782 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=469092&zone_id=2767824&size_id=2&alt_size_ids=55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&tg_i.domain=chicagotribune.com&tg_i.page=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&tg_i.pbadslot=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%231&tk_flint=pbjs_lite_v8.24.0&x_source.tid=dd0d8885-46b0-4bf3-b077-938462871ed2&l_pb_bid_id=64015a159cbd8f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=63063eff-2762-40c0-a473-5642594f03d5&rp_maxbids=1&p_gpid=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%231&m_ch_mobile=%3F0&slots=1&rand=0.9837131747262924
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4820a92bf392bbe71205cd586e2b14ba757b39abbce2ade1337b59ac7cbaa3ab

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
439
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
an-x-request-uuid
84bdad14-75a3-49f2-b8cf-0eb74bcd94ae
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
tribune
direct.adsrvr.org/bid/bidder/ 		0
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/tribune
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
auction
tlx.3lift.com/header/ 		19 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&tmax=2000&us_privacy=1---
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.140.162.50 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-162-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
accept-ch
sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=948355
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5115a5423518d3688fc7371a291c36d4a086b40c3f4c022bfe539989dd77d365

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqPfLJ5P7LSMJ0wbJqcY8S1ww0FoQuBwSU9FvBHtXf7rO2hcMMs5D0%2FeB48COnrVp%2F55iXM8Sm%2FbT8gEWqZlMYLkoq1PfrAYWAJ1hQ3IzFRGOh6IyqecxH91y1YLjJRaiFXShCux"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83a78155bae5571a-SYD
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=63088858808&lsavail=1
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
3503
config.aps.amazon-adsystem.com/configs/ 		532 B
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3503
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-14.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
ba1328e3dd341ce08d8980d82c48ea27789306494ae8f8d702e993e00ab53efb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:44:53 GMT
via
1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P2
age
2973
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
bCdCYfz_McAKIaCei0kxIHm8d4wvowPLzIjPcqPYTRD6IcwtIpoumw==
config
c.amazon-adsystem.com/cdn/prod/ 		925 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
Server /
Resource Hash
780c6bbb6af26bfd0e7fe7d36eab7dd6cfe905656061f72763a54719834afef0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:25:52 GMT
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P1
age
18513
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
925
x-amz-cf-id
y16cNM23dtLsbMAI_sjncwI3E1pr5Q7KVLLfP6MCHKd0HWcHsVbaTg==
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&pid=6ii0JLJ2nOjwx&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp=DBACOe~CP3So0AP3So0AEXeBAENAfEwAP_gAEPgAACgGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP3So0AP3So0AEXeBAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1---&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22c5f03ad1-96d7-4eba-8740-0358212a05f8%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
bd4072a30dd399e226302162ee7824a4cd1a5f55ba10819dbe14f68711646c4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 dc7f2062b70b5b710c1b09d21b43f900.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
0FuoLKdr2OVUvCTsLCyzUAaB43Jho4eSKBBr7s89kFOsKA1fqC20ZQ==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 20:01:51 GMT
content-encoding
gzip
age
995555
x-guploader-uploadid
ABPtcPocD0YnoAADvqc7KlMLx0DoxRPoRDOF6A7foRnDMkJNjZQyRJjYq-scOQiBNI42JIRH_Md_Ux9rbHTVBC8GaPi3GA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 11 Dec 2024 20:01:51 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
3278479763b80c28e04eb4f5c0375abb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.161.181.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-181-197.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sat, 23 Dec 2023 21:20:38 GMT
Via
1.1 b6627fed9d15c3c2e4291c0da8b9b05a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
KUL50-P1
Age
40431
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
7C6I-tuo5JMsrWjoyeN6zZJ1BZuP6B4M5Yqjua3algBtS9ZqBsv9Mg==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-46.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 18:26:53 GMT
content-encoding
gzip
via
1.1 60a3c74b395afbd3a50d71e59ea19eca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
50884
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
q3pmGUVTnwdn7jChwLAjCszIBvUsW2tFCdHefX6vSgDDUFIO8gRRAg==
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
304143
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83a78155ee83aabb-SYD
expires
Wed, 27 Dec 2023 08:34:26 GMT
truncated
/ Frame E319 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
icomoon.woff
cdn-p.cityspark.com/cdn/widget/fonts/ Frame E319 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/fonts/icomoon.woff?-35bf
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 10:34:27 GMT
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b700e5c"
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=7200
accept-ranges
bytes
content-length
2012
x-proxy-cache
HIT
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:27 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
600
content-length
0
date
Sun, 24 Dec 2023 08:34:26 GMT
server
nginx
style
accounts.google.com/gsi/ 		533 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hVSUJReQBjQsRhyFmjsCqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-hVSUJReQBjQsRhyFmjsCqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sun, 24 Dec 2023 08:34:26 GMT
status
accounts.google.com/gsi/ 		40 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=702688468841-a25742v8teenpthkvm42dij472hejio6.apps.googleusercontent.com&as=nDzQOBUPl6g6RmQqOrIlYQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f84.1e100.net
Software
ESF /
Resource Hash
681bbe9680ae5ae44eeb6d06c2ab166c1a7b457e0410cb73ddc77b02be6f6c40
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xHzT7qjePydF_qSCqQas1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-xHzT7qjePydF_qSCqQas1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
118 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
0
cdb
bidder.criteo.com/ 		0
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=83745652688&lsavail=1
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:26 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
335 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=948336
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa81178cea7fa49c90d742dffb4a2f405edd7547d4fb09ca277c8daae3fc051

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H70GCnCdhg333TjRBOTQwZrbUVT7r%2FRgjFuCVhCKP1bKL0B7Jx86ydvqfM4xwRJzFI32B%2FoHNFoBoVRze0Cs%2Br4X2QnlIvHd%2FlbV9t04Sh7RwZ9vsLVVsKJeEt4iPX25dCvQegk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83a781562b24571a-SYD
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
an-x-request-uuid
be52938a-588d-4c87-996c-739f97a0466d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		417 B
939 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=469092&zone_id=2767810&size_id=15&us_privacy=1---&rf=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&tg_i.domain=chicagotribune.com&tg_i.page=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&tg_i.pbadslot=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%233&tk_flint=pbjs_lite_v8.24.0&x_source.tid=0d76ae26-999d-4616-8097-f1516afbaf33&l_pb_bid_id=30ae02816476833&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=301993a2-d824-46c9-b653-16a5a1a48d3f&rp_maxbids=1&p_gpid=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%233&m_ch_mobile=%3F0&slots=1&rand=0.5859235401983287
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4e49d30bd41ac22839665e038310cfbfd237be350da00e1cca8753e4c5c59424

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
417
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-multi
hb.yellowblue.io/ 		84 B
434 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.89.2.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-2-84.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
7b31b645b818d1288fd69e0e275f1fe9dd6d85832a729dbd6731010c5c594414

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.chicagotribune.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
tribune
direct.adsrvr.org/bid/bidder/ 		0
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/tribune
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
auction
tlx.3lift.com/header/ 		19 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&tmax=2000&us_privacy=1---
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.140.162.50 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-162-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		237 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&pid=6ii0JLJ2nOjwx&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp=DBACOe~CP3So0AP3So0AEXeBAENAfEwAP_gAEPgAACgGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP3So0AP3So0AEXeBAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1---&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22c5f03ad1-96d7-4eba-8740-0358212a05f8%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
caaed1d491d3bdaff3b1bce74b8d90416583f27468d91c7a9a9117fab15ec45c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 dc7f2062b70b5b710c1b09d21b43f900.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
237
x-amz-cf-id
a3G28XUOrxS8HXclLIkp6ZGslUOvPu7Inake7ZNeKq6m72MjSNfg8w==
1q7no4035qo38120p1qqorns63s59037playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1q7no4035qo38120p1qqorns63s59037playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac1d608c9fff77e9bf2dffc850f84cfe564047597a9eb238bf68b0ac2f771276

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 18:11:24 GMT
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
51782
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Wed, 14 Jun 2023 16:22:37 GMT
server
AmazonS3
etag
"0d050f200c14a0db499228fe889121e0"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Rwyy5xTq8aUeFcyxFv0peM-fQTZWTheW-nUTWVmeFSTaQLn7CzN-DA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&cmd=IMA&key=oX3gvkbQ&c_id=4591&seq=1&order=5&vIndex=0&absoluteTime=7406.5&relativeTime=918&EXTREF=https://www.chicagotribune.com/entertainment/theater/&REF=https://www.chicagotribune.com/entertainment/theater/&playerCfg=BR&recoveryMethod=NONE&imaVersion=3.609.1&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 3894 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
457655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 01:26:51 GMT
expires
Wed, 18 Dec 2024 01:26:51 GMT
last-modified
Fri, 15 Dec 2023 16:47:56 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Dec 2023 08:34:27 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1124 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:54:00 GMT
ads
pubads.g.doubleclick.net/gampad/ 		36 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22960152043%2F54098006&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&plcmt=2&vid=2798099&us_privacy=1---&cust_params=sessionKey%3D114107495-GoaenNCxjVFrYolu%26schain%3Dstnvideo.com%2CSTN_0002637%26content%3D9683%26placementType%3DPremium%26embed%3DoX3gvkbQ%26domain%3Dchicagotribune.com%26player_size%3Dsmall%26player_width%3D920%26player_height%3D518%26player_type%3Dbarker%26smartmatch%3Dno%26version%3D7.29.3%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00189%26rand%3D9%26uhr%3D16%26iris_id%3Diris_baed641d57ef5f59%26iris_context%3Dic_2453406%2Cic_9067896%2Cic_0061279%2Cic_8168085%2Cic_8024878%2Cic_0749989%2Cic_1480324%2Cic_7160777%2Cic_9317723%2Cic_0084516%2Cic_9146060%2Cic_2291553%2Cic_3572470%2Cic_6703731%2Cic_7753435%2Cic_1740894%2Cic_1612662%2Cic_0344266%2Cic_8555203%2Cic_6552771%2Cic_1343647%2Cic_7753041%2Cic_2675413%2Cic_1649773%2Cic_9708954%2Cic_9954675%2Cic_3393155%2Cic_9677800%2Cic_1076642%2Cic_4440956%2Cic_4750630%2Cic_1655055%2Cic_9439788%26us_privacy%3D1---%26keywchk%3Dok
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
0431097556adadb810d9a6460952cdc2d42b96efc8a1fbc4663d990796397f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1460
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.131.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-131-47.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 24 Dec 2023 08:49:26 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
YP7RPYP37WT6EQM4
age
687
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83a78158edb16a72-SYD
x-amz-id-2
IyHXnqM1CFhskZq8laulluNMfvoSy8TNx+7QQjvWKtaWEFsm/sJB41+S+rLvZszlJIe15uuq7Pl2o/ixJF2cZw==
1q7no4035qo38120p1qqorns63s59037.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		3 KB
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/1q7no4035qo38120p1qqorns63s59037.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac97df2fbfe603d9f6e22459a4ecc203e2786f8bb2b38aeeb727841e68109b08

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 08:40:29 GMT
content-encoding
gzip
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
86038
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Wed, 14 Jun 2023 16:24:05 GMT
server
AmazonS3
etag
W/"473b596a89cb0cd8aa9c3007cbceb9bb"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
CYWiYk6o_gXWi7sakw7IHJZXObHoU_bNaxjTC7T8E1I-6KfH4jye7w==
card-interference-detector.20231221-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20231221-6-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ad1bdac24ea6e213f86e8b70336ef3ca5304faa3f217ee2793a61b0d5fa58cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
oaCuNI02Yt2wmuUk6eMw7rAL4K0TwPco
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:27 GMT
x-amz-request-id
QBZ1J5NA4DTGV0WW
age
252631
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2179
x-amz-id-2
PnaJoo0mHdqeVS9N7g09IjC3WuuiyiR3Q5eo7qiuwyuyuWyhyboqogaDa6lQUL4MBl8K0Wa0gaA=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 21 Dec 2023 10:23:45 GMT
server
AmazonS3
x-timer
S1703406867.107170,VS0,VE0
etag
"1973f962093024a77689ba38207e7895"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
9
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
16473
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
432034
expires
60
json
trc.taboola.com/tribunedigital-chicagotribune/trc/3/ 		211 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/trc/3/json?tim=16%3A34%3A27.047&lti=deflated&data=%7B%22id%22%3A321%2C%22ii%22%3A%22%2Fentertainment%2Ftheater%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1703156971501%2C%22vi%22%3A1703406867043%2C%22cv%22%3A%2220231221-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F%22%2C%22vpi%22%3A%22%2Fentertainment%2Ftheater%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11401%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-below-section-front-thumbnails-arc%22%2C%22orig_uip%22%3A%22taboola-below-section-front-thumbnails-arc%22%2C%22cd%22%3A10638.6875%2C%22mw%22%3A1436.40625%7D%5D%2C%22cacheKey%22%3A%22category%3D%2Fentertainment%2Ftheater%2Ctaboola-below-section-front-thumbnails-arc%3Dthumbnails-a%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0040155605050f9f4213a5320ef04ff1c83ce0f40f8e35f9fe9f6a211b8c9334

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
637
date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.11145833333333333
x-fastly-to-nlb-rtt
40741
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-krnt7300040-BFI
x-log-content-encoding
gzip
server
nginx
x-timer
S1703406867.124057,VS0,VE637
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
653p434860qp8518o0994r277415n18nbase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		16 KB
16 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/653p434860qp8518o0994r277415n18nbase.en.vtt
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97b63b55b44997ccdbbff6fe86f1160700ea3c9dfd275f620e7ffab486291120

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
15979
last-modified
Wed, 14 Jun 2023 16:23:43 GMT
server
AmazonS3
etag
"6d92dcf431b2908755efa78ca141184d"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
NDEU8wo3d72eEogVfsKP-rma-T_O9Jomb6ejt6-BeyILUh-Odo4HKA==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&rid=esp&cc=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
0a3a14e8f7f67ccade8799d4f19b031e2cb10a705366392a3b35b5d21537d300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-w5fc/QETRH1102v25O8P18XpRi8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.chicagotribune.com
location
/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=fusion&tid=c9d79e0f-5237-49a2-a9cf-892b88e3f151&pid=9aeb7356-a4d5-45fe-b720-504946290d17&dtm=1703406867159&qnm=_matherq&visible=1&tabid=f75b207f-ab21-434a-b501-15f6e94a8f8f&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&vp=1600x1200&ds=1600x11401&tofa=1703406866&vid=1&lvidt=1703406866&duid=a23b5d70-719a-4890-9c43-2dc77d15c83c&fp=757557249&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsidHlwZSI6InBheXdhbGwiLCJjYXRlZ29yeSI6ImJsb2NrIiwiYWN0aW9uIjoic3RvcCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJSZWNfUGF5d2FsbF9UZXN0Iiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vMSIsIm91dGNvbWVMYWJlbCI6IlNpdGUgTm90IEZvdW5kIn1dLCJtZXRlciI6e30sInRyaWFsVHJhY2tpbmdEZXRhaWwiOnt9LCJ2ZW5kb3IiOiJ6ZXBociIsImZsb3dyZWYiOnsiZGF5MCI6eyJmbG93IjoicGF5d2FsbCIsInRpZCI6ImM5ZDc5ZTBmLTUyMzctNDlhMi1hOWNmLTg5MmI4OGUzZjE1MSIsInRpbWUiOiIxNzAzNDA2ODY3In0sImRheTUiOnsidGltZSI6IjE3MDM0MDY4NjcifSwiZGF5MzAiOnsidGltZSI6IjE3MDM0MDY4NjcifX19LCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjYxNjc4NDA0IiwicmVmVGltZSI6IjE3MDM0MDY4NjcxNTgifV0sImF1ZGllbmNlIjpbeyJwcm92aWRlciI6InVzZXJEQiIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6IjlhZWI3MzU2LWE0ZDUtNDVmZS1iNzIwLTUwNDk0NjI5MGQxNyJ9LHsicHJvdmlkZXIiOiJpU2VncyIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6IjlhZWI3MzU2LWE0ZDUtNDVmZS1iNzIwLTUwNDk0NjI5MGQxNyJ9XX0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-156-105.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sun, 24 Dec 2023 08:34:27 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/g/ Frame E319 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je3bt0v9122458175&_p=1703406866651&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1550482072.1703406867&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fwidget%2FChicagoTribune%2F10012%2FEvents%20%26%20Things%20to%20Do%2F2a6528a5183a5797a%2F&sid=1703406867&sct=1&seg=0&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&dr=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&dt=WidgetTemplate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_hostname=p.cityspark.com&tfd=552
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.chicagotribune.com&url=https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
83a78159f88da820-SYD
content-length
0
content-type
application/json
date
Sun, 24 Dec 2023 08:34:27 GMT
debug
OPTIONS block
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ Frame E189 		113 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.chicagotribune.com&url=https://www.chicagotribune.com/entertainment/theater/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&ref=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&_it=amazon&partner_id=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ca6cc594acb4ad8fbfee85e73af090c7509073d097620e181eab3a2eb05659

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
83a7815af97aa820-SYD
ajax-loader.gif
cdn-p.cityspark.com/cdn/widget/ Frame E319 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-p.cityspark.com/cdn/widget/ajax-loader.gif
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 10:34:27 GMT
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b7019d2"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7200
accept-ranges
bytes
content-length
4178
x-proxy-cache
HIT
H4Mgn4dS_kG2-5DWR013XQ.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/H4Mgn4dS_kG2-5DWR013XQ.medium.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
74876348e3457273e60317a9f16d881af6a665880d7d82934590482169dd1f86
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
MISS
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
5Kj/SMFcgBQeeMd2i+fhtw==
content-length
155329
x-ms-lease-status
unlocked
last-modified
Fri, 13 Oct 2023 15:28:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBCC01192821E8
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
b83034f9-f01e-0072-18cb-343afe000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
fAg6H5-unESgkGTDU-vM7Q.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/fAg6H5-unESgkGTDU-vM7Q.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
00eba6a35ca2f6ba8d4cb10e39dc9743f165e5fe05df883085addacb761c6820
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
MVHaGqN9ccvw/Zgn3xwNKg==
content-length
23164
x-ms-lease-status
unlocked
last-modified
Wed, 30 Mar 2022 00:43:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA11E6419D21D9
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
dc9f0ff4-901e-005b-4064-28048a000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
B5WnZVBIN0qx7OqlFU1UHw.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/B5WnZVBIN0qx7OqlFU1UHw.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f675454b1eb998f08e6400a9a41ac7ae2eab274115dbe586c784d9c39ee07594
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
1iD1XrUagLQ98fen0xvxqQ==
content-length
38633
x-ms-lease-status
unlocked
last-modified
Tue, 28 Mar 2023 20:37:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2FCC43DB0FE0
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
9ec0e984-001e-003b-56a5-0e7815000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
CM0dfKpVp0uxugljQsa0wg.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/CM0dfKpVp0uxugljQsa0wg.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c1da63ae01f0c49c3ddaad4da5cf810d188498cedd8b2f4f4051dee58c838ea3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
uC/hh6nhiuKt4kTXhXUEDw==
content-length
10702
x-ms-lease-status
unlocked
last-modified
Tue, 05 Sep 2023 16:03:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBAE299E89FC9E
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
4889bae7-101e-0055-5cd5-242d3a000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
L6owNQpaiUqXZteudoLs_A.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/L6owNQpaiUqXZteudoLs_A.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
70c512cb9e53a27c317eb61e14f5a5e8caa1c796beb1b5cc125b27ecb9db21af
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
IgPPGs1DN8hA8+o2KFwi5g==
content-length
15453
x-ms-lease-status
unlocked
last-modified
Tue, 28 Mar 2023 21:00:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2FCF8282D9E0
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
1debb709-001e-003b-30bc-2d7815000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
1LYsK-INRkmiIZgr_I2LoA.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/1LYsK-INRkmiIZgr_I2LoA.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
91641b3f5ab57b83d56ba23ba3f9d61835b63bf76c0e68e16c337caaba211111
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
UsJPDBMJemgSyYeHDgRXlg==
content-length
18762
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 15:50:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBA4B9CBF14563
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
0930b3d2-801e-001a-3e4f-315c6e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
bgRP2Ts5FUij9TLjjeibUw.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		281 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/bgRP2Ts5FUij9TLjjeibUw.medium.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2fd4786c976f67c84985dde7a0f7b384e3bdb3602c68c5e9fb5108a20f6908cb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
eKM5VIIb16F1qd8ldtCxTA==
content-length
287820
x-ms-lease-status
unlocked
last-modified
Sat, 10 Sep 2022 22:58:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA937FFAEF6FE7
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
56a94895-801e-000a-06b9-829906000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
zCfc41Pgm0iGV6KbBx0_Qw.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/zCfc41Pgm0iGV6KbBx0_Qw.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f659371cfc7235fcbebd8e51941ab99c22c3dc88d7a4b263208e1e6a41a7ba0e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
vIYfFk8lB1T5zo0LQ5Hfcg==
content-length
29960
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 19:57:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3AC6EE60C7F6
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
674ee6af-601e-004f-12c5-024ce5000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
6756e2f8-df3a-4109-be99-5f1935512860.medium.JPG
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/6756e2f8-df3a-4109-be99-5f1935512860.medium.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bcb6524ecba4503be02dc24a56c40590469191ee7d010f207647debeb64bc2da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
FYkMvudlhb/8k/G7SLgTzQ==
content-length
10461
x-ms-lease-status
unlocked
last-modified
Thu, 21 Feb 2019 17:27:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D69821D2FD4E9B
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
6dc627ac-901e-0029-4cda-2f03c5000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
1EABlWuRH0a0wyXZ7MC-jQ.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/1EABlWuRH0a0wyXZ7MC-jQ.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4062f4b493526289edb6e6d9f37a29636d36bf1c11e444635daf520ed3fb68d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:28 GMT
strict-transport-security
max-age=0
content-md5
1ZLG/Gpe7lqV8TYoM+Xekg==
content-length
16774
x-ms-lease-status
unlocked
last-modified
Tue, 28 Mar 2023 16:30:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2FA9BC13836F
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
73b9b31e-401e-0048-1083-302086000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:28 GMT
FlAWzB-WHkKNKuqa5VIUGg.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/FlAWzB-WHkKNKuqa5VIUGg.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2aaed3c3bc1abebad1d691d6629a032f7cb60efc7927014a0eb13588f89f623d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
RNXaQe5YhpBSKpTuozUwCg==
content-length
24032
x-ms-lease-status
unlocked
last-modified
Mon, 14 Nov 2022 22:01:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC68BBA12F621
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
0930b3f3-801e-001a-584f-315c6e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
24e3f02b-29ab-4864-a962-595d03b1c50a.medium.JPG
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/24e3f02b-29ab-4864-a962-595d03b1c50a.medium.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2d11c1d8ebc1e6fb7fc8718a26773ee778807c7024a0b00a8b92074bc1c68c67
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:28 GMT
strict-transport-security
max-age=0
content-md5
gaPUFLB66fxMT/I2XvwNcw==
content-length
10332
x-ms-lease-status
unlocked
last-modified
Wed, 10 Aug 2022 18:01:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7AFA64E9D216
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
a9df9a88-b01e-0063-1969-28a04a000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:28 GMT
r-gLm0Rqz0--2yzEfGkFGw.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/r-gLm0Rqz0--2yzEfGkFGw.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d806630f8f34fcb8861f7b3f6b21f0ec7a096ed849d66df56c99a26aa9acc85e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
uOgYELmBJ0WuT1h+kXKH4g==
content-length
33186
x-ms-lease-status
unlocked
last-modified
Mon, 08 Nov 2021 16:27:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9A2D49C2BD3B5
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
c3e581e4-401e-0083-33ba-ce23d3000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
91ca3d97-eb12-4d90-9acd-cd073165067f.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/91ca3d97-eb12-4d90-9acd-cd073165067f.medium.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ba7988099dfc03e0f473fbc8e2dbc70866d8f534fdc5643b7dfc877d424d56e4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
oqG7RyHd53dkqJQwtNY9uw==
content-length
145115
x-ms-lease-status
unlocked
last-modified
Tue, 07 Aug 2018 02:04:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5FC0A0E8B265E
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a96bdc0f-d01e-0081-0562-289d6b000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
01c0e938-d917-4ad0-a8b7-0fa7ef0baae0.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/01c0e938-d917-4ad0-a8b7-0fa7ef0baae0.medium.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
28fc0aa4c7fe123c5eb98044e4b47416d4bb2e7cb74fd0cb0953e3928ba7195d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:28 GMT
strict-transport-security
max-age=0
content-md5
pLk+Rro+LbLA/1fmEzza5A==
content-length
19433
x-ms-lease-status
unlocked
last-modified
Tue, 16 Oct 2018 03:28:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D633176792C219
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
c042b314-701e-0053-40db-331e85000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:28 GMT
8a713bfe-fecd-4c04-a8d0-5d2fba15376d.medium.JPG
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/8a713bfe-fecd-4c04-a8d0-5d2fba15376d.medium.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b49922aa9bb64b69d5f97ca5f77da84d6d648072a9d34a5d3387e6a6f1c765c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:28 GMT
strict-transport-security
max-age=0
content-md5
AYLWv1106/bs513V9Vn4Gw==
content-length
18803
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jan 2022 14:47:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9DC23C17DDA96
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
4d86cbb3-b01e-005c-6fae-3f68e9000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:28 GMT
Zrl2oiTgEECKPzp19UYM6g.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/Zrl2oiTgEECKPzp19UYM6g.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
48f8e4c1e23417bc793d63648af151809f03da460e7239ffda47431798424cf7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:28 GMT
strict-transport-security
max-age=0
content-md5
1Qj9AL3s1Pi8irmP/ch0+w==
content-length
35512
x-ms-lease-status
unlocked
last-modified
Thu, 21 Apr 2022 15:17:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA23AA0E90DD9E
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
b6ea841c-e01e-007e-4dc2-2dadf6000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:28 GMT
U9HmHOxshUOpTN5DSxh3AA.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/U9HmHOxshUOpTN5DSxh3AA.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
038e34f0b7d13c052b7c3f35ae343785a36e7b851f66419c7f0f4da52d84a674
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
Y/Aq4T+Mu1Z9Yo/xsbBqrg==
content-length
34218
x-ms-lease-status
unlocked
last-modified
Wed, 11 Aug 2021 06:56:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D95C9529791DDD
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
e8befe5b-b01e-004c-4351-99ad81000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
SkcGTiJifk2nu76WZele5A.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		332 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/SkcGTiJifk2nu76WZele5A.medium.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
57aefa73d85db298c5a33696ee366282ca6ddaedb1112405a1662a703826a216
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
EXf0OsTSmOLqi0xeIt4hGw==
content-length
340153
x-ms-lease-status
unlocked
last-modified
Mon, 24 Oct 2022 22:52:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB6126391214F
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
7ad16f7a-701e-007c-4049-31134e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
vTDZrIY5DUqDtMWyVOHg9Q.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame E319 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/vTDZrIY5DUqDtMWyVOHg9Q.medium.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0cf520f27d8473488a05d42bf1a41727ece94663563b28250f285077cc5ccc97
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sun, 24 Dec 2023 08:34:27 GMT
strict-transport-security
max-age=0
content-md5
Vt1+0/8f+LPI9EQePtsD4w==
content-length
29707
x-ms-lease-status
unlocked
last-modified
Wed, 10 May 2023 16:41:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB51756575028A
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
441da97a-b01e-005c-4d36-3068e9000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Tue, 26 Dec 2023 08:34:27 GMT
1q7no4035qo38120p1qqorns63s59037-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		309 KB
310 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/1q7no4035qo38120p1qqorns63s59037-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
397b52ad51a20a5929e3835fe1ac5dc80f0b8da34f5845dddecd8f8bc67b7cf6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 08:40:31 GMT
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
86037
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-disposition
attachment
content-length
316780
last-modified
Wed, 14 Jun 2023 16:23:54 GMT
server
AmazonS3
etag
"c814555746b097ef2ed510ce76ffaff4"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
USnKZlsB-hUwbZnkgmkifU9FwYHOaYKrREVsqUUVc6eJDKJSdxRXqA==
pmk-20220605.30.js
pm-widget.taboola.com/tribunedigital-network/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/tribunedigital-network/pmk-20220605.30.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9f892139e697bb9ea1db18fdec0a6ec24e17e388e833963adfcc783bb110d4f

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
iBWJKgsdDrDzTdDwSqgLFpn6ZkEF0wrY
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:27 GMT
x-amz-request-id
CNT5872TB5WK611N
age
2138617
x-cache
HIT
content-length
28809
x-amz-id-2
nTlo3Gpxj1UUBN8ZkYimsEYWKSDOBjamGOfCBEfD0KghiR9ddHq4g/lNlCLKOw6YN5w96PJaDCo=
x-served-by
cache-bfi-kbfi7400060-BFI
last-modified
Thu, 28 Sep 2023 13:46:09 GMT
server
AmazonS3
x-timer
S1703406868.651557,VS0,VE0
etag
"47dd4e4fdd87733a0f1a1e1b829ed2a4"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1171
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=esp&ver=1.3.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Dec 2023 08:34:26 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
266
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 		574 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/266?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bcsessionid=d99160ac-1157-47b6-9e72-f7a336c35dd3&bctempid=&overruleReferrer=&time=2023-12-24T16%3A34%3A27%2B08%3A00&ts=1703406867392
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
b0d95366a577ac2dc950d1796835d1e1cd54313816f019d540ba13d6caadb022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
183
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
v1Hj7PFbXGSgoD-OX9lYNw6a04fILGEUl4Ans0_w6M8sOdjx_pQQ7A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
266
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 		192 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/266?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bcsessionid=d99160ac-1157-47b6-9e72-f7a336c35dd3&bctempid=&overruleReferrer=&time=2023-12-24T16%3A34%3A27%2B08%3A00&ts=1703406867394
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
dc1079e1a81dfa1df4e868c04a422a0b77ed63e8e7ce05707e43ff3fb9c81db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
171
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
F-oRm9LbAhywy8irnrrUEIBhBq4y0A-TwsBgH7RcYUQhq78wWqcLKQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
266
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 		192 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/266?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bcsessionid=d99160ac-1157-47b6-9e72-f7a336c35dd3&bctempid=&overruleReferrer=&time=2023-12-24T16%3A34%3A27%2B08%3A00&ts=1703406867405
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
cbf55c315b3b04acb354346ccc11706da77ef620891b9cfda1de4970954c88fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
171
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
-GhuSUH6Rb79Rkdi19v5K7vBltZinkVBKXc_d4YBd1iAzb5DEiaJwQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=400281181&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&ul=en-us&de=UTF-8&dt=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blueconic&ea=connection&el=dimensions&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=61678404.1703406866&tid=UA-6459251-3&_gid=983766581.1703406866&gtm=45He3bt0n815K8DK4Vv843672834&cd1=chicagotribune&cd2=entertainment%3Atheater&cd3=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones&cd5=arc%20fusion&cd6=section&cd7=section&cd8=section&cd21=(none)&cd29=(none)&cd30=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd44=1025%7C%7C1223&cd95=(none)&cd96=signed-out&cd97=0&cd98=(none)&cd99=(none)&cd100=(none)&cd102=(none)&cd103=(none)&cd119=(none)&cd123=no%20subtype&cd124=(none)&cd135=(none)&cd139=&cd163=%2Fentertainment%2Ftheater&gcd=11l1l1l1l1&dma=0&tcfd=10000&cd164=d99160ac-1157-47b6-9e72-f7a336c35dd3&cd166=no&z=1360537340
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 04:26:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14853
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.165.247 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-165-247.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2579a57717226af37995578f8cd93ed630cd40e930e4b3391893ce973cc1bbbe

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
x-server
10.42.1.107
access-control-allow-credentials
true
content-length
235
expires
0
iu3
s.amazon-adsystem.com/ Frame B253
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&dcc=t
366 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&dcc=t
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5118dea2c357c2d68cb39bcf228ed64d34dd34739b6dcc7d3f4236b476932b62
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
366
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 24 Dec 2023 08:34:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6FY1S1YDMA78585M09WJ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 08:34:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
X79YD10XWVFM9VXAY27S
cs
tribune.blueconic.net/DG/DEFAULT/ 		66 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tribune.blueconic.net/DG/DEFAULT/cs?bcsessionid=d99160ac-1157-47b6-9e72-f7a336c35dd3&&callback=bc_json268
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.94.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-94-162.compute-1.amazonaws.com
Software
- /
Resource Hash
a10a3b89118b26fa8472f1472e5291e268e2b005108db1b42684ef609068c833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=fusion&tid=33f08134-0aa2-4f49-8e26-49d1a86c9473&pid=9aeb7356-a4d5-45fe-b720-504946290d17&dtm=1703406867164&qnm=_matherq&visible=1&tabid=f75b207f-ab21-434a-b501-15f6e94a8f8f&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&vp=1600x1200&ds=1600x11401&tofa=1703406866&vid=1&lvidt=1703406866&duid=a23b5d70-719a-4890-9c43-2dc77d15c83c&fp=757557249&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoiY29udGVudCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJSZWNfUGF5d2FsbF9UZXN0Iiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vMSIsIm91dGNvbWVMYWJlbCI6IlNpdGUgTm90IEZvdW5kIn0seyJmZWF0dXJlTGFiZWwiOiJUb2FzdGVyIiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vNTMiLCJvdXRjb21lTGFiZWwiOiJCLUNULVpJUC1ELU4tVHN0In1dLCJtZXRlciI6e30sInRyaWFsVHJhY2tpbmdEZXRhaWwiOnt9LCJvdXRjb21lTGFiZWwiOiJTaXRlIE5vdCBGb3VuZCIsInZlbmRvciI6InplcGhyIiwidHlwZSI6InBheXdhbGwiLCJmbG93cmVmIjp7ImRheTAiOnsiZmxvdyI6InBheXdhbGwiLCJ0aWQiOiJjOWQ3OWUwZi01MjM3LTQ5YTItYTljZi04OTJiODhlM2YxNTEiLCJ0aW1lIjoiMTcwMzQwNjg2NyJ9LCJkYXk1Ijp7InRpbWUiOiIxNzAzNDA2ODY3In0sImRheTMwIjp7InRpbWUiOiIxNzAzNDA2ODY3In19fSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiI2MTY3ODQwNCIsInJlZlRpbWUiOiIxNzAzNDA2ODY3MTY0In1dLCJhdWRpZW5jZSI6W3sicHJvdmlkZXIiOiJ1c2VyREIiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiI5YWViNzM1Ni1hNGQ1LTQ1ZmUtYjcyMC01MDQ5NDYyOTBkMTcifSx7InByb3ZpZGVyIjoiaVNlZ3MiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiI5YWViNzM1Ni1hNGQ1LTQ1ZmUtYjcyMC01MDQ5NDYyOTBkMTcifV19
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-156-105.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sun, 24 Dec 2023 08:34:27 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
encrypt
esp.rtbhouse.com/ 		177 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
6bb175f86abcc01c241a9083821d08a869a81b5520e5b09c83fb86fbedecb1c7

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
469da321d79bcc6eb4938867180351bb
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
266
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/266?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bcsessionid=d99160ac-1157-47b6-9e72-f7a336c35dd3&bctempid=&overruleReferrer=&time=2023-12-24T16%3A34%3A27%2B08%3A00&ts=1703406867481
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
98a2ea71e157b2b7d9d07531b73ebc97fcd4fc5f493300807c50ed896b0b3def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1437
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
AWfFkx9FN1mdtVnAMNbufT57aVFj_Hok20UXt-Zs7J0nFTsYQhAZBw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1q7no4035qo38120p1qqorns63s59037.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		3 KB
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/1q7no4035qo38120p1qqorns63s59037.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-105.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46b5371117d04078248ac30bd15b952841a2e5e20d4128f3610cf5ad10f189cf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 08:40:35 GMT
content-encoding
gzip
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
86033
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Wed, 14 Jun 2023 16:24:41 GMT
server
AmazonS3
etag
W/"7f0919470f9f43d9a0e33b84bae7d268"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
gWK7W2NlJDO5-GIjuS3-gv8NQDXm6ZcLNB7-zoQt6sEDQWS0-cPtfg==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 24 Dec 2023 08:34:27 GMT
translator
hbopenbid.pubmatic.com/ Frame E189 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame E189 		184 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
9f312919ab724d69629ba0e3df69fc18e83b3ed4b101ae0a49970aad9d3ba22e

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.5.0
Content-Type
application/json
access-control-allow-origin
https://www.chicagotribune.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
prebid
ib.adnxs.com/ut/v3/ Frame E189 		19 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
an-x-request-uuid
f11de96a-3da1-421a-a60b-591b860a923e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame E189 		36 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc6229c240f16708f2d39ca6e7e5508cb18e4b2e0be6d69f2d0df07cb3f8111

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KW36yveUId0Ndg1nfcRPwyCvlKgiDi1H%2FV3ZKN9C5lmQW59BhJB2NuCIqPN0mo5fJFIG%2Fs%2FNvgbpxQgjF%2Bx8gfVujiDd3v55N0XnTZsGiXn9DoEUh6wFPOaQgd5%2B6HIN440SC4J"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83a7815a4e48571a-SYD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ Frame E189 		19 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&tmax=3000&us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.140.162.50 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-162-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
accept-ch
sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame E189 		11 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
hb
hb.undertone.com/ Frame E189 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3590&domain=chicagotribune.com&ccpa=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-126.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 35202ecfee8e63e178de36be1b541f0e.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
x6s5NLDQ8h5WjuYyvOyVl9iQGHBmwDWG8_6SZHeZ57QLAMWURbavPA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame E189 		657 B
996 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&pid=JrBDCPZYYgUCp&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_baed641d57ef5f59%22%7D%2C%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!stnvideo.com%2CSTN_0002637%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22c5f03ad1-96d7-4eba-8740-0358212a05f8%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
b326e360e93cde30ad148ecacd6132a107a60cffc7c7f6fee309f2f1f6303045

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 dc7f2062b70b5b710c1b09d21b43f900.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
657
x-amz-cf-id
4o2XeUnSLFhNI1UqS_PMmoOUPUyBXyUpC6kesdlhuvbcadv4JtUBDw==
pd
google-bidout-d.openx.net/w/1.0/ Frame A10F 		615 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2be8427430e7224f12fa866716a531fde2ad5d1726db5f218bfa7154db642a0c

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
379
content-type
text/html
date
Sun, 24 Dec 2023 08:34:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
fe0c268d-7349-4eb0-88bd-92eeb41b7b5e
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/fe0c268d-7349-4eb0-88bd-92eeb41b7b5e
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		135 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5FB9R9B
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1e41bed45469f5aa1999ef5bbffa07fbeb3c1184720bfc09dbc2f2e0424dcf6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52451
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Dec 2023 08:34:27 GMT
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D3%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-72.compute-1.amazonaws.com
Software
/
Resource Hash
4bacd8bdc9484ed67e2910781a529e931e3129507a16036f4e346bbf554fb210

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Sun, 24 Dec 2023 08:34:28 GMT
connection
keep-alive
x-amzn-RequestId
e261885c-3349-5c12-a0ec-d65ddc1d5291
Content-Length
378
Content-Type
text/xml
sd
us-u.openx.net/w/1.0/ Frame A10F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=62b80b6b-bf0b-7356-fbed-63b3780ef663&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=da55406d-0593-41c8-8da4-7f3f342c02e4&ttd_puid=62b80b6b-bf0b-7356-fbed-63b3780ef663&gdpr=0&gdpr_consent=
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=da55406d-0593-41c8-8da4-7f3f342c02e4&ttd_puid=62b80b6b-bf0b-7356-fbed-63b3780ef663&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=da55406d-0593-41c8-8da4-7f3f342c02e4&ttd_puid=62b80b6b-bf0b-7356-fbed-63b3780ef663&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 08:34:27 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame A10F
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYftFMCo8X4AAJcvMggAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYftFMCo8X4AAJcvMggAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 24 Dec 2023 08:34:28 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.163","key":"ZYftFMCo8X4AAJcvMggAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad382"}
X-SO-Key
ZYftFMCo8X4AAJcvMggAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad382
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYftFMCo8X4AAJcvMggAAAAA
Cache-Control
private
X-SO-HostName
m-ad382.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
66.203.112.163
sd
jp-u.openx.net/w/1.0/ Frame A10F
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWTyUUvmQbZ3ks8AEDxkFOa8p88AAAGMmvYV1g
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWTyUUvmQbZ3ks8AEDxkFOa8p88AAAGMmvYV1g
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
via
1.1 483c7c88d4db2ecfd894042db6a4e9c8.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWTyUUvmQbZ3ks8AEDxkFOa8p88AAAGMmvYV1g
cache-control
no-cache
content-length
0
x-amz-cf-id
43wZpQWznfoZsvMWlYCvfdoHPliY6vscCUF6F7w6A8iMQVMYjm_k7w==
expires
-1
pixel
cm.g.doubleclick.net/ Frame A10F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGVkN2Q4YTEtNzY3Yy0yZGYyLWVlMGQtMzkwYWIyZWMzODAz
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGVkN2Q4YTEtNzY3Yy0yZGYyLWVlMGQtMzkwYWIyZWMzODAz&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGVkN2Q4YTEtNzY3Yy0yZGYyLWVlMGQtMzkwYWIyZWMzODAz&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGVkN2Q4YTEtNzY3Yy0yZGYyLWVlMGQtMzkwYWIyZWMzODAz&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A10F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF7OUdK07DXpeNEGkWEErVg&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF7OUdK07DXpeNEGkWEErVg&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF7OUdK07DXpeNEGkWEErVg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.js
cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/ 		88 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/config.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96773b4af0ee4898823a0c7dca1aae86754dcd67dcc96c68473644bed6907ca7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 11:57:16 GMT
server
cloudflare
x-amz-request-id
DQ4BZC8EAV2K84RT
age
578
etag
W/"6e0360ce6c3a4358ef9d938a79fa9298"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
83a7815dcd44dfaf-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
C5ZB5BqJ8hQwK8l1C00U2Ehh6AHKx1/NZCqAxJ5KbBU7NcWkFoGR6gUIJ6KT92Kwt7mCh/QnEbwT+ocHalNk2g==
694
a.ad.gt/api/v1/u/matches/ Frame E189 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&ref=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&_it=amazon&partner_id=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52586858e5eee0f81bc3681890ab601c27cfa062cd8823c57269903d6abf45c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Dec 2023 08:33:52 GMT
server
cloudflare
age
36
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
83a7815ded9d571b-SYD
iu3
s.amazon-adsystem.com/ Frame E7D1
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&dcc=t
357 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c385fefcb7b0d37f7a4fb8ecb910ebda9a1e682a363dee364de0781ccb422f11
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
357
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 24 Dec 2023 08:34:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
V7XA1F86NRXMPKHTNSZ7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 08:34:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XMYB5JBHXKBNK1HG6VZW
UnitRecoReelWidgetDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.6/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.6/UnitRecoReelWidgetDesktop.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1e2f8324ff598954b87892626060523b886af0898c423dd7fb9ae0c639d9841

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 da37f9d14579e71e6ccdf22a428360fe.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
SEA900-P3
age
396691
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34453
x-served-by
cache-bfi-kbfi7400060-BFI
last-modified
Tue, 19 Dec 2023 18:17:24 GMT
server
AmazonS3
x-timer
S1703406868.021588,VS0,VE0
etag
"fb7b995c6bd770ad0ebe701945480c24"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
c1V5tAqjbB37XEHrBgVo16uDEulXgnch5DRoJDl6oOIfdnXptI4mmQ==
x-cache-hits
1475
userx.20231221-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231221-6-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
accaceb4846ad583d1dc334d4bf843ce576b0f12359988cd0f7d316aa37813d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
LY9m_DPl3hqmiTkKZ7Yl5wxEwPoOYcKt
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:28 GMT
x-amz-request-id
3GD4T9QTEWQPY21P
age
252624
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5397
x-amz-id-2
KIr47SwNDQR1PRbygjL7Nbz5GWRBpgECjRGdcP14uDvRvlBhOhmLA8rpYeQyQrXaSQQ8sWhjIVU=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 21 Dec 2023 10:23:10 GMT
server
AmazonS3
x-timer
S1703406868.022666,VS0,VE0
etag
"a6fe858fc0dabcbac4812bb9cb89967f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13604
distance-from-article.20231221-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231221-6-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cb8130702088124b2c83acf10845c278984c8bd84ca17e22bebd4ebd5aa72e6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
cNfVBsw4naCfT5P5ZBQV8d6yjRPwhv8H
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:28 GMT
x-amz-request-id
1GKY5AY3RZX0JWBF
age
252642
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
3FifU3C68bvuVTLFaBA8VxXUNGwtrcrsUEzg9Js7SX/0f/H8QOSUVsaAwdppb4BtLPj99ys5K44=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 21 Dec 2023 10:23:42 GMT
server
AmazonS3
x-timer
S1703406868.024371,VS0,VE0
etag
"5990ef30ccaa49a3b85c59d106da0c9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
52648
article-detection.20231221-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231221-6-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49da2800a745ccd79fa0495be32c6221c15e109d91e0544caafb129913fe325e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
UifYiWIBfCC_cImLst.usY6v1iUgGOx9
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:28 GMT
x-amz-request-id
53ZMPX27VAM2WP7N
age
252632
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
aX8Yx5xXFfNQCkrsz+VbhQR/lg0OCOemVzVCpQzZCd2YtG+tKgBtuNJHsZVWdEBJae/ROS8qwCk=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 21 Dec 2023 10:23:49 GMT
server
AmazonS3
x-timer
S1703406868.025616,VS0,VE0
etag
"ccb51cd2aa71dd52aeeac37916f047ef"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
52661
explore-more.20231221-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231221-6-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f0e0e0a345c71362655aec8ec60b105bc69e4e846351623ba7fa7b60884c4d0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
S3os2HvU6GL0d0FaCY1Az2hfHZCg3aYj
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:28 GMT
x-amz-request-id
1GKVTVKWHTJWYXSA
age
252642
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
Z+tsXggCNv6IylPOg3sEWPSo1XGpLwnykWyPczReOy/+dUqj9gj7okLuC5usaR2U1X2DI4ivMF4=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 21 Dec 2023 10:23:39 GMT
server
AmazonS3
x-timer
S1703406868.027332,VS0,VE0
etag
"6ca83b93502a9f0fc425dc557cbb8cbf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22513
feed-card-placeholder.20231221-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231221-6-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa47780143a54c056a03fed58a8b7eb0e99c340b9b6b6a3409f360912e6a06d0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
o.KrgfcNjEm.UTrQNpKAzc7RRXTeLcDm
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:28 GMT
x-amz-request-id
1GKMDJHVNHTNYRHV
age
252642
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
raPIfSnAlu8Vxa1Gbmu5ZjAz8UkZ06ro7/1iONpN3XThAAA4g6umSlSlTeicM8/0GUVKgwNqmNU=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 21 Dec 2023 10:23:37 GMT
server
AmazonS3
x-timer
S1703406868.029919,VS0,VE0
etag
"c13d8d5ed324fc15f4a726be2c418fef"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
70
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
49630
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.6/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.6/UnitFeedManagerDesktop.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 7a670805e30fb9b175e270bf291f30fa.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
SEA900-P3
age
396690
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34238
x-served-by
cache-bfi-kbfi7400060-BFI
last-modified
Tue, 19 Dec 2023 18:17:25 GMT
server
AmazonS3
x-timer
S1703406868.145890,VS0,VE0
etag
"cf9f8c79c74a3093183012fb770abf82"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
UysAxNrSSIIzatV3OJF6N3oLT5QOYzmxX9YVWvfBQ3mpl8WeUWroBg==
x-cache-hits
7873
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:28 GMT
x-amz-request-id
3T91Q8JYT7QSA6FB
age
30
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
VHAxiYkbvRywBMyYOTlgry7CZ0cYuNYv8XHIi9uKoBJgYC+ZRhZVDipLGxUqloh+jevU98bNduE=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1703406868.230091,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
18
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
8
debug
trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=16%3A34%3A27.912&type=warn&msg=Delta%20mode%20replace%3A%20placement%20taboola-below-section-front-thumbnails-arc%20%7C%20Card%206%20is%20missing%20from%20preloadRequest&llvl=2&id=1446&cv=20231221-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
259589
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1703406867932%7D&tim=16%3A34%3A27.933&id=6199&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/supply-feature?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A34%3A27.956&id=9526&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
B30649777.377742089;dc_pre=CI-GrorVp4MDFb6crAIdQZgBPw;dc_trk_aid=568855039;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.377742089;dc_trk_aid=568855039;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_tre...
  • https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.377742089;dc_pre=CI-GrorVp4MDFb6crAIdQZgBPw;dc_trk_aid=568855039;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;d...
42 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.377742089;dc_pre=CI-GrorVp4MDFb6crAIdQZgBPw;dc_trk_aid=568855039;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=chicagotribune.com
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.377742089;dc_pre=CI-GrorVp4MDFb6crAIdQZgBPw;dc_trk_aid=568855039;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=chicagotribune.com
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B30649777.382497703;dc_pre=CNCJrorVp4MDFfzUcwEd5pIGZw;dc_trk_aid=573526408;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.382497703;dc_trk_aid=573526408;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_tre...
  • https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.382497703;dc_pre=CNCJrorVp4MDFfzUcwEd5pIGZw;dc_trk_aid=573526408;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;d...
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.382497703;dc_pre=CNCJrorVp4MDFfzUcwEd5pIGZw;dc_trk_aid=573526408;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=chicagotribune.com
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1589746.2069703TABOOLA/B30649777.382497703;dc_pre=CNCJrorVp4MDFfzUcwEd5pIGZw;dc_trk_aid=573526408;dc_trk_cid=193655493;ord=2023-12-24+08%3A34%3A27;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=chicagotribune.com
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1.png
d24zb9qreavi2u.cloudfront.net/ 		95 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d24zb9qreavi2u.cloudfront.net/1x1.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-126.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:28:17 GMT
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 07:24:25 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
25572
etag
"71a50dbba44c78128b221b7df7bb51f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
1A1wLPI4wZ6QpZsHVLEWxENz17b05rweWQaXYqOedl7oBoeKaOhujg==
debug
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=16%3A34%3A28.173&type=info&msg=Load%20publisher%20card%3A%20%23taboola-skip%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23taboola-skip%20succeed&llvl=2&id=7392&cv=20231221-6-RELEASE&lt=deflated&idx=pc&pc=%23taboola-skip&st=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
181543
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3Anull%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1703406868175%7D&tim=16%3A34%3A28.175&id=6800&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/social?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune%22%2C%22sec%22%3A%22entertainment%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fstatic.themebuilder.aws.arc.pub%2Ftronc%2F1657752871824.svg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=16%3A34%3A28.189&id=9499&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1703406868195%7D&tim=16%3A34%3A28.195&id=7095&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1703406868205%7D&tim=16%3A34%3A28.206&id=8187&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
266
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 		383 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/266?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bcsessionid=d99160ac-1157-47b6-9e72-f7a336c35dd3&bctempid=&overruleReferrer=&time=2023-12-24T16%3A34%3A28%2B08%3A00&ts=1703406868224
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-92.syd1.r.cloudfront.net
Software
- /
Resource Hash
b08adc41c5d058ee4e0b817a587272f1a12a689bcd50c357d5c023fef730ac06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
180
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
CGQ7XgFtWSps8AD2b9I5pQohrdy6yXb9yPjya6-OMPpsViegECk41A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
place
mng-trib-tagan.adlightning.com/ 		0
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mng-trib-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJtbmctdHJpYiIsInVybCI6Imh0dHBzOi8vd3d3LmNoaWNhZ290cmlidW5lLmNvbS9lbnRlcnRhaW5tZW50L3RoZWF0ZXIvIiwiYWRVbml0IjoidGJsLW9ic2VydmUtNTUgdGJsLW9ic2VydmUtNTkiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoibi9hIiwiY2FtcGFpZ25JZCI6Im4vYSIsImNyZWF0aXZlSWQiOiJuL2EiLCJsaW5laXRlbUlkIjoibi9hIiwiYWRTZXJ2ZXIiOiJUYWJvb2xhIn0sInd2IjoiMS4wLjArNTUyYjg5MCIsImJ2IjoidW5kZWZpbmVkO3VuZGVmaW5lZCIsInRhZ01hcmt1cCI6IjxkaXYgb2JzZXJ2ZWlkPVwidGJsLW9ic2VydmUtNTUgdGJsLW9ic2VydmUtNTlcIiBkYXRhLWl0ZW0taWQ9XCJ%2BflYxfn4xNDE5MzQ5NjM0MDQ5MTAxOTQyfn5DQ3Y3X3NlQXEya0hoUHRxS09KUDQ4RVZVMjh2amFNcUZQeENnaU8wS0RJZTc5TmktZUJuZDhpUTRLbXZ2WC1RV2pzTTNTSHlvakJuSnpqZExtZEdWQlh4U3ZHY1hGQmxta2hpMFBuZnRiMVB5bHB4WGc0cGRWN3lPdkFJUWJQUmpkZDhaekxobzJ2RkF4VnF6UV9aYnE5MUFSVW0yaThiTlBlOVJCVlNZZHZpZUtHYklNM1hlS0VYUk45UGhvYzJcIiBkYXRhLWl0ZW0tdGl0bGU9XCJDaG9vc2luZyB0byBQcm90ZWN0IFlvdXJzZWxmIEFnYWluc3QgQ09WSUQtMTk6IEhvdyB0byBTdGF5IEluZm9ybWVkIGFuZCBUYWtlIEFjdGlvblwiIGRhdGEtaXRlbS10aHVtYj1cImh0dHA6Ly9jZG4udGFib29sYS5jb20vbGlidHJjL3N0YXRpYy90aHVtYm5haWxzL2UyNzU3MjIxYjEwOGI5NGQxMGNmMjUyZGI4OGJkOTlkXCIgZGF0YS1pdGVtLXN5bmRpY2F0ZWQ9XCJ0cnVlXCIgY2xhc3M9XCJ2aWRlb0N1YmUgdHJjX3Nwb3RsaWdodF9pdGVtIG9yaWdpbi1kZWZhdWx0IHRodW1ibmFpbF90b3Agc3luZGljYXRlZEl0ZW0gdGV4dEl0ZW0gdmlkZW9DdWJlXzJfY2hpbGRcIiBhZGwtY2hlY2s9XCJ0cnVlXCI%2BPGEgYXR0cmlidXRpb25zcmM9XCJcIiB0aXRsZT1cIlwiIGhyZWY9XCJodHRwczovL3d3dy5yZWFsc2ltcGxlLmNvbS9mZWF0dXJlZC9vcmlnaW5hbC1wbHVzL2Nob29zaW5nLXRvLXByb3RlY3QteW91cnNlbGYtMjAyM1wiIHJlbD1cIm5vZm9sbG93IG5vb3BlbmVyIHNwb25zb3JlZFwiIHRhcmdldD1cIl9ibGFua1wiIGNsYXNzPVwiIGl0ZW0tdGh1bWJuYWlsLWhyZWYgXCIgc2xvdD1cInRodW1ibmFpbFwiIHRhYmluZGV4PVwiLTFcIiBhcmlhLWxhYmVsPVwiQ2hvb3NpbmcgdG8gUHJvdGVjdCBZb3Vyc2VsZiBBZ2FpbnN0IENPVklELTE5OiBIb3cgdG8gU3RheSBJbmZvcm1lZCBhbmQgVGFrZSBBY3Rpb25cIj48ZGl2IGNsYXNzPVwidGh1bWJCbG9ja19ob2xkZXJcIj48c3BhbiBjbGFzcz1cInRodW1iQmxvY2tcIiBvYnNlcnZlaWQ9XCJ0Ymwtb2JzZXJ2ZS0xMDhcIj48c3BhbiBjbGFzcz1cInRodW1ibmFpbC1vdmVybGF5XCI%2BPC9zcGFuPjxzcGFuIGNsYXNzPVwiYnJhbmRpbmdcIj5SZWFsIFNpbXBsZTwvc3Bhbj48c3BhbiBjbGFzcz1cInN0YXRpYy10ZXh0IHRvcC1yaWdodFwiPjwvc3Bhbj48L3NwYW4%2BPGRpdiBjbGFzcz1cInZpZGVvQ3ViZV9hc3BlY3RcIj48L2Rpdj48L2Rpdj48L2E%2BPGEgYXR0cmlidXRpb25zcmM9XCJcIiB0aXRsZT1cIlwiIGhyZWY9XCJodHRwczovL3d3dy5yZWFsc2ltcGxlLmNvbS9mZWF0dXJlZC9vcmlnaW5hbC1wbHVzL2Nob29zaW5nLXRvLXByb3RlY3QteW91cnNlbGYtMjAyM1wiIHJlbD1cIm5vZm9sbG93IG5vb3BlbmVyIHNwb25zb3JlZFwiIHRhcmdldD1cIl9ibGFua1wiIGNsYXNzPVwiIGl0ZW0tbGFiZWwtaHJlZiBcIj48c3BhbiBjbGFzcz1cInZpZGVvLWxhYmVsLWJveCB0cmMtbWFpbi1sYWJlbCBcIj48c3BhbiBjbGFzcz1cInZpZGVvLWxhYmVsIHZpZGVvLXRpdGxlXCIgc2xvdD1cInRpdGxlXCI%2BQ2hvb3NpbmcgdG8gUHJvdGVjdCBZb3Vyc2VsZiBBZ2FpbnN0IENPVklELTE5OiBIb3cgdG8gU3RheSBJbmZvcm1lZCBhbmQgVGFrZSBBY3Rpb248L3NwYW4%2BPHNwYW4gY2xhc3M9XCJicmFuZGluZyBjb21wb3NpdGUtYnJhbmRpbmdcIiBzbG90PVwiYnJhbmRpbmdcIj48c3BhbiBjbGFzcz1cImJyYW5kaW5nLWlubmVyXCI%2BUmVhbCBTaW1wbGU8L3NwYW4%2BPHNwYW4gY2xhc3M9XCJicmFuZGluZy1zZXBhcmF0b3JcIj58PC9zcGFuPjxkaXYgY2xhc3M9XCJsb2dvRGl2IGxpbmstZGlzY2xvc3VyZSAgYXR0cmlidXRpb24tZGlzY2xvc3VyZS1saW5rLXNwb25zb3JlZCBhbGlnbi1kaXNjbG9zdXJlLWxlZnRcIj48YSBjbGFzcz1cInRyY19kZXNrdG9wX2Rpc2Nsb3N1cmVfbGluayB0cmNfYXR0cmlidXRpb25fcG9zaXRpb25fYWZ0ZXJfYnJhbmRpbmdcIiByZWw9XCJub2ZvbGxvdyBzcG9uc29yZWQgbm9vcGVuZXJcIiBocmVmPVwiaHR0cHM6Ly9wb3B1cC50YWJvb2xhLmNvbS9lbi8%2FdGVtcGxhdGU9Y29sb3Jib3gmYW1wO3V0bV9zb3VyY2U9dHJpYnVuZWRpZ2l0YWwtY2hpY2Fnb3RyaWJ1bmUmYW1wO3V0bV9tZWRpdW09cmVmZXJyYWwmYW1wO3V0bV9jb250ZW50PXRodW1icy1mZWVkLTAxLWI6dGFib29sYS1iZWxvdy1zZWN0aW9uLWZyb250LXRodW1ibmFpbHMtYXJjIHwgQ2FyZCAxOlwiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuPlNwb25zb3JlZDwvc3Bhbj48L2E%2BPGEgY2xhc3M9XCJ0cmNfbW9iaWxlX2Rpc2Nsb3N1cmVfbGluayB0cmNfYXR0cmlidXRpb25fcG9zaXRpb25fYWZ0ZXJfYnJhbmRpbmdcIiByZWw9XCJub2ZvbGxvdyBzcG9uc29yZWQgbm9vcGVuZXJcIiBocmVmPVwiaHR0cHM6Ly9wb3B1cC50YWJvb2xhLmNvbS9lbi8%2FdGVtcGxhdGU9Y29sb3Jib3gmYW1wO3V0bV9zb3VyY2U9dHJpYnVuZWRpZ2l0YWwtY2hpY2Fnb3RyaWJ1bmUmYW1wO3V0bV9tZWRpdW09cmVmZXJyYWwmYW1wO3V0bV9jb250ZW50PXRodW1icy1mZWVkLTAxLWI6dGFib29sYS1iZWxvdy1zZWN0aW9uLWZyb250LXRodW1ibmFpbHMtYXJjIHwgQ2FyZCAxOlwiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuPlNwb25zb3JlZDwvc3Bhbj48L2E%2BPC9kaXY%2BPC9zcGFuPjwvc3Bhbj48L2E%2BPC9kaXY%2BIiwibWV0YSI6eyJwbFJhdGlvIjowLjAxLCJJQUJDb25zZW50U3RyaW5nIjp7InRjZmFwaSI6W3sidGNmUG9saWN5VmVyc2lvbiI6NCwiY21wVmVyc2lvbiI6MTkyMSwiY21wSWQiOjI3OSwiZ2RwckFwcGxpZXMiOmZhbHNlLCJldmVudFN0YXR1cyI6InRjbG9hZGVkIn1dLCJ1c3BhcGkiOlt7InZlcnNpb24iOjEsInVzcFN0cmluZyI6IjEtLS0ifV19fX0%3D&i=1-1&t=adltag_lqj8gvg7_kQSQ448squD&r=5bae34f72a75eb9bc49348c7e9e36cf&c=mng-trib&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-60.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ouWMufNbKmoYI4ZO5Df1D0vnr3en5Fo5
date
Sat, 23 Dec 2023 13:22:11 GMT
via
1.1 4279a60193243ca3cf62feedc7fe581e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
69138
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 16 Nov 2023 21:23:53 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
gem1uI2FPL13JUKzya2c-etVIzvpHePngyjux529vxLCNr9AR2wmyw==
hadron.js
cdn.hadronid.net/ Frame E189 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=694&sync=1&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
3664
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83a7815fccd35551-SYD
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
694
p.ad.gt/api/v1/p/ Frame E189 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/694
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84902b349d13c9809321456c05f34b5353cc7a40ef081ee4c0619cf44bb1d2e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Dec 2023 08:34:08 GMT
server
cloudflare
age
20
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83a78161bee1572d-SYD
match
ids.ad.gt/api/v1/ Frame E189
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001703406868-JDOOG8VT-7B3G%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&adnxs_id=399068538422166660&gdpr=0
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&adnxs_id=399068538422166660&gdpr=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a78162ca0379ce-SYD
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
an-x-request-uuid
3bc1e814-6c24-49f7-a152-c8ed7fe12c21
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&adnxs_id=399068538422166660&gdpr=0
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/ Frame E189
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703406868-JDOOG8VT-7B3G&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a78161c94b79ce-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
date
Sun, 24 Dec 2023 08:34:28 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/ Frame E189
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703406868-JDOOG8VT-7B3G
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703406868-JDOOG8VT-7B3G
  • https://ids.ad.gt/api/v1/pbm_match?pbm=73B371E3-A85A-4D1A-AD8C-90FAF9FA26DB&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=73B371E3-A85A-4D1A-AD8C-90FAF9FA26DB&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a78164fbee79ce-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=73B371E3-A85A-4D1A-AD8C-90FAF9FA26DB&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
date
Sun, 24 Dec 2023 08:34:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/ Frame E189
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001703406868-JDOOG8VT-7B3G&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&rub=LQJ8GVDY-1Y-64YE&gdpr=0
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&rub=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a781693f5e79ce-SYD
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&rub=LQJ8GVDY-1Y-64YE&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4290507b7388fb86809e552482e2fff0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/ Frame E189
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001703406868-JDOOG8VT-7B3G&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703406868...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001703406868-JDOOG8VT-7B3G&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e42cd243-253d-41b2-a603-b0125185d9c0%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=da55406d-0593-41c8-8da4-7f3f342c02e4&ttd_puid=e42cd243-253d-41b2-a603-b0125185d9c0%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&tapad_id=e42cd243-253d-41b2-a603-b0125185d9c0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&tapad_id=e42cd243-253d-41b2-a603-b0125185d9c0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a78164fbe779ce-SYD
content-length
43
content-type
image/gif

Redirect headers

date
Sun, 24 Dec 2023 08:34:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&tapad_id=e42cd243-253d-41b2-a603-b0125185d9c0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/ Frame E189
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001703406868-JDOOG8VT-7B3G
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&google_gid=CAESEPO7eA9FESy2tQZQ3K9StN0&google_cver=1&google_ula=450542624,0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&google_gid=CAESEPO7eA9FESy2tQZQ3K9StN0&google_cver=1&google_ula=450542624,0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a78161c94e79ce-SYD
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&google_gid=CAESEPO7eA9FESy2tQZQ3K9StN0&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E189
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001703406868-JDOOG8VT-7B3G
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNjg2OC1KRE9PRzhWVC03QjNH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNjg2OC1KRE9PRzhWVC03QjNH
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNjg2OC1KRE9PRzhWVC03QjNH
date
Sun, 24 Dec 2023 08:34:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a78161c94f79ce-SYD
content-type
text/html; charset=utf-8
0
sync.1rx.io/usersync/audigent/ Frame E189 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001703406868-JDOOG8VT-7B3G%26unruly_id%3D%5BRX_UUID%5D
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
son_match
ids.ad.gt/api/v1/ Frame E189
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&uid=cf077e2d-1baa-45dc-a6b7-5ae6f51e5aa5&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&uid=cf077e2d-1baa-45dc-a6b7-5ae6f51e5aa5&gdpr=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a781652c0c79ce-SYD
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-23
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G&uid=cf077e2d-1baa-45dc-a6b7-5ae6f51e5aa5&gdpr=0
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ip_match
ids.ad.gt/api/v1/ Frame E189 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001703406868-JDOOG8VT-7B3G
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a78161c95279ce-SYD
content-type
text/html; charset=utf-8
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&ldt=VPL&key=oX3gvkbQ&c_id=4591&seq=1&order=6&vIndex=0&absoluteTime=8942.2&relativeTime=2453.7&sm_id=2798099&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=9683&load=1&status=LVFNMNIY&ac_id=2008&durationMeasured=2000&viewableTime=0&viewablePercent=0
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
supply-feature
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/supply-feature?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2250.6875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A34%3A28.490&id=9151&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/ 		20 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 08:02:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:34:28 GMT
css2
fonts.googleapis.com/ 		2 KB
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
b6b7fdb86156778e845356bd7e5a5115fa013e525f6ddb6e604b8f31de1f5b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 08:12:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:34:28 GMT
spa-detector.20231221-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231221-6-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2173471d2057bf7f6a4f1e832e72dca89b13655ac8fad8780c2c984160d6ec61

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
8YaLphvefMeXx18mqXBSBUHYdVABE_yN
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:28 GMT
x-amz-request-id
R7HCG0S95S1V5GHY
age
252664
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
+13NzOlMMdOyGrmk2tti6Mmudsf4gbc4O894GKoMbM1MJy/ANHrvVv43VdjCyNosIvZnBned2ns=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 21 Dec 2023 10:23:22 GMT
server
AmazonS3
x-timer
S1703406869.589198,VS0,VE0
etag
"cf6122dde452420bb4c5828858c83586"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
0
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
23206
supply-feature
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/supply-feature?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A34%3A28.502&id=6842&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1703406868505%7D&tim=16%3A34%3A28.506&id=714&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/supply-feature?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A34%3A28.511&id=5433&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Menu_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pf/resources/icons/Menu_Icon.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406868.1efec4f7
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406868547_3092555205_520013047_1032_16789_1_0_146";dur=1
content-length
505
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"3078b03aa176e280460db6374ed5934b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
LPCD3kaAoR-PoF9goxiDX9kvm_6PLuUgfe_Gwyi-n5h6OpWTWX5pLw==
expires
Mon, 23 Dec 2024 08:34:28 GMT
Search_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pf/resources/icons/Search_Icon.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD52-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406868.1efec4f9
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406868537_3092555205_520013049_169_15537_1_0_146";dur=1
content-length
700
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"d947de375e50e50a1aa4f7951e3c56b0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
1QptNB4oA7cn69H6IsSXFOlZE8TC8x5X4F4lbSi8FcQbjmy-FcWFYQ==
expires
Mon, 23 Dec 2024 08:34:28 GMT
20.svg
www.chicagotribune.com/pf/resources/images/weather_icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pf/resources/images/weather_icons/20.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-84-165-201.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
7da8ed02f662c043e8ffd867b6cc772564a08c7d2fe38b8ef06500e968ced3ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.c5a554b8.1703406868.1efec4fa
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703406868536_3092555205_520013050_75_16518_1_0_146";dur=1
content-length
1053
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"0d3a5a7bb684a6699c308a3821e100c0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
_EoTKuzWW7JWlPOqHVrzP28R7Fb-FgScRZgpj9C1DrCPyD8uMA-9Lw==
expires
Mon, 23 Dec 2024 08:34:28 GMT
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1703406868517%7D&tim=16%3A34%3A28.517&id=894&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ads
securepubads.g.doubleclick.net/gampad/ 		171 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3515674252318606&correlator=1490853993895425&eid=31079962%2C31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&iu_parts=4011%2Ctrb.chicagotribune%2Cent%2Cstage%2Cblog%2Cchrisjones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703406868561&lmt=1703406863&adxs=1134&adys=598&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&vis=1&psz=464x0&msz=464x0&fws=0&ohw=0&ga_vid=61678404.1703406866&ga_sid=1703406869&ga_hid=400281181&ga_fc=true&ga_cid=1550482072.1703406867&a3p=EhsKDDMzYWNyb3NzLmNvbRiSqNjXyTFIAFICCG8SGQoKdWlkYXBpLmNvbRioo9jXyTFIAFICCGQSWgoNY3J3ZGNudHJsLm5ldBJAZmEwMzY1NWNkYWZmNWZmZmJiZTZiNjBjYjFhNzE4NWNhMDJjMDNiNjllYzVmMWU5NTZjMGYzODE4OTQ0NjM4Nhj6rdjXyTFIABI-CgVvcGVueBIsZXlKcElqb2ljMUpSTUUxb1lVMVVTMGRvVHpaMFlraERia1p1WnowOUluMD0YvKnY18kxSAASlgEKCHJ0YmhvdXNlEoABcnRoclJCSmhTZ0NIQ3A4d1NRTXpvSXFUM2ZJb2xnMXFQQ2pMc2tpem82ZVlPbXd1bXlEd0swZXEvaGhPUmlaK3dEeGJFU2QvbjdZd01QMDJVVGdsY25KSzJCakNSV3ZZQnJOVnFuWlZFLzdlMG9kWVlZcGt0c2t5MkJvQjErelcYzarY18kxSAA.&dlt=1703406863849&idt=2919&prev_scp=htl_slot%3Dcube%26pos%3D1%26adlite%3Dfalse%26optimera%3DZ%252CA6%252CJ1%252CA5%252CDE&cust_params=htlbidid%3D27503%26is_testing%3Dno%26has_ats%3Dtrue%26ss%3Dl%26ref%3Dnone%26ptype%3Dsf%26subtype%3D%26site%3Dtrb.chicagotribune%26slug%3D%26cid%3D%252Fentertainment%252Ftheater%26at%3D%26design%3Darcfusion&adks=588754960&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
d589128c9dc738c5683bf988b437331d5d2b8dc2c2671cab1c5775024343124b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47948
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A82F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 08:34:29 GMT
expires
Mon, 23 Dec 2024 08:34:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		157 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3515674252318606&correlator=4380115880106675&eid=31079962%2C31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&iu_parts=4011%2Ctrb.chicagotribune%2Cent%2Cstage%2Cblog%2Cchrisjones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%2C1x1&fluid=height%2C0&ifi=2&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703406868598&lmt=1703406863&adxs=315%2C82&adys=408%2C13025&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=2%7C3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&vis=1&psz=1432x0%7C1436x0&msz=1432x0%7C1436x0&fws=0%2C0&ohw=0%2C0&ga_vid=61678404.1703406866&ga_sid=1703406869&ga_hid=400281181&ga_fc=true&ga_cid=1550482072.1703406867&a3p=EhsKDDMzYWNyb3NzLmNvbRiSqNjXyTFIAFICCG8SGQoKdWlkYXBpLmNvbRioo9jXyTFIAFICCGQSWgoNY3J3ZGNudHJsLm5ldBJAZmEwMzY1NWNkYWZmNWZmZmJiZTZiNjBjYjFhNzE4NWNhMDJjMDNiNjllYzVmMWU5NTZjMGYzODE4OTQ0NjM4Nhj6rdjXyTFIABI-CgVvcGVueBIsZXlKcElqb2ljMUpSTUUxb1lVMVVTMGRvVHpaMFlraERia1p1WnowOUluMD0YvKnY18kxSAASlgEKCHJ0YmhvdXNlEoABcnRoclJCSmhTZ0NIQ3A4d1NRTXpvSXFUM2ZJb2xnMXFQQ2pMc2tpem82ZVlPbXd1bXlEd0swZXEvaGhPUmlaK3dEeGJFU2QvbjdZd01QMDJVVGdsY25KSzJCakNSV3ZZQnJOVnFuWlZFLzdlMG9kWVlZcGt0c2t5MkJvQjErelcYzarY18kxSAA.&dlt=1703406863849&idt=2919&prev_scp=htl_slot%3Dtop_fluid%26pos%3D1%26adlite%3Dfalse%26optimera%3DZ%252CD4%252CJ5%252CD3%252CE1%252CJ6%252CE0%252CDE%7Chtl_slot%3Dskin%26pos%3D1%26adlite%3Dfalse&cust_params=htlbidid%3D27503%26is_testing%3Dno%26has_ats%3Dtrue%26ss%3Dl%26ref%3Dnone%26ptype%3Dsf%26subtype%3D%26site%3Dtrb.chicagotribune%26slug%3D%26cid%3D%252Fentertainment%252Ftheater%26at%3D%26design%3Darcfusion&adks=1076070205%2C3863787604&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
c38963e1ff1c3d8fc25d54a3f85453b219817df6e8d9dabdf65a5c3f6f29e769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47293
x-xss-protection
0
google-lineitem-id
-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
bfcd371232f5a114b797eb525ee5beadb34766c665df10c0bc028459c53b539b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
b4f21617-1247-4d25-8174-f2cd723221d1
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/b4f21617-1247-4d25-8174-f2cd723221d1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
50d7c1bb-e9b5-4ec8-b648-704bea1de4b3
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/50d7c1bb-e9b5-4ec8-b648-704bea1de4b3
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
pr
s.amazon-adsystem.com/v3/ Frame 852C 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
269898f6d237fead22e7f47ce9cb656b79fdb8fd89328a96fd463957f37558ba
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3419
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 24 Dec 2023 08:34:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8714BZZPS7FYGZBG8AT7
pr
s.amazon-adsystem.com/v3/ Frame E8F2 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
25f9c4ee75160f22a5e0ca25099324fec70b9358c5f5d658343699faed84bf24
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2629
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 24 Dec 2023 08:34:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PG8CJSKYE2WXXAGF0G2Q
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 20:50:20 GMT
x-content-type-options
nosniff
age
128648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 20:50:20 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 03:47:19 GMT
x-content-type-options
nosniff
age
449229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 03:47:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
7295658a636b95bf5803504a22d250ec541694d213761696eb838ded7f9cac45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29503
x-xss-protection
0
server
cafe
etag
452 / 19715 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 08:34:28 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
MDNMCE0B55QAQ3K2
age
2741068
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
83a7816178e4dfaf-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BHo/Kq9m8K2a91xbAa1RMRWzZ3htf+lNHprquMI48c4m/aO4UvZcO2HGeQ5tAKbADss7lc2GxpE=
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_9/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_9/assets/css/cmOsUnit.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702980162
date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
6ZRBZRW54S9Z2RRG
age
426639
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702980163
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
Fp4nTi/uH//m53gN5qXFm/Uc/MU1+9MUk3wIpRIgHwtURDCWHizCByYufN1PdG1wPXTvHBJp63c=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Tue, 19 Dec 2023 10:02:44 GMT
server
AmazonS3-br
x-timer
S1703406869.804580,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
55088
cmTagRECO_REEL_WIDGET.js
vidstat.taboola.com/vpaid/units/33_6_9/infra/ 		414 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8bf8dc4fbd88d29136c428962e6828770e537cb1c2c4b50702602fdd236ba490

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702980128
date
Sun, 24 Dec 2023 08:34:28 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
V15Z9C45AWEX66KH
age
426623
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702980128
x-amz-meta-mode
33188
content-length
95152
x-amz-id-2
r0MLEEwAb8CMOz+s+lrWR4NDnk3CUC89l5MxIECl1Ytlunzxy7nb2UHUYAIk6cYKxYvx1irYRyw=
x-served-by
cache-bfi-kbfi7400060-BFI
last-modified
Tue, 19 Dec 2023 10:02:09 GMT
server
AmazonS3-br
x-timer
S1703406869.834813,VS0,VE0
etag
"7ef5b14d349c6b7b71936ad6226b8839"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
6579
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&cmcv=&pix=31589837&cb=1703406868720&uv=3369&tms=1703406868720&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45&ft=0&unm=RECO_REEL_WIDGET&debug=pn:!sqg:!torgn:1703406859529.1!ts:1703406868719&mntl=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
content-length
0
server
nginx
st
imprchmp.taboola.com/ 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&cmcv=&pix=undefined&cb=1703406868720&uv=3369&tms=1703406868720&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45&ft=0&unm=RECO_REEL_WIDGET&aure=false&agl=1&cirid=7dea3a82-b0ce-4e84-8a48-fe803f20484f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406869.035554,VS0,VE43
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-bfi-krnt7300040-BFI
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22HipLostNoAdjacInFirstWF%22%2C%22type%22%3A%22HipLost%22%2C%22eventTime%22%3A1703406868730%7D&tim=16%3A34%3A28.730&id=2663&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available-spa%22%2C%22eventTime%22%3A1703406868738%7D&tim=16%3A34%3A28.738&id=4436&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:29 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
600
content-length
0
date
Sun, 24 Dec 2023 08:34:28 GMT
server
nginx
st
imprchmp.taboola.com/ Frame D9B5 		531 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&cmcv=&pix=undefined&cb=1703406868822&uv=3369&tms=1703406868822&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=22868239-578d-453c-a786-86fd8262cd6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f455714b7204d2dce526ed15996d2ad9f4a4e13a0fa32d57e3af0c4157cc177

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 24 Dec 2023 08:34:28 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300040-BFI
x-timer
S1703406869.897598,VS0,VE44
sync
ch-match.taboola.com/ Frame 5569 		531 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c1a55de9c3ac681c3ecb9d60b582cd2939eb807a0c2d3b71f3b161011d69e850

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 24 Dec 2023 08:34:28 GMT
machineid
3805
server
nginx
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_6_9/infra/ 		525 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagFEED_MANAGER.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ff0f5d9f1ddefb32d6b533b91ea88ba9e770969c9e5161334fe62ce3ae2e8970

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702980148
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
5WDH2GMG6F68GHY4
age
426630
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702980149
x-amz-meta-mode
33188
content-length
111017
x-amz-id-2
CF3RSNMvLv4eqdqeVnwQqILHh8gR+6u4s9QbAApJhLiNaDhY3CnDgidvA7JPJlaxu2Dt6j+QZkE=
x-served-by
cache-bfi-kbfi7400060-BFI
last-modified
Tue, 19 Dec 2023 10:02:31 GMT
server
AmazonS3-br
x-timer
S1703406869.042072,VS0,VE0
etag
"a84d87b8571fa8cef2f401b195d4e4d1"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
36902
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&cmcv=&pix=31589837&cb=1703406868822&uv=3369&tms=1703406868822&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1703406859529.1!ts:1703406868822&mntl=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
content-length
0
server
nginx
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 08:34:29 GMT
https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ Frame E8F2 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame E8F2 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip29.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame E8F2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1703406869133
  • https://ad.turn.com/r/cs?pid=45&rndcb=3131816302
  • https://sync.1rx.io/usersync/turn/3288562651539434917?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-55013440-478c-43d2-8c5e-9c9e...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G73QWYEEY816MH59DM73
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
date
Sun, 24 Dec 2023 08:34:30 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX55013440478c43d28c5e9c9e56ac3ef8004
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame E8F2
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=f5ef61cad29783d52lw51100lqj8gw9i
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=f5ef61cad29783d52lw51100lqj8gw9i
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZTEQ8RDVJXMMESCHS9M4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=f5ef61cad29783d52lw51100lqj8gw9i
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame E8F2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AANRO07LD9oAABPGPvuH7w&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AANRO07LD9oAABPGPvuH7w&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GH8F143J5RTAER22EVZD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AANRO07LD9oAABPGPvuH7w&ex=beeswax.com
Date
Sun, 24 Dec 2023 08:34:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame E8F2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=inxaI5FQsZCutLXIcKrX
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=inxaI5FQsZCutLXIcKrX
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KK7CYT5KYXVH7TCAZVQK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=inxaI5FQsZCutLXIcKrX
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
analytics.js
www.google-analytics.com/ Frame E189 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 07:16:38 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4670
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Dec 2023 09:16:38 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame 0FAA 		570 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e2a78319ad9975be4685a4f5e9ba871b2270401c105654b213db3db32a287f0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
570
date
Sun, 24 Dec 2023 08:34:29 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC4B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68912
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 08:34:28 GMT
expires
Mon, 25 Dec 2023 03:43:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 96AB 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.42.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-42-142.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
cdf5d667b636a1f1cd7d3e8f7e907547146a9aebdfdff34912e4221f1821635a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 24 Dec 2023 08:34:29 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 0DE6 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 08:34:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 73DC
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8373794662626828817&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8373794662626828817&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
H5P7VYC73B851Y5E1PXW

Redirect headers

content-length
0
date
Sun, 24 Dec 2023 08:34:29 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8373794662626828817&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 3183
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
49TQP2PDQQDN7NPNJ8C9

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 24 Dec 2023 08:34:29 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
s.amazon-adsystem.com/ Frame 852C
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3464084682889919000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3464084682889919000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TWR7TNRPX3RJQ49F3H2N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:28 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3464084682889919000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 24 Dec 2023 08:34:28 GMT
ecm3
s.amazon-adsystem.com/ Frame 852C
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=4a1dd63e35
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=4a1dd63e35
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZYJ2G2YD42JYVRHAEWA2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 24 Dec 2023 08:33:43 GMT
via
1.1 406461fd8617bd4d59bb9898123ebbe8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
46
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=4a1dd63e35
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
hzq92ve68YvkhQTx0mlMuaaGdbyYP4itTwY4v1BgwGszzDYywClnIw==
/
onetag-sys.com/match/ Frame 852C 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip29.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
collect
a.ad.gt/api/v1/ Frame E189 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
cf-ray
83a781647a96ab02-SYD
getpixels
pixels.ad.gt/api/v1/ Frame E189 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=9012b2e2456c345fa84ae583e3716c85&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83a781663b66a7e9-SYD
content-type
text/html; charset=utf-8
amzns2s
rtb.gumgum.com/usync/ Frame 57FA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.74.118.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-118-231.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
13bc6fe02e303225dc2a9d9ba3cda4cb973b86489ec253727f54ebbea089cc8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 24 Dec 2023 08:34:29 GMT
etag
W/"0445c5d45c3306d96bb47f7ecead00a70"
server
nginx
timing-allow-origin
*
cm
u.openx.net/w/1.0/ Frame 8CF9 		594 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
41f7954da7b3a26296adca8a0d1724d404068ebeef48a7ba4994013649d7cda4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
348
content-type
text/html
date
Sun, 24 Dec 2023 08:34:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 00C8
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1464830199205929643&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1464830199205929643&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RKHTFZCE2DJ7RG5QB9VB

Redirect headers

content-length
0
date
Sun, 24 Dec 2023 08:34:28 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1464830199205929643&gdpr=0&gdpr_consent=
/
match.sharethrough.com/jwumXNuB/v1/ Frame 480C 		508 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
d4df964562e1f968dd8b0100b70e77692f8e5267cf04b7b50655922079efa87c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
508
date
Sun, 24 Dec 2023 08:34:29 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 28C8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68912
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 08:34:28 GMT
expires
Mon, 25 Dec 2023 03:43:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame A114 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.42.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-42-142.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e57621d7cddfd90952a2d7e468d0f95d4bd08978dd4845e52fa3b0e7a4ad05f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 24 Dec 2023 08:34:29 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame ECB9 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 08:34:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame C5A4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS05Y01vd1A5RTJ1S0xocEc0ZVZScFQ0RHlOOUpjNW00S35B&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS05Y01vd1A5RTJ1S0xocEc0ZVZScFQ0RHlOOUpjNW00S35B&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
X82NNYSRZ61NB6F7JVXZ

Redirect headers

age
0
content-length
0
date
Sun, 24 Dec 2023 08:34:29 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS05Y01vd1A5RTJ1S0xocEc0ZVZScFQ0RHlOOUpjNW00S35B&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
dinitsync
crb.kargo.com/api/v1/ Frame C85E 		0
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/dinitsync?partners=A9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.177.21 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-177-21.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 24 Dec 2023 08:34:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin
x-accel-expires
0
ecm3
s.amazon-adsystem.com/ Frame 0E81
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=399068538422166660&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=399068538422166660&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2X6P8QPBP84MPD1R7V7R

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
8a336ac7-175f-40e7-95da-98b81a843652
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 08:34:29 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=399068538422166660&ex=appnexus.com&gdpr=0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 919A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5KDQR2BZ8XNA1834YBWA

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 24 Dec 2023 08:34:29 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=192548972257572329755
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecommerce.js
www.google-analytics.com/plugins/ua/ Frame E189 		1 KB
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 24 Dec 2023 09:23:02 GMT
ec.js
www.google-analytics.com/plugins/ua/ Frame E189 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:26:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 24 Dec 2023 09:26:02 GMT
usync.js
eus.rubiconproject.com/ Frame 0DE6 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
097b6477742ed2b1922445df1dc82fde1bf4f5d6a195421b82acb94d0c68fb6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Dec 2023 02:10:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63349
Connection
keep-alive
Content-Length
13200
Expires
Mon, 25 Dec 2023 02:10:17 GMT
usync.js
eus.rubiconproject.com/ Frame ECB9 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
097b6477742ed2b1922445df1dc82fde1bf4f5d6a195421b82acb94d0c68fb6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Dec 2023 02:10:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63349
Connection
keep-alive
Content-Length
13200
Expires
Mon, 25 Dec 2023 02:10:17 GMT
19f6e4cd-9932-4407-92d2-cb12908bebf8
https://www.chicagotribune.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/19f6e4cd-9932-4407-92d2-cb12908bebf8
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
PugMaster
image6.pubmatic.com/AdServer/ Frame CC4B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23684860&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
eda2dbbaec1ac622dfa7cc216bf895009456b823f65e01515c12a8ec3cda1824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 08:34:29 GMT
content-length
1672
content-type
text/html; charset=UTF-8
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/ 		429 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
68695c601fa95d4bb33373955d52ec3f8a5c0b8233df2019918276a1fe1f55e3

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702980075
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A4SKR89QV0T06KYS
age
426727
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702980088
x-amz-meta-mode
33188
content-length
82175
x-amz-id-2
K2LvX0UbyDRxisgfaFwigGtqlU0mmM3kx13bWTThZChP9stjZznkLMsYrt6C9wETTLPi1bPtZTs=
x-served-by
cache-bfi-kbfi7400060-BFI
last-modified
Tue, 19 Dec 2023 10:01:29 GMT
server
AmazonS3-br
x-timer
S1703406869.235864,VS0,VE0
etag
"a41ed74a255098313081b378c4525c54"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
55949
sync
ch-match.taboola.com/ Frame D169 		531 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6f455714b7204d2dce526ed15996d2ad9f4a4e13a0fa32d57e3af0c4157cc177

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 24 Dec 2023 08:34:29 GMT
machineid
3805
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 8CF9 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=3a6e7716-a3a1-c8ac-3be3-e124103d3d83&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VZWG61Z7KYW919KFMN23
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
f67f6d2f-2fa7-e11f-ca3a-754687593b2a
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8CF9 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/f67f6d2f-2fa7-e11f-ca3a-754687593b2a?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.143.230.122 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-230-122.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 8CF9 		0
0
dds
rtb.openx.net/sync/ Frame 8CF9
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ve6BVxaNyngdmS8EqxfM2Q==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 8CF9 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 8CF9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3216505057501506981&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3216505057501506981&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3216505057501506981&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 5569
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
0
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
42
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 varnish
x-served-by
cache-bfi-krnt7300040-BFI
server
nginx
x-timer
S1703406869.207313,VS0,VE42
x-fastly-to-nlb-rtt
40807
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
date
Sun, 24 Dec 2023 08:34:29 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame 5569
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
259595

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 24 Dec 2023 08:34:29 GMT
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 5569
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-.Dcy.5VE2oQQ.bfRTkbShiNMcKPGqWhgjBi5Qg--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-.Dcy.5VE2oQQ.bfRTkbShiNMcKPGqWhgjBi5Qg--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
263668

Redirect headers

date
Sun, 24 Dec 2023 08:34:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-.Dcy.5VE2oQQ.bfRTkbShiNMcKPGqWhgjBi5Qg--~A
content-length
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D9B5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&cmcv=&pix=undefined&cb=1703406868822&uv=3369&tms=1703406868822&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=22868239-578d-453c-a786-86fd8262cd6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
42
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 varnish
x-served-by
cache-bfi-krnt7300040-BFI
server
nginx
x-timer
S1703406869.218610,VS0,VE42
x-fastly-to-nlb-rtt
40663
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
date
Sun, 24 Dec 2023 08:34:29 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D9B5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-18kcs5dE2oRCZvNNqYRvd6PIXZ4dmG4s6VrUtQ--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-18kcs5dE2oRCZvNNqYRvd6PIXZ4dmG4s6VrUtQ--~A
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&cmcv=&pix=undefined&cb=1703406868822&uv=3369&tms=1703406868822&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=22868239-578d-453c-a786-86fd8262cd6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
263668

Redirect headers

date
Sun, 24 Dec 2023 08:34:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-18kcs5dE2oRCZvNNqYRvd6PIXZ4dmG4s6VrUtQ--~A
content-length
0
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame D9B5
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&cmcv=&pix=undefined&cb=1703406868822&uv=3369&tms=1703406868822&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=22868239-578d-453c-a786-86fd8262cd6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
259595

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 24 Dec 2023 08:34:29 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 a00308282f47567560ecd138b1036698.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
2358952
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1703406869.232329,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
TUA9TpuyqohCaAVXS-IUBPgS3PnX9rfC5CU5fafSK6W9Q0o6Xa91rg==
x-cache-hits
264454
khaos.json
token.rubiconproject.com/ Frame ECB9 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4290507b7388fb86809e552482e2fff0
Expires
0
khaos.json
token.rubiconproject.com/ Frame 0DE6 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Expires
0
diberp-tcx-v7.13.0.js
americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 11:05:56 GMT
content-encoding
gzip
age
682114
x-guploader-uploadid
ABPtcPpQV1w2XmLVTRNqfSV2zj8mV1tVK6SG98Fxw5DDhLObFmkqidrcQmWE9XE4idR65DeXWZ3EwTJDa7IAEv8C0Ll-
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104504
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
server
UploadServer
etag
"f085c7609fb7c47fb72fd768d721373e"
vary
Accept-Encoding,Origin
x-goog-generation
1661782821233427
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
104504
accept-ranges
bytes
expires
Sun, 15 Dec 2024 11:05:56 GMT
sync
ch-match.taboola.com/ Frame D589 		503 B
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1b509a2700f2fc4a2d523d692622e1740ad765e5cc13ffbc6c36b7b2f873544b

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 24 Dec 2023 08:34:29 GMT
machineid
3801
server
nginx
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D169
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
42
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 varnish
x-served-by
cache-bfi-krnt7300040-BFI
server
nginx
x-timer
S1703406869.371505,VS0,VE42
x-fastly-to-nlb-rtt
40661
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=da55406d-0593-41c8-8da4-7f3f342c02e4
date
Sun, 24 Dec 2023 08:34:29 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D169
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CxSDwvRE2oRbuVtso9j96NjgVB2TwgzEkQ4ppw--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CxSDwvRE2oRbuVtso9j96NjgVB2TwgzEkQ4ppw--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
263668

Redirect headers

date
Sun, 24 Dec 2023 08:34:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CxSDwvRE2oRbuVtso9j96NjgVB2TwgzEkQ4ppw--~A
content-length
0
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame D169
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
264882

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 24 Dec 2023 08:34:29 GMT
usersync
usersync.gumgum.com/ Frame 57FA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=399068538422166660
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=399068538422166660
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
an-x-request-uuid
662c8f52-b93d-4f89-9e31-1453502167f9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=399068538422166660
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 57FA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_84494336-f1e2-471e-993f-ee0def91ba1d&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_84494336-f1e2-471e-993f-ee0def91ba1d&gdpr=0&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=eZ_33CrO_thinPfeeMjiiCvJ-Ipinf-ILJ38XqmO
  • https://usersync.gumgum.com/usersync?b=bsw&i=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&us_privacy=
Date
Sun, 24 Dec 2023 08:34:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 57FA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=9585af1b-971e-4b00-9c96-735eb05ef725
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=9585af1b-971e-4b00-9c96-735eb05ef725
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 24 Dec 2023 08:34:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=9585af1b-971e-4b00-9c96-735eb05ef725
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 57FA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a$ip$66.203.112.163
Date
Sun, 24 Dec 2023 08:34:29 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 57FA 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.143.230.122 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-230-122.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 57FA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2
Date
Sun, 24 Dec 2023 08:34:30 GMT
Connection
keep-alive
X-CI-RTID
fbd40cb7-33cd-4be9-ba6b-bc3331808373
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 57FA 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 57FA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_84494336-f1e2-471e-993f-ee0def91ba1d&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=a_84494336-f1e2-471e-993f-ee0def91ba1d&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=J0E_35ZT18WcvxK00xMq&gdpr=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=J0E_35ZT18WcvxK00xMq&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=J0E_35ZT18WcvxK00xMq&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 57FA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=VVZLKk9GD3eK&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=VVZLKk9GD3eK&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
35.74.118.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-118-231.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-AU
location
https://rtb.gumgum.com/usersync?b=pln&i=VVZLKk9GD3eK&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7fc76965fd-zzlb9
expires
-1
usersync
usersync.gumgum.com/ Frame 57FA
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1183772345424093850
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1183772345424093850
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1183772345424093850
date
Sun, 24 Dec 2023 08:34:30 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 57FA 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_84494336-f1e2-471e-993f-ee0def91ba1d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0A606GRPXA23Z4NN0944
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bulk
trc.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/log/3/bulk?tvi48=13667&tvi50=14563&route=US%3ACH%3AV&lti=deflated&bulkSize=13
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
54
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
40709
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-krnt7300040-BFI
pragma
no-cache
server
nginx
x-timer
S1703406870.524516,VS0,VE54
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usersync
usersync.gumgum.com/ Frame F558
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=8014188516637391106&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=8014188516637391106&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:31 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 24 Dec 2023 08:34:30 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=8014188516637391106&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 9B2E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84NDQ5NDMzNi1mMWUyLTQ3MWUtOTkzZi1lZTBkZWY5MWJhMWQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 08:34:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4E40 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68911
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 08:34:29 GMT
expires
Mon, 25 Dec 2023 03:43:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
container.html
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A27 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 08:34:29 GMT
expires
Mon, 23 Dec 2024 08:34:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 42A4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=da55406d-0593-41c8-8da4-7f3f342c02e4
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=da55406d-0593-41c8-8da4-7f3f342c02e4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sun, 24 Dec 2023 08:34:29 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=da55406d-0593-41c8-8da4-7f3f342c02e4
server
Kestrel
usersync
usersync.gumgum.com/ Frame A04A
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZYftFcCo8X4AAJcvMlkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZYftFcCo8X4AAJcvMlkAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 08:34:29 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZYftFcCo8X4AAJcvMlkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad254.dc4p.scaleout.jp
X-SO-IP
66.203.112.163
X-SO-Key
ZYftFcCo8X4AAJcvMlkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.163","key":"ZYftFcCo8X4AAJcvMlkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad254"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad254
usersync
usersync.gumgum.com/ Frame 0AF5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 24 Dec 2023 08:34:30 GMT Sun, 24 Dec 2023 08:34:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 09F4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 08:34:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Dec 2023 08:34:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
container.html
7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 57D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 08:34:29 GMT
expires
Mon, 23 Dec 2024 08:34:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&ldt=BIDS&key=oX3gvkbQ&c_id=4591&seq=1&order=7&vIndex=0&absoluteTime=10229.9&relativeTime=3741.4&sm_id=2798099&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=9683&load=1&status=LVFNMNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.pubmatic.time=188.3&prebid.bidders.rubicon.time=2201.5&prebid.bidders.appnexus.time=199.2&prebid.bidders.ix.time=129.4&prebid.bidders.triplelift.time=179.9&prebid.bidders.unruly.time=1045.5&prebid.bidders.undertone.time=221&prebid.start=8023.2&prebid.time=2205.6&prebid.timeout=3000&adIndex=-1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 0FAA 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=e10fd0f1-6c14-457f-8da6-d965f31d4652
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V69H83V4BX87ETFCB9GJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0FAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZTEwZmQwZjEtNmMxNC00NTdmLThkYTYtZDk2NWYzMWQ0NjUy
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0FAA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 08:34:30 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 0FAA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
  • https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=n_DsyJ9iDxxVi4t7jjav0nZB9P4VUCA7PVn8SUihFng&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT, Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
sync.targeting.unrulymedia.com/csync/ Frame 0FAA
Redirect Chain
  • https://sync.1rx.io/usersync2/sharethrough
  • https://ad.turn.com/r/cs?pid=45&rndcb=2262714961
  • https://sync.1rx.io/usersync/turn/3288562651539434917?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame 480C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=3046fce5-20cd-4b7b-8898-2c7cd999c4a2
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NHHCQ6F04GNRQ94D6F0T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 480C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MzA0NmZjZTUtMjBjZC00YjdiLTg4OTgtMmM3Y2Q5OTljNGEy
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 480C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 08:34:30 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 480C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFOUk8wN0xEOW9BQUJQR1B2dUg3dw&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AANRO07LD9oAABPGPvuH7w&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?ev=AANRO07LD9oAABPGPvuH7w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cshr%26bee_sync_current_partner%3Dpp%...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AANRO07LD9oAABPGPvuH7w&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AANRO07LD9oAABPGPvuH7w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1183772345424093850&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AANRO07LD9oAABPGPvuH7w&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AANRO07LD9oAABPGPvuH7w&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AANRO07LD9oAABPGPvuH7w&gdpr=0
Date
Sun, 24 Dec 2023 08:34:32 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 96AB 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3zViwwwll1wyy78f92HY
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6DGH5R4TSPTJV2N2BYSV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96AB 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M3pWaXd3d2xsMXd5eTc4ZjkySFk=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 96AB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zViwwwll1wyy78f92HY
  • https://ads.yieldmo.com/v000/sync?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4
43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.255.34.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-34-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4
date
Sun, 24 Dec 2023 08:34:29 GMT
server
Kestrel
content-length
181
receive
pixel.tapad.com/idsync/ex/ Frame 96AB
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3zViwwwll1wyy78f92HY
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De42cd243-253d-41b2-a603-b0125185d9c0%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=399068538422166660&pt=e42cd243-253d-41b2-a603-b0125185d9c0%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=399068538422166660&pt=e42cd243-253d-41b2-a603-b0125185d9c0%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
an-x-request-uuid
2531208a-f545-4b6d-92d2-4dc6f0b4341e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=399068538422166660&pt=e42cd243-253d-41b2-a603-b0125185d9c0%2C%2C
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync-pm.ads.yieldmo.com/ Frame 96AB
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3288562651539434917&gdpr=&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D3D86ADBB-57FD-485D-B899-815E8B54C115%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.255.42.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-42-142.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 08:34:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.yieldmo.com/v000/ Frame 96AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEBIg7KFCVnt1ntRbutSOPwU&google_cver=1
43 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEBIg7KFCVnt1ntRbutSOPwU&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.255.34.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-34-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEBIg7KFCVnt1ntRbutSOPwU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A114 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3zViwwwll1wyy78f92HY&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WVR1E1KRZTQHD4D8EG2F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A114 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M3pWaXd3d2xsMXd5eTc4ZjkySFk=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame A114
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=399068538422166660&pn_id=an
43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=399068538422166660&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.255.34.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-34-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
an-x-request-uuid
c80ea22a-b751-4f7d-a3f0-268d50d6f633
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=399068538422166660&pn_id=an
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
sync.targeting.unrulymedia.com/csync/ Frame A114
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=5520538372
  • https://sync.1rx.io/usersync/turn/3288562651539434917?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sync
sync-pm.ads.yieldmo.com/ Frame A114
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3288562651539434917&gdpr=&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D3D86ADBB-57FD-485D-B899-815E8B54C115%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.255.42.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-42-142.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 08:34:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.yieldmo.com/v000/ Frame A114
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zViwwwll1wyy78f92HY
  • https://ads.yieldmo.com/v000/sync?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4
43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
54.255.34.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-34-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=da55406d-0593-41c8-8da4-7f3f342c02e4
date
Sun, 24 Dec 2023 08:34:30 GMT
server
Kestrel
content-length
181
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame D589
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
263668

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:29 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3464084682889919000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 24 Dec 2023 08:34:29 GMT
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D589
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-nojwU2VE2oQXVBSXYGiNKUzpnvUKFiWhlchsYQ--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-nojwU2VE2oQXVBSXYGiNKUzpnvUKFiWhlchsYQ--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
263668

Redirect headers

date
Sun, 24 Dec 2023 08:34:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-nojwU2VE2oQXVBSXYGiNKUzpnvUKFiWhlchsYQ--~A
content-length
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame D589
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8cqcCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYID-AIlMhrPhZLNcq3bDkVu02mzcCt9wthbOZibjZDbZmGwLIyCRyXA2nGyWa9VuOHKLVpuNW-EbztbC2cxknMwmG5NtYQUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCCn7gSABavyyf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyHDjljs5WD_PUQOgIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr1EfBbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ap8Zelj8frPDLXGZ_b635uUxPf12t8zyt5veoqPrbbE7nGbPW2H5GMQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIyWCAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RDI4WpuXGYXELdpPNWrRxjNbCkW_iVgyGs81qsHGYNi636PUxfYyL3WS52SLBAJy9SJ4W6US5sfhmE9ty5JnYbB6HceMY7TauxXJk8QxGppXFIpZoThbpRHbZN2ymkWnmsa2Gk4XH45vNZjOLzTgbGSfOwWA42fiLo4VpuXFY3ILdZLMWbRyjtXDkm7gVg-FssxpsHKaNyy16fUwf42I3WW72jd1gMxrMhrPdvrEbbEaD2XC223foDN_V52xUPn7njs_nWuY0K5vToHAZLN5p0SJtHY4-o8xyi7hWk_X0NbEKPROvQeE5eFRT5bVpbG67Nmdo-D0YFbFEcJFORJenxXV3mZw-p-lhdmuMTo_D5zddnhbX3WURS5Smi3SiV9lNL8vp4bS7XXbTX3R0OUwvy0UsEZwu0onGYXr5_JbnRf1HDjabSwabuWIxmStmm1UCAAAAAAAAALAEk0w3AQAAAHAykN1wM1yt00GMhrPdcrVcAA9lLbp-5GGRnsT3hXalp541qnCAnRdr7LEOujwtrrvL5PQ5TQ-zW2N0ehw-v-nytLjuLisDeChjYbbZZwSxVqtlDQAAQAAbAABAADfdeBMgFsX9____jwMAAAAghx4AAAD9PqAmjfAjV4o9fgUxWs02-wegQqzVanW7sVarFXBANqsJBAAIwCcIAAAAAACAM14QAAAAAAAA5wU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Server
nginx
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Location
http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 24 Dec 2023 08:34:29 GMT
via
1.1 varnish
x-amz-request-id
YNWQD92FPY0EHGDK
age
27034
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
WsaloPBOV1RezW6P+wPtptx/yuFLzF8xRYzqZjAu1/8Q3Mo51sZ/ktK8UUMBM74T1ZRWD6ubnRE=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1703406870.878216,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
68
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1065
usync.js
eus.rubiconproject.com/ Frame 09F4 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
097b6477742ed2b1922445df1dc82fde1bf4f5d6a195421b82acb94d0c68fb6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Dec 2023 02:10:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63348
Connection
keep-alive
Content-Length
13200
Expires
Mon, 25 Dec 2023 02:10:17 GMT
ecm3
s.amazon-adsystem.com/ Frame ECB9
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LQJ8GVDY-1Y-64YE
  • https://s.amazon-adsystem.com/ecm3?id=LQJ8GVDY-1Y-64YE&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQJ8GVDY-1Y-64YE&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
205TXT5KAWNXHM8BPZMN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQJ8GVDY-1Y-64YE&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
moatvideo.js
z.moatads.com/taboolajsvideo2446883476/ 		368 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2c6af19ca8643a7a412e4f1f2316475b7b4e1b10735b33078f5582ade617722f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:29 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:33:54 GMT
server
AmazonS3
x-amz-request-id
MAAJRTYS65BHHKZ1
etag
"2e07406d66761b87afb805fca6a65768"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=27320
accept-ranges
bytes
content-length
122567
x-amz-id-2
8Gn+WKK7GhKGNw0OHYhJRYl0PGrZsps5qjP38AWnH609F274yKi0QwP2efba9nsqLjSepV1hA2Y=
bl-81a0f85-14a8a7f6.js
tagan.adlightning.com/mng-trib/ Frame 7A27 		87 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/bl-81a0f85-14a8a7f6.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-123.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3cb63a459e305a56ffb0e4363c5a396a935338fc4e213e642a12d25b7836974

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:16:20 GMT
content-encoding
gzip
via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront)
x-amz-version-id
74.LDNvkCeix1mtmsBvlAwRcPjQjgyyN
x-amz-cf-pop
SYD1-C1
age
199091
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37126
x-amz-meta-git_commit
81a0f85
last-modified
Fri, 22 Dec 2023 00:59:48 GMT
server
AmazonS3
etag
"fbb19806ba9e016b6d5b46c99f0f6284"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aCa157tZqdCih8w2jiTLiROhIiS7oDCLDyxS5HQtPDxUjQ6n9xlMBw==
b-552b890-bc02cc4e.js
tagan.adlightning.com/mng-trib/ Frame 7A27 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-123.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f4b617a984bb7bec5fea820558b71b5099c61ce8c7875a9df9d97445e70206e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 18:57:37 GMT
content-encoding
gzip
via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront)
x-amz-version-id
PXIOVZBA8xVAtZRHb5a3mVGkB6wrDYt4
x-amz-cf-pop
SYD1-C1
age
653813
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26507
x-amz-meta-git_commit
552b890
last-modified
Thu, 14 Dec 2023 16:48:08 GMT
server
AmazonS3
etag
"d330a68b62242aead5b751bfa8e111f1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Ls7RnDCENr4HgfZLjdBn8JgGSF0ukPmGCuBARxL5JbvNRIyHm_LXqA==
css
fonts.googleapis.com/ Frame 7A27 		2 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 08:32:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:34:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A27 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:12:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
4895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 07:12:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7A27 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 23:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
30929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 23:59:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A27 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 23:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
30929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 23:59:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A27 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 00:06:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
30473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 00:06:37 GMT
l
www.google.com/ads/measurement/ Frame 7A27 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuRpDNtN6U2d2Ik9dC2ynJzCb97j3RYrPAJmQAYK3EulQxB3wUh-0gxfIB4LPhdZ9KvMhcpWZ8IN6Uqjvid0fl1fkR-A
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7A27 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 08:34:30 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 7A27 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 18 Mar 2024 01:59:01 GMT
bl-81a0f85-14a8a7f6.js
tagan.adlightning.com/mng-trib/ Frame 57D5 		87 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/bl-81a0f85-14a8a7f6.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-123.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3cb63a459e305a56ffb0e4363c5a396a935338fc4e213e642a12d25b7836974

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:16:20 GMT
content-encoding
gzip
via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront)
x-amz-version-id
74.LDNvkCeix1mtmsBvlAwRcPjQjgyyN
x-amz-cf-pop
SYD1-C1
age
199091
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37126
x-amz-meta-git_commit
81a0f85
last-modified
Fri, 22 Dec 2023 00:59:48 GMT
server
AmazonS3
etag
"fbb19806ba9e016b6d5b46c99f0f6284"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
60dZ__DcKawjfEv5grkim_ndckMW4rzVZXJ15GZ5jc7H8h84sTeldA==
b-552b890-bc02cc4e.js
tagan.adlightning.com/mng-trib/ Frame 57D5 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-123.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f4b617a984bb7bec5fea820558b71b5099c61ce8c7875a9df9d97445e70206e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 18:57:37 GMT
content-encoding
gzip
via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront)
x-amz-version-id
PXIOVZBA8xVAtZRHb5a3mVGkB6wrDYt4
x-amz-cf-pop
SYD1-C1
age
653813
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26507
x-amz-meta-git_commit
552b890
last-modified
Thu, 14 Dec 2023 16:48:08 GMT
server
AmazonS3
etag
"d330a68b62242aead5b751bfa8e111f1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xVqDC8v0lRfN5AwG52xd3cArvUzRXrloip0i_YH-xF6ZjVUMxhYdeQ==
css
fonts.googleapis.com/ Frame 57D5 		2 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 08:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 08:28:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 08:34:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 57D5 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:12:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
4895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 07:12:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 57D5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 23:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
30929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 23:59:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 57D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 23:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
30929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 23:59:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 57D5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 00:06:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
30473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 00:06:37 GMT
l
www.google.com/ads/measurement/ Frame 57D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSoFG2Yd3pVgFBhNBDGsFkL0kIkSabuQiRIA1EfzEG5i7MicRcxKlWLkHloZYS9AeZHVhOrga1EwNLdcKN8g574fbyXqQ
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 57D5 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 08:34:30 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 57D5 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f3.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 18 Mar 2024 01:59:01 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:30 GMT
x-amz-request-id
E5BMFHQVVWZTX9K1
age
165
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EuVPdt7Z6kYw97siGwuAO2Mnyc4SOderKG58H2ZlhaOotasTGOVhhNfH3nkMbYK+5OhWGP1bFzE=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1703406870.159027,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
18
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
74
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:30 GMT
x-amz-request-id
ANWD8HG8KKVY769A
age
18750
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
Cvu4RV2CtVFS0LQCKJc60OfTEUOORQlVKc4bsgv9L8GJZ6M6NzSCTHk3izodyufVJoH2rU346Ck=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-timer
S1703406870.173966,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
65
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
9283
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Sun, 24 Dec 2023 08:34:30 GMT
x-amz-request-id
9D124TQA9YV10VW5
age
2810
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
A357VfmFYTZRqXvVgPawFG252NqG8ripyWoHC+xfKR81j3ruYV3AssfLpXFOwBssqqA61G+5Y8g=
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1703406870.173949,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
99
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
610
tap.php
pixel.rubiconproject.com/ Frame ECB9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&expires=30
date
Sun, 24 Dec 2023 08:34:30 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame ECB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFKOEdWRFktMVktNjRZRQ==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOOehj8ojSKGJMUwYevMOcw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKOEdWRFktMVktNjRZRQ==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKOEdWRFktMVktNjRZRQ==&google_push=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKOEdWRFktMVktNjRZRQ==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
tap.php
pixel.rubiconproject.com/ Frame ECB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bR2C6MA-09iQFRpNIv4Jvsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0kaJxMFE2oLSihe_p94qUZLuezxETGtsetjFLQ--~A
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0kaJxMFE2oLSihe_p94qUZLuezxETGtsetjFLQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 08:34:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0kaJxMFE2oLSihe_p94qUZLuezxETGtsetjFLQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame ECB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ8GVDY-1Y-64YE&gdpr=0
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 70BEDDE49FCB4ED6AD03D9B857A8AF60 Ref B: SYD03EDGE1917 Ref C: 2023-12-24T08:34:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNPVFyDz58mQiI8eT54Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ8GVDY-1Y-64YE&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame ECB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBMqHy1tO8SF2G2shYmKH_g&google_cver=1
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBMqHy1tO8SF2G2shYmKH_g&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBMqHy1tO8SF2G2shYmKH_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ECB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzViZjYwZjBiMmVkM2MyMTkxMDViNGM5NDNjNjdlMzY1MzBjNzQ2Mg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzViZjYwZjBiMmVkM2MyMTkxMDViNGM5NDNjNjdlMzY1MzBjNzQ2Mg&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzViZjYwZjBiMmVkM2MyMTkxMDViNGM5NDNjNjdlMzY1MzBjNzQ2Mg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame ECB9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LQJ8GVDY-1Y-64YE&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQJ8GVDY-1Y-64YE&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VA5D8FDQBGAEFE19YTBV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQJ8GVDY-1Y-64YE&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame ECB9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
57ZPS9Z2NKVR6DD6504G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame ECB9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rcscWOiKQv6HEVCBIywU2A&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rcscWOiKQv6HEVCBIywU2A&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rcscWOiKQv6HEVCBIywU2A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HV8KYDCBW0W81AYB85FY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rcscWOiKQv6HEVCBIywU2A&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame ECB9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AANRO07LD9oAABPGPvuH7w&expires=30&gdpr=0
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AANRO07LD9oAABPGPvuH7w&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AANRO07LD9oAABPGPvuH7w&expires=30&gdpr=0
Date
Sun, 24 Dec 2023 08:34:30 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame ECB9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LQJ8GVDY-1Y-64YE&gdpr=0
0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQJ8GVDY-1Y-64YE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
cksync
hb.yahoo.net/ Frame ECB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQJ8GVDY-1Y-64YE&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQJ8GVDY-1Y-64YE&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS14aEFuTEN0RTJ1R1ZnUFAuMmFxVHVGMHFBWVdwSnptZn5B&gdpr=0&ovsid=LQJ8GVDY-1Y-64YE&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS14aEFuTEN0RTJ1R1ZnUFAuMmFxVHVGMHFBWVdwSnptZn5B&gdpr=0&ovsid=LQJ8GVDY-1Y-64YE&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.206.242.194 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-242-194.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 24 Dec 2023 08:34:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sun, 24 Dec 2023 08:34:31 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS14aEFuTEN0RTJ1R1ZnUFAuMmFxVHVGMHFBWVdwSnptZn5B&gdpr=0&ovsid=LQJ8GVDY-1Y-64YE&dpid=58160
date
Sun, 24 Dec 2023 08:34:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame ECB9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQJ8GVDY-1Y-64YE&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ8GVDY-1Y-64YE
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ8GVDY-1Y-64YE&ckls=true&ci=Cz6q3A3G0F&nc=false&trid=-1166247560
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ8GVDY-1Y-64YE&ckls=true&ci=Cz6q3A3G0F&nc=false&trid=-1166247560
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:33 GMT
via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
V52xGS8K7byQ5okT9oMiqhkW9opowggRbjdVUYhlTUW_T3CY7buTeQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:33 GMT
via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ8GVDY-1Y-64YE&ckls=true&ci=Cz6q3A3G0F&nc=false&trid=-1166247560
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
50plAl2s7WSKCLW8sQjC_T-nDdSylzW8oexTS5CIA6hwBMdW4_RdGQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame ECB9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ8GVDY-1Y-64YE&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ8GVDY-1Y-64YE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame ECB9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQJ8GVDY-1Y-64YE&gdpr=0
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQJ8GVDY-1Y-64YE&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
capi.connatix.com/us/ Frame ECB9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LQJ8GVDY-1Y-64YE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LQJ8GVDY-1Y-64YE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQJ8GVDY-1Y-64YE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83a781746cf76a68-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 24 Dec 2023 08:34:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQJ8GVDY-1Y-64YE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83a781733c026a68-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c0.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.22.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
SPug
image4.pubmatic.com/AdServer/ Frame 77EB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:05c66587-ed16-4e00-877f-4096355e4ab0&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D86ADBB-57FD-485D-B899-815E8B54C115&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Sun, 24 Dec 2023 08:34:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

age
0
content-length
0
date
Sun, 24 Dec 2023 08:34:31 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame E817 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3D86ADBB-57FD-485D-B899-815E8B54C115
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
27FN5H107VEX16KRSRE1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PYatu1f9SF24mYFei1TBFQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=68910
accept-ranges
bytes
content-length
5622
expires
Mon, 25 Dec 2023 03:43:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame CC4B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3D86ADBB-57FD-485D-B899-815E8B54C115
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De42cd243-253d-41b2-a603-b0125185d9c0%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=399068538422166660&pt=e42cd243-253d-41b2-a603-b0125185d9c0%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=399068538422166660&pt=e42cd243-253d-41b2-a603-b0125185d9c0%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
an-x-request-uuid
1fa5ce4b-b2b4-401c-81fa-da6f33d471a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=399068538422166660&pt=e42cd243-253d-41b2-a603-b0125185d9c0%2C%2C
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame CC4B 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.165.247 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-165-247.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.31.122
content-length
49
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame CC4B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3D86ADBB-57FD-485D-B899-815E8B54C115&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3D86ADBB-57FD-485D-B899-815E8B54C115&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3D86ADBB-57FD-485D-B899-815E8B54C115&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:48 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:47 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3D86ADBB-57FD-485D-B899-815E8B54C115&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CC4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q4NkFEQkItNTdGRC00ODVELUI4OTktODE1RThCNTRDMTE1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CC4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN7fmBqWyTve3HOV1Z0a1so&google_cver=1
42 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN7fmBqWyTve3HOV1Z0a1so&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN7fmBqWyTve3HOV1Z0a1so&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame CC4B
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5C7638686559407991A04AAA71D259CA
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D86ADBB-57FD-485D-B899-815E8B54C115&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-x1n_OuxE2uU7riPCRpmT88RwiHDhrmY-~A&gdpr=0
date
Sun, 24 Dec 2023 08:34:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3D86ADBB-57FD-485D-B899-815E8B54C115
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CC4B 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3D86ADBB-57FD-485D-B899-815E8B54C115?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.143.230.122 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-230-122.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame CC4B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 08:34:30 GMT
server
Kestrel
content-length
355
ads
pubads.g.doubleclick.net/gampad/ Frame 3894 		26 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2F54098006&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D114107495-GoaenNCxjVFrYolu%26schain%3Dstnvideo.com%2CSTN_0002637%26content%3D9683%26placementType%3DPremium%26embed%3DoX3gvkbQ%26domain%3Dchicagotribune.com%26player_size%3Dmedium%26player_width%3D400%26player_height%3D227%26player_type%3Dbarker%26smartmatch%3Dno%26version%3D7.29.3%26player_status%3DLVFNMNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00189%2Chas_bid%26rand%3D9%26uhr%3D16%26iris_id%3Diris_baed641d57ef5f59%26iris_context%3Dic_2453406%2Cic_9067896%2Cic_0061279%2Cic_8168085%2Cic_8024878%2Cic_0749989%2Cic_1480324%2Cic_7160777%2Cic_9317723%2Cic_0084516%2Cic_9146060%2Cic_2291553%2Cic_3572470%2Cic_6703731%2Cic_7753435%2Cic_1740894%2Cic_1612662%2Cic_0344266%2Cic_8555203%2Cic_6552771%2Cic_1343647%2Cic_7753041%2Cic_2675413%2Cic_1649773%2Cic_9708954%2Cic_9954675%2Cic_3393155%2Cic_9677800%2Cic_1076642%2Cic_4440956%2Cic_4750630%2Cic_1655055%2Cic_9439788%26us_privacy%3D1---%26keywchk%3Dok%26amzniid%3DJHd4oo0qLqTDMAxorZDt5dsAAAGMmvYViwUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDDulp6%26amznp%3D6nutj4%26amznsz%3D640x360%26amznbid%3Dv_1uix7uo%26amznactt%3DOPEN&url=https%3A%2F%2Fwww.chicagotribune.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=250000&vrid=1263268&us_privacy=1---&hl=en&cmsid=2631244&plcmt=2&vconp=2&video_doc_id=2798099&vpa=auto&vpmute=1&cnc=22960152043&kfa=0&tfcd=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&gdpr=0&gdpr_consent=tcunavailable&gpp=GPP_ERROR_STRING_REMOVE_EVENT_LISTENER_ERROR&gpp_sid=-1&sdki=445&ptt=20&adk=1034705858&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=9C82BB4E-0AD5-411F-886C-9A0823BB59CE&a3p=EloKDWNyd2RjbnRybC5uZXQSQGZhMDM2NTVjZGFmZjVmZmZiYmU2YjYwY2IxYTcxODVjYTAyYzAzYjY5ZWM1ZjFlOTU2YzBmMzgxODk0NDYzODYY-q3Y18kxSAASlgEKCHJ0YmhvdXNlEoABcnRoclJCSmhTZ0NIQ3A4d1NRTXpvSXFUM2ZJb2xnMXFQQ2pMc2tpem82ZVlPbXd1bXlEd0swZXEvaGhPUmlaK3dEeGJFU2QvbjdZd01QMDJVVGdsY25KSzJCakNSV3ZZQnJOVnFuWlZFLzdlMG9kWVlZcGt0c2t5MkJvQjErelcYzarY18kxSAASGwoMMzNhY3Jvc3MuY29tGJKo2NfJMUgAUgIIbxIZCgp1aWRhcGkuY29tGKij2NfJMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2ljMUpSTUUxb1lVMVVTMGRvVHpaMFlraERia1p1WnowOUluMD0YvKnY18kxSAA.&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44804618&top=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&loc=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&dlt=1703406863849&idt=3444&dt=1703406870139&cookie=ID%3Dec36e0f15dae9095%3AT%3D1703406868%3ART%3D1703406868%3AS%3DALNI_MYCeCWgutxiEtIDiTrs7ymj7T4uPA&gpic=UID%3D00000cc08c47d672%3AT%3D1703406868%3ART%3D1703406868%3AS%3DALNI_MbQSRcO4Hp0FlJFp18-MkPntIioUg&correlator=669860567886690&scor=1405224023299101&ged=ve4_td6_tt2_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
f2301ee6a63d8594046b5301fbe9a136fb5f7459db8016c21e62ac4cb6f3b783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4086
x-xss-protection
0
google-lineitem-id
6242068975
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425070668
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
letrkpcw1t8y7ecikw9dHJ7l_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/letrkpcw1t8y7ecikw9dHJ7l_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2be9bbc888c49d955c1c76dbee70c9d258ffcf421f9999ee98707a3766ca748

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 649b6b05ca9ae28ccc2413cb40b9b26c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
1951052
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront, HIT
Content-Range
bytes 0-3514056/3514057
Content-Length
3514057
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Mon, 02 Oct 2023 23:02:05 GMT
server
AmazonS3
x-timer
S1703406870.218585,VS0,VE1
etag
"22c41b9705e3a3c5a17b08918abc1c87"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hzg0sRAaeHeT3NTmiPLRLS1t36axvcdYEHpv82fh_DaqReU0HqdZlA==
x-cache-hits
0
omyual7z01kcank30sgnj6FH_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/omyual7z01kcank30sgnj6FH_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70f1ff4f6915f04fbcb20b209134899dee458390b803e98007d5eb5695669b3c

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 f56991030ca994576caf5b17c841ad90.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P1
age
54
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-3266516/3266517
Content-Length
3266517
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Fri, 22 Sep 2023 02:15:06 GMT
server
AmazonS3
x-timer
S1703406870.221597,VS0,VE1
etag
"2e86c7b3ebb3888d32b892fc181420a8"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
d_u6MOqaTuhLsaY-gjibz1zCXaXrjinLZj6gX4KJdf7FJpDabGEeaA==
x-cache-hits
0
a1edfmpjit73egvp59ydb0Z8_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/a1edfmpjit73egvp59ydb0Z8_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1728b8c2bbd6639a6c6c392ed0c0141f1a1749cc4d3bb72453e9956f04662f32

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 264cb7af72b5640529967523a2e1b25e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
48
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-3391079/3391080
Content-Length
3391080
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Mon, 09 Oct 2023 22:49:44 GMT
server
AmazonS3
x-timer
S1703406870.221586,VS0,VE1
etag
"b95f0c1a5db5a53fb6b0e27f5801005d"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
HR4KmDUxeLZeZue-f3n3duuBvcXlIDUJSY-qGYgXZWJGs1suHY2Imw==
x-cache-hits
0
aey9i47x5hk0pd04wgxyoxSF_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/aey9i47x5hk0pd04wgxyoxSF_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
136da243e8530b5a610fe55ae0e0c4d9a85f6a3c14119177be59e940569263c9

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 a00308282f47567560ecd138b1036698.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
97
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-1966633/1966634
Content-Length
1966634
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Fri, 22 Sep 2023 02:17:20 GMT
server
AmazonS3
x-timer
S1703406870.222039,VS0,VE0
etag
"e6b3bcd3fddb62fa9a05762839402b25"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
8gYpoQ_XkxSjr1wASW-4uXa3PiL2RfywfasiidyU_os1r4ZO9ypQ8g==
x-cache-hits
0
mjvk8adxecftoyfq9ae4sDEu_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/mjvk8adxecftoyfq9ae4sDEu_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c53e59342075867fdbf18827debb68d178d12711fb7960ad7bad2b2bd9a4e05a

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 0361f428634a3c0bc42e9b0f23e19ffe.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
48
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-1705193/1705194
Content-Length
1705194
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Tue, 03 Oct 2023 06:12:03 GMT
server
AmazonS3
x-timer
S1703406870.222150,VS0,VE1
etag
"7c3383a07fa07279b8c1eaf4cce9b904"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
bTH5bPQKqYZL4wHxcf6Lm61kE92DgF0q954G182cGGaUDC7ZJ3gPUw==
x-cache-hits
0
mjvk8adxecftoyfq9ae4sDEu_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		46 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/mjvk8adxecftoyfq9ae4sDEu_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 0361f428634a3c0bc42e9b0f23e19ffe.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
48
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-1705193/1705194
Content-Length
1705194
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Tue, 03 Oct 2023 06:12:03 GMT
server
AmazonS3
x-timer
S1703406870.232835,VS0,VE1
etag
"7c3383a07fa07279b8c1eaf4cce9b904"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
bTH5bPQKqYZL4wHxcf6Lm61kE92DgF0q954G182cGGaUDC7ZJ3gPUw==
x-cache-hits
0
omyual7z01kcank30sgnj6FH_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		784 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/omyual7z01kcank30sgnj6FH_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 f56991030ca994576caf5b17c841ad90.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P1
age
55
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-3266516/3266517
Content-Length
3266517
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Fri, 22 Sep 2023 02:15:06 GMT
server
AmazonS3
x-timer
S1703406871.147911,VS0,VE1
etag
"2e86c7b3ebb3888d32b892fc181420a8"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
d_u6MOqaTuhLsaY-gjibz1zCXaXrjinLZj6gX4KJdf7FJpDabGEeaA==
x-cache-hits
0
aey9i47x5hk0pd04wgxyoxSF_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		160 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/aey9i47x5hk0pd04wgxyoxSF_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 a00308282f47567560ecd138b1036698.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
98
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-1966633/1966634
Content-Length
1966634
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Fri, 22 Sep 2023 02:17:20 GMT
server
AmazonS3
x-timer
S1703406871.214425,VS0,VE1
etag
"e6b3bcd3fddb62fa9a05762839402b25"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
8gYpoQ_XkxSjr1wASW-4uXa3PiL2RfywfasiidyU_os1r4ZO9ypQ8g==
x-cache-hits
0
a1edfmpjit73egvp59ydb0Z8_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		157 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/a1edfmpjit73egvp59ydb0Z8_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 264cb7af72b5640529967523a2e1b25e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
49
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-3391079/3391080
Content-Length
3391080
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Mon, 09 Oct 2023 22:49:44 GMT
server
AmazonS3
x-timer
S1703406872.683974,VS0,VE1
etag
"b95f0c1a5db5a53fb6b0e27f5801005d"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
HR4KmDUxeLZeZue-f3n3duuBvcXlIDUJSY-qGYgXZWJGs1suHY2Imw==
x-cache-hits
0
oa1s59shzfvbb25p7gh3EOIz_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/oa1s59shzfvbb25p7gh3EOIz_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2fc3dab81b24b735012f0566b08da2cc0cd861763d5d54a8dc8b83f8c20c404

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 6e11af43b7d44f54f9a54c759c251f16.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
LAX50-P1
age
50
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront, HIT
Content-Range
bytes 0-1268926/1268927
Content-Length
1268927
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Mon, 02 Oct 2023 22:57:55 GMT
server
AmazonS3
x-timer
S1703406872.856070,VS0,VE1
etag
"53e71ef74ff4383a0910806f2f8f699d"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
13o9_OAsy8i_osP28wEDpREcGbk-1PWr90rqVzJ6Ch9SqkyUxzLEkQ==
x-cache-hits
0
n.js
mb.moatads.com/ 		70 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870279&de=167850314920&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=2&cb=0&ym=0&cu=1703406870279&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=RECO_REEL_WIDGET%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Fomyual7z01kcank30sgnj6FH_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=1218374564&cs=0&ord=1703406870279&jv=530194391&callback=DOMlessLLDcallback_12226663
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.9.186.67 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
738caf369e1920dd88781f1e886076d9ad0cf15ba1733efc995f730a6eb89a84

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
server
istio-envoy
etag
"a8bf975600dffdf2242b6e3ca73bdc20054bbc29"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
7
timing-allow-origin
*
content-length
70
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870279&de=167850314920&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=3&cb=0&ym=0&cu=1703406870279&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=RECO_REEL_WIDGET%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Fomyual7z01kcank30sgnj6FH_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=1128240397&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:30 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		40 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=1437&height=808&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1703406870581&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1586&pt=-1304982331&tz=480&viewable=true&ddast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=0&ctsldr=0&dtagid=3054575&dpubid=189827&abtst=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45&mPre=0.033&cirf=https%3A%2F%2Fwww.chicagotribune.com&en=1&subu=0&panid=fa03655cdaff5fffbbe6b60cb1a7185ca02c03b69ec5f1e956c0f38189446386
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.6/UnitRecoReelWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc4e2354abc0593eae01a97f01c2db7db1aaf1f890080dc54890d09092b0d56b

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 24 Dec 2023 08:34:30 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1862
x-cache
MISS
x-served-by
cache-bfi-krnt7300040-BFI
pragma
no-cache
server
nginx
x-timer
S1703406871.653847,VS0,VE158
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://js.brealtime.com>; rel=preconnect,<https://direct.ad.cpe.dotomi.com>; rel=preconnect,<http://taboola-d.openx.net>; rel=preconnect,<http://taboola-d.openx.net>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
cmAdService.js
vidstat.taboola.com/vpaid/units/33_6_9/infra/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmAdService.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702980156
date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 821c432df4ed6570377b35b5a3b04598.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
SEA900-P3
age
426640
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1702980157
x-amz-meta-mode
33188
content-length
11556
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Tue, 19 Dec 2023 10:02:38 GMT
server
AmazonS3
x-timer
S1703406872.862868,VS0,VE0
etag
"395c2d3a29b53f05f31fcb3046a9dd43"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
6GvfBaO5NkE05BFzJgOQmDCLCrnBUrHSYeJQ4VjahgQaQqYAMLv_Xg==
x-cache-hits
53438
khaos.json
token.rubiconproject.com/ Frame 09F4 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LQJ8GVDY-1Y-64YE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2&expires=30&gdpr=0
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2&expires=30&gdpr=0
Date
Sun, 24 Dec 2023 08:34:30 GMT
Connection
keep-alive
X-CI-RTID
16f656e3-34db-4206-8b44-f5fa60c9b637
Content-Length
155
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 0DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQJ8GVDY-1Y-64YE&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
an-x-request-uuid
cd3aebd0-8935-4f6d-bfce-2dc293e909bd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQJ8GVDY-1Y-64YE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
Expires
0
merge
ce.lijit.com/ Frame 0DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LQJ8GVDY-1Y-64YE&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LQJ8GVDY-1Y-64YE&gdpr=0&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQJ8GVDY-1Y-64YE&gdpr=0&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQJ8GVDY-1Y-64YE&gdpr=0&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=VvsKSL_3W_1J1MHeEqGRKkLLcKM
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=VvsKSL_3W_1J1MHeEqGRKkLLcKM
Date
Sun, 24 Dec 2023 08:34:30 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=7c9e6dd1-b7e2-45bf-9abd-e3445a7b115c
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=7c9e6dd1-b7e2-45bf-9abd-e3445a7b115c
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4290507b7388fb86809e552482e2fff0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
track008-sjc
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:06 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=7c9e6dd1-b7e2-45bf-9abd-e3445a7b115c
cache-control
private,no-cache
content-length
223
expires
-1
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 0DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQJ8GVDY-1Y-64YE&gdpr=0
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQJ8GVDY-1Y-64YE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=d00171fc-9f97-4b7e-b540-f89192de852d&gdpr=0
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=d00171fc-9f97-4b7e-b540-f89192de852d&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=d00171fc-9f97-4b7e-b540-f89192de852d&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
811509
content-length
0
expires
Sun, 24 Dec 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8877890029443442616
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8877890029443442616
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8877890029443442616
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3288562651539434917&expires=60&gdpr=0&gdpr_consent=
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3288562651539434917&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3288562651539434917&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=399068538422166660&expires=30&gdpr=0
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=399068538422166660&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
an-x-request-uuid
0049d292-bf3e-4e7e-a19a-30c737e806ba
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=399068538422166660&expires=30&gdpr=0
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5740123107
  • https://sync.1rx.io/usersync/tradedesk/da55406d-0593-41c8-8da4-7f3f342c02e4
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-55013440-478c-43...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004&expires=30
date
Sun, 24 Dec 2023 08:34:31 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX55013440478c43d28c5e9c9e56ac3ef8004
content-type
text/html
esync
token.rubiconproject.com/ Frame 0DE6
Redirect Chain
  • https://id.rlcdn.com/709414.gif?gdpr=0
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
events-ssc.33across.com/ Frame 0DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQJ8GVDY-1Y-64YE&gdpr=0
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQJ8GVDY-1Y-64YE&ts=1703406871&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQJ8GVDY-1Y-64YE&ts=1703406871&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQJ8GVDY-1Y-64YE&ts=1703406871&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
143
match.deepintent.com/usersync/ Frame 0DE6 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143?gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:30 GMT
content-length
0
server
b
redirect
exchange.mediavine.com/usersync/ Frame 0DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQJ8GVDY-1Y-64YE&gdpr=0
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
54.215.107.128 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-107-128.us-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQJ8GVDY-1Y-64YE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 0DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQJ8GVDY-1Y-64YE&gdpr=0
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQJ8GVDY-1Y-64YE&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-sharethrough_n-onetag_pm-db5_ym_rbd_rx_n-baidu_n-Beeswax_smrt_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.89.208.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-208-126.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQJ8GVDY-1Y-64YE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870461&de=805636258152&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=7&cb=0&ym=0&cu=1703406870461&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=FEED_MANAGER%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Fomyual7z01kcank30sgnj6FH_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=803007457&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6CE9 		1 KB
874 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
59129
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 16:09:01 GMT
etag
48472445140208031
expires
Sun, 24 Dec 2023 16:09:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4159 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
59129
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 16:09:01 GMT
etag
48472445140208031
expires
Sun, 24 Dec 2023 16:09:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870479&de=995915533288&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=11&cb=0&ym=0&cu=1703406870479&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=RECO_REEL_WIDGET%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Faey9i47x5hk0pd04wgxyoxSF_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=950912582&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:31 GMT
usersync
usersync.gumgum.com/ Frame 09F4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LQJ8GVDY-1Y-64YE
  • https://usersync.gumgum.com/usersync?b=mag&i=LQJ8GVDY-1Y-64YE&gdpr=0&gdpr_consent=undefined&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LQJ8GVDY-1Y-64YE&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LQJ8GVDY-1Y-64YE&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
shopping
encrypted-tbn3.gstatic.com/ Frame 7A27 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQP4KPLoyaSk3Evnzgc7QX2um0ihTiy6aaPipnuCkBMIGx8TIEImh18tA5tWQ&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
d9ae60d4569f669d97e7e9fb5e6b8b4814fac71564beffbca38716020f0d821a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 23:37:28 GMT
x-content-type-options
nosniff
age
464223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28330
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:31:08 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 17 Dec 2024 23:37:28 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 7A27 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQuszaHsBSNj2LuDQbTUQ-SpujzQ7cMlQoueTCAXDyMrB99isKEYO-loMtadzI&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
35d723878f5ed470f59776f9d9b25edcc5574bf4641b7ddf6554a5463da5c8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 13:17:43 GMT
x-content-type-options
nosniff
age
155808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20530
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 13:37:18 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 21 Dec 2024 13:17:43 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 7A27 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSTkCcUP8f0AnXWVrjudOsC8DQXuQomNACo6pw17xhmwqX8QQBbcL_wp_F-Rw&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
e59ad9699b8261ca5a664fcb484bf032a39f95831527bf262bb707c851c6a022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 18:06:56 GMT
x-content-type-options
nosniff
age
138455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30054
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 05:39:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 21 Dec 2024 18:06:56 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 7A27 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ0yrfmTZUd_eDz_J2EuGEoGSo0x4qUHNrB364KW1WUv25QdXI4bWhoe1WiWQ&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
893759e323386cb8b7b5304e7b0813d64461163aff5d2f9e655b002ad50fa861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 12:07:05 GMT
x-content-type-options
nosniff
age
73646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29383
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 07:46:51 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 22 Dec 2024 12:07:05 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 7A27 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSKS4eXPITlDmdS68kgFXFXQU68ABmrmZ72TbuSS9miAcJmeYGCiCDkX-XX2w&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
83f128ce08ba40031ee836cdfd98c8a664f320a79f1d64bc19c5cc9be22407c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:42:32 GMT
x-content-type-options
nosniff
age
564719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21313
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:28:19 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Dec 2024 19:42:32 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 7A27 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRzvuVU7x6p8LdoPjtQ7S2JT2iU0PE1y0rdDriCILZ6FiCZzwIPrfpcIrwZag&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f14.1e100.net
Software
sffe /
Resource Hash
ac1e612ccd25b8388df18d0663ffe86d88745974258f8eb0df8abbbe187505db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 20:21:53 GMT
x-content-type-options
nosniff
age
130358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17753
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:18:12 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 21 Dec 2024 20:21:53 GMT
13807221044435258780
tpc.googlesyndication.com/simgad/ Frame 7A27
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13807221044435258780
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 21 Dec 2024 03:27:20 GMT
date
Fri, 22 Dec 2023 03:27:20 GMT
x-content-type-options
nosniff
age
191231
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:21:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Sun, 24 Dec 2023 04:38:09 GMT
x-content-type-options
nosniff
server
cafe
age
14182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/13807221044435258780
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 04:38:09 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 57D5 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQP4KPLoyaSk3Evnzgc7QX2um0ihTiy6aaPipnuCkBMIGx8TIEImh18tA5tWQ&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
d9ae60d4569f669d97e7e9fb5e6b8b4814fac71564beffbca38716020f0d821a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 23:37:28 GMT
x-content-type-options
nosniff
age
464223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28330
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:31:08 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 17 Dec 2024 23:37:28 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 57D5 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSTkCcUP8f0AnXWVrjudOsC8DQXuQomNACo6pw17xhmwqX8QQBbcL_wp_F-Rw&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
e59ad9699b8261ca5a664fcb484bf032a39f95831527bf262bb707c851c6a022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 18:06:56 GMT
x-content-type-options
nosniff
age
138455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30054
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 05:39:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 21 Dec 2024 18:06:56 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 57D5 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSKS4eXPITlDmdS68kgFXFXQU68ABmrmZ72TbuSS9miAcJmeYGCiCDkX-XX2w&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
83f128ce08ba40031ee836cdfd98c8a664f320a79f1d64bc19c5cc9be22407c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 19:42:32 GMT
x-content-type-options
nosniff
age
564719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21313
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:28:19 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Dec 2024 19:42:32 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 57D5 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT69iXuqAelKREAzNMjXaAqY8oBbJLziplxEvoXZG9JzC1_x2t9QiqSqWlA7I8&usqp=CAI
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f14.1e100.net
Software
sffe /
Resource Hash
2e89f12f5b295126335885dd2c01f5c77c69d501230fd7c76a4d6b2522da9be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:20:09 GMT
x-content-type-options
nosniff
age
393262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21690
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 12:01:26 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 18 Dec 2024 19:20:09 GMT
13807221044435258780
tpc.googlesyndication.com/simgad/ Frame 57D5
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq2JicpwEQsAkYsAkyCOmWWTk7j0iF
  • https://tpc.googlesyndication.com/simgad/13807221044435258780
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13807221044435258780
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 21 Dec 2024 03:27:20 GMT
date
Fri, 22 Dec 2023 03:27:20 GMT
x-content-type-options
nosniff
age
191231
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:21:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Sun, 24 Dec 2023 04:38:09 GMT
x-content-type-options
nosniff
server
cafe
age
14182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/13807221044435258780
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 04:38:09 GMT
/
pips.taboola.com/ 		4 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-bfi-kbfi7400060-BFI
date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
truncated
/ Frame 7A27 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5097ce6f523153ef7a923cceeefe20c2ace7189caf5cc7e2bb31b42fa27495e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 57D5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae8207f30886ef630b0e5fbd4b7c11bdcd123e0c1748374f02e99b692d9477f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870493&de=691852470356&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=15&cb=0&ym=0&cu=1703406870493&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=FEED_MANAGER%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Foa1s59shzfvbb25p7gh3EOIz_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=763573225&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:31 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870505&de=265613965616&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=19&cb=0&ym=0&cu=1703406870505&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=FEED_MANAGER%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Faey9i47x5hk0pd04wgxyoxSF_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=1129147086&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:31 GMT
pixel
cm.g.doubleclick.net/ Frame 6CE9
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEI9JpWKkN81kpjz0FMQmeNI&google_cver=1&google_push=AXcoOmTRCfYzfntlZeXXrNc-7Y1JGSreMI3AWngwBoo52-cmhh4ABNoWkNPmyOFPTtgk-LENjvkBTOl...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTRCfYzfntlZeXXrNc-7Y1JGSreMI3AWngwBoo52-cmhh4ABNoWkNPmyOFPTtgk-LENjvkBTOlj2f_c1Vw5BrXONNmujiwOak63uLz2FQlf1sQxr-hogSShs1LH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTRCfYzfntlZeXXrNc-7Y1JGSreMI3AWngwBoo52-cmhh4ABNoWkNPmyOFPTtgk-LENjvkBTOlj2f_c1Vw5BrXONNmujiwOak63uLz2FQlf1sQxr-hogSShs1LH_RugFT1uOd2mmhoK4X0EiQ0bVsQ&google_hm=Oy1ZLcmsRcuyCU-AmEt3h6M
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:30 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTRCfYzfntlZeXXrNc-7Y1JGSreMI3AWngwBoo52-cmhh4ABNoWkNPmyOFPTtgk-LENjvkBTOlj2f_c1Vw5BrXONNmujiwOak63uLz2FQlf1sQxr-hogSShs1LH_RugFT1uOd2mmhoK4X0EiQ0bVsQ&google_hm=Oy1ZLcmsRcuyCU-AmEt3h6M
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6CE9
Redirect Chain
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmSW5R2chIvnd8sbp7zWcGZHKfCEtWkB4Ec3W5RzXGS9tL4KFo5EUNSsN7gJYpXZyAEvFqnED9XKXo8y5LX_xJQCqeM-lRLYy1d8qlmEB1O7Amo-PUtw-r1ZeCbYZNtzmMHdSChR_EI9uZkeJAI1_sQ&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=FRZkLMAFPgTVm7LE6nPmVA&google_push=AXcoOmSW5R2chIvnd8sbp7zWcGZHKfCEtWkB4Ec3W5RzXGS9tL4KFo5EUNSsN7gJYpXZyAEvFqnED9XKXo8y5LX_xJQCqeM-lRL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=FRZkLMAFPgTVm7LE6nPmVA&google_push=AXcoOmSW5R2chIvnd8sbp7zWcGZHKfCEtWkB4Ec3W5RzXGS9tL4KFo5EUNSsN7gJYpXZyAEvFqnED9XKXo8y5LX_xJQCqeM-lRLYy1d8qlmEB1O7Amo-PUtw-r1ZeCbYZNtzmMHdSChR_EI9uZkeJAI1_sQ
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=FRZkLMAFPgTVm7LE6nPmVA&google_push=AXcoOmSW5R2chIvnd8sbp7zWcGZHKfCEtWkB4Ec3W5RzXGS9tL4KFo5EUNSsN7gJYpXZyAEvFqnED9XKXo8y5LX_xJQCqeM-lRLYy1d8qlmEB1O7Amo-PUtw-r1ZeCbYZNtzmMHdSChR_EI9uZkeJAI1_sQ
date
Sun, 24 Dec 2023 08:34:32 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 6CE9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC8apaMwMQCHrOfR0uc78OI&google_cver=1&google_push=AXcoOmTibGWK2v-sm7vmlPx5HVXlmPMGQ7mWkdX00FtcJOM231xnCmGmo1UOzW1OxwTIqR1CpPR7wPfbwX-z...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTibGWK2v-sm7vmlPx5HVXlmPMGQ7mWkdX00FtcJOM231xnCmGmo1UOzW1OxwTIqR1CpPR7wPfbwX-z2rSXDk5Ii7kYVpbzewlxe7HwVkuqRDHtqBI5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTibGWK2v-sm7vmlPx5HVXlmPMGQ7mWkdX00FtcJOM231xnCmGmo1UOzW1OxwTIqR1CpPR7wPfbwX-z2rSXDk5Ii7kYVpbzewlxe7HwVkuqRDHtqBI5jObjRrNCap_WFXgBDFGqGHGXcxliWtXJxnc
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTibGWK2v-sm7vmlPx5HVXlmPMGQ7mWkdX00FtcJOM231xnCmGmo1UOzW1OxwTIqR1CpPR7wPfbwX-z2rSXDk5Ii7kYVpbzewlxe7HwVkuqRDHtqBI5jObjRrNCap_WFXgBDFGqGHGXcxliWtXJxnc
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 6CE9
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFTNTz4uiS61fOzw6LFbCQA&google_cver=1&google_push=AXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0ASGw5XROpIaVvb5BP83-d8pSmis0V1...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEFTNTz4uiS61fOzw6LFbCQA%26google_cver%3D1%26google_push%3DAXcoOmSnZd6Fvz9O0zPfHc...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8883016734441585047&exchange=193&google_gid=CAESEFTNTz4uiS61fOzw6LFbCQA&google_cver=1&google_push=AXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0AS...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg4ODMwMTY3MzQ0NDE1ODUwNDc&google_push=AXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0ASGw5XROpIaVvb5BP83-d8pSmis0V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg4ODMwMTY3MzQ0NDE1ODUwNDc&google_push=AXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0ASGw5XROpIaVvb5BP83-d8pSmis0V1UCZy4B3bGC0s_R3pnNtOBg9k5-ydduzL0WCVowXnZTcQaZQFAJ9IYXWd3Vi9mXi_Vcq8cIntGSML
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg4ODMwMTY3MzQ0NDE1ODUwNDc&google_push=AXcoOmSnZd6Fvz9O0zPfHcVRUWhErsdG4nKzT1evJPEGCmy1N0ASGw5XROpIaVvb5BP83-d8pSmis0V1UCZy4B3bGC0s_R3pnNtOBg9k5-ydduzL0WCVowXnZTcQaZQFAJ9IYXWd3Vi9mXi_Vcq8cIntGSML
Date
Sun, 24 Dec 2023 08:34:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6CE9
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPUfaZt878aR-oGmjuXGa9Y&google_cver=1&google_push=AXcoOmQT72FvVHPpfH41Ewq2t5zsOvK5cC3wZA2jClSN1B32hiDuHEhSfLhgDZr_QKip60ucdy9kOfTFnjjVGYFHd...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MzA0NmZjZTUtMjBjZC00YjdiLTg4OTgtMmM3Y2Q5OTljNGEy&google_push=AXcoOmQT72FvVHPpfH41Ewq2t5zsOvK5cC3wZA2jClSN1B32hiDuHEhSfLhgDZr_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MzA0NmZjZTUtMjBjZC00YjdiLTg4OTgtMmM3Y2Q5OTljNGEy&google_push=AXcoOmQT72FvVHPpfH41Ewq2t5zsOvK5cC3wZA2jClSN1B32hiDuHEhSfLhgDZr_QKip60ucdy9kOfTFnjjVGYFHdKyWwQbaakRcfJMvtmtCoiVuF8poj4u0ZNmigWPCw_qlJyvwcDiLFKWyTs4KWfhNohcn
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MzA0NmZjZTUtMjBjZC00YjdiLTg4OTgtMmM3Y2Q5OTljNGEy&google_push=AXcoOmQT72FvVHPpfH41Ewq2t5zsOvK5cC3wZA2jClSN1B32hiDuHEhSfLhgDZr_QKip60ucdy9kOfTFnjjVGYFHdKyWwQbaakRcfJMvtmtCoiVuF8poj4u0ZNmigWPCw_qlJyvwcDiLFKWyTs4KWfhNohcn
date
Sun, 24 Dec 2023 08:34:31 GMT
content-length
0
/
onetag-sys.com/match/ Frame 6CE9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC8apaMwMQCHrOfR0uc78OI&google_cver=1&google_push=AXcoOmQK7RIlMvWAB9V8btfYdouzJDi7dUcrJbN5vW_qKaCwhM5m5ma5WjRNfmvvdznJjZl4wGhTj19QTQ-...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQK7RIlMvWAB9V8btfYdouzJDi7dUcrJbN5vW_qKaCwhM5m5ma5WjRNfmvvdznJjZl4wGhTj19QTQ-RF9SHaJUNxkYrGbxZGWLdKmH0lw-72djLJV_M...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip29.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6CE9
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=e35333ea-1399-4000-97f1-5028b5962308&google_cver=1&google_gid=CAESEC_3qMYgEXz-EjrXnTlHhAg&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=e35333ea-1399-4000-97f1-5028b5962308&google_cver=1&google_gid=CAESEC_3qMYgEXz-EjrXnTlHhAg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQFj2HztU9S3DcQkQR_85IcAW5Ne5jIGV0vKzRGVzsST_Ns-49d8Y4f9I4czHhrtDnlT_91T_TbMpLhWORzKVrvsY8jD3vfLNXeKMxaRXGDk5RZOZfLMwP36zpYTkgSD4AmsRgV3qMElHlR3nTFxJY&gdpr=${GDPR}
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=e35333ea-1399-4000-97f1-5028b5962308&google_cver=1&google_gid=CAESEC_3qMYgEXz-EjrXnTlHhAg&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQFj2HztU9S3DcQkQR_85IcAW5Ne5jIGV0vKzRGVzsST_Ns-49d8Y4f9I4czHhrtDnlT_91T_TbMpLhWORzKVrvsY8jD3vfLNXeKMxaRXGDk5RZOZfLMwP36zpYTkgSD4AmsRgV3qMElHlR3nTFxJY&gdpr=${GDPR}
date
Sun, 24 Dec 2023 08:34:31 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6CE9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLcOQZa3Boc73w_3O7FkuOEFZtx8rWbI77sIouXkfWSsmsRkBF-ceDHMlOzlS96uGOzjZM0qckLA
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7A27 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:21:24 GMT
x-content-type-options
nosniff
age
205987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 23:21:24 GMT
pixel
cm.g.doubleclick.net/ Frame 4159
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESED7hK80NcPmce4YZa3t2qlw&google_cver=1&google_push=AXcoOmQagvbr-aGPPs1Znfb_qWoxIA3kBHIw9Xl7wXkOarpQA9qMaeLNzVb6Oe1ZswHI_rvg4xgN9...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQagvbr-aGPPs1Znfb_qWoxIA3kBHIw9Xl7wXkOarpQA9qMaeLNzVb6Oe1ZswHI_rvg4xgN9M8l_Lsc2zSeTPyoxn1G_sNKmfHmYhJPqRxKQ__YUVzzw8wNWVxjSP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQagvbr-aGPPs1Znfb_qWoxIA3kBHIw9Xl7wXkOarpQA9qMaeLNzVb6Oe1ZswHI_rvg4xgN9M8l_Lsc2zSeTPyoxn1G_sNKmfHmYhJPqRxKQ__YUVzzw8wNWVxjSPGXIbz0gKBIX72uMDS0kU3Ouqs&google_hm=aE92Z2w4Yk5wZmJWdDFyUzBZYVlySVM0dU5F&from_google=sp1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:31 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQagvbr-aGPPs1Znfb_qWoxIA3kBHIw9Xl7wXkOarpQA9qMaeLNzVb6Oe1ZswHI_rvg4xgN9M8l_Lsc2zSeTPyoxn1G_sNKmfHmYhJPqRxKQ__YUVzzw8wNWVxjSPGXIbz0gKBIX72uMDS0kU3Ouqs&google_hm=aE92Z2w4Yk5wZmJWdDFyUzBZYVlySVM0dU5F&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 4159
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIlqIySYe0fAnyENiwHjZWs&google_cver=1&google_push=AXcoOmTOxDrXo52GyzLnAQa1muc2h4WO8Xrdo65f1NNoMK5ivP3e43YW7HjAeW-7UIE0Hhjl585ZlHEg...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg3Nzg5MDAyOTQ0MzQ0MjYxNg&google_push=AXcoOmTOxDrXo52GyzLnAQa1muc2h4WO8Xrdo65f1NNoMK5ivP3e43YW7HjAeW-7UIE0Hhjl585ZlH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg3Nzg5MDAyOTQ0MzQ0MjYxNg&google_push=AXcoOmTOxDrXo52GyzLnAQa1muc2h4WO8Xrdo65f1NNoMK5ivP3e43YW7HjAeW-7UIE0Hhjl585ZlHEgiF0kMTpup7zzhEovIHUVt4b9cF_pYThWaaPLEG3wbyJk2I-UstatoB3GlMeLmId_2re_U-dupc4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg3Nzg5MDAyOTQ0MzQ0MjYxNg&google_push=AXcoOmTOxDrXo52GyzLnAQa1muc2h4WO8Xrdo65f1NNoMK5ivP3e43YW7HjAeW-7UIE0Hhjl585ZlHEgiF0kMTpup7zzhEovIHUVt4b9cF_pYThWaaPLEG3wbyJk2I-UstatoB3GlMeLmId_2re_U-dupc4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 4159 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEAkrZbj4lFaqKf_HM1Y0j9k&google_cver=1&google_push=AXcoOmSeRUmHsJsF4bg-RzqhVsBsufyA6WDPRvgoETPDLOs9ZtgwpiJ6tRuWF9D6I5Gu3C3h7ucdivcGSzicb5EktMu4ClJjHrTmUOEFJq2JqDRtLFDLebujLNbolBq-MXOL6OCJtR2tk-zjBOe6q1AsHg
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.186.161.89 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:31 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4159
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC8apaMwMQCHrOfR0uc78OI&google_cver=1&google_push=AXcoOmQHDBgrJqfjoHfpjJTGLyvOAYd4QUgtSiBbQt6zeIi_nvOa_yuuHyzdCYpgcHIb88J4wclLt7jBCo5n...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQHDBgrJqfjoHfpjJTGLyvOAYd4QUgtSiBbQt6zeIi_nvOa_yuuHyzdCYpgcHIb88J4wclLt7jBCo5n9m5A69U1kWpJfQf-VUrvU0hhAgrRDelgWzUy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQHDBgrJqfjoHfpjJTGLyvOAYd4QUgtSiBbQt6zeIi_nvOa_yuuHyzdCYpgcHIb88J4wclLt7jBCo5n9m5A69U1kWpJfQf-VUrvU0hhAgrRDelgWzUymO7JF0J5VUu4_ktgeM1Ihqss3Gh4DHPoNg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQHDBgrJqfjoHfpjJTGLyvOAYd4QUgtSiBbQt6zeIi_nvOa_yuuHyzdCYpgcHIb88J4wclLt7jBCo5n9m5A69U1kWpJfQf-VUrvU0hhAgrRDelgWzUymO7JF0J5VUu4_ktgeM1Ihqss3Gh4DHPoNg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 4159
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKtlK91TDEeeZzuVfj0Yi8I&google_cver=1&google_push=AXcoOmT8guh-59y62e1pLN9pdWBYceldiK0rYoMrKZjQJ6VECc7JzjWD1l631xRYgmiQj_gRSXuLKy9Fa-cPEvDsKNbJ-p4Dy-...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkyNTQ4OTcyMjU3NTcyMzI5NzU1&google_push=AXcoOmT8guh-59y62e1pLN9pdWBYceldiK0rYoMrKZjQJ6VECc7JzjWD1l631xRY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkyNTQ4OTcyMjU3NTcyMzI5NzU1&google_push=AXcoOmT8guh-59y62e1pLN9pdWBYceldiK0rYoMrKZjQJ6VECc7JzjWD1l631xRYgmiQj_gRSXuLKy9Fa-cPEvDsKNbJ-p4Dy-16o9kQiNVfB91tuMCWWn9wzdn5zVAfBIq-Si1kJZ73j5BU5E0oNveJCxQ
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkyNTQ4OTcyMjU3NTcyMzI5NzU1&google_push=AXcoOmT8guh-59y62e1pLN9pdWBYceldiK0rYoMrKZjQJ6VECc7JzjWD1l631xRYgmiQj_gRSXuLKy9Fa-cPEvDsKNbJ-p4Dy-16o9kQiNVfB91tuMCWWn9wzdn5zVAfBIq-Si1kJZ73j5BU5E0oNveJCxQ
date
Sun, 24 Dec 2023 08:34:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 4159
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEC8apaMwMQCHrOfR0uc78OI&google_cver=1&google_push=AXcoOmRqxVHW_M6TwgCJDcEwiyY0x4E6_Z4-6w6s3nZKjOu_YhHfoUE6UciU6GjjI04i-xap4pdn-RGocrr...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRqxVHW_M6TwgCJDcEwiyY0x4E6_Z4-6w6s3nZKjOu_YhHfoUE6UciU6GjjI04i-xap4pdn-RGocrr4PTp8z0z7CAlyxuLZKEO6RbzWyyOaG1hrrx8H...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip29.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame 4159
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENvR1Mk0vIrO...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzIzOGUxYTgtNTA2Yy00NTdhLWIyYjQtMjJiMDhkYmI4ODMz&google_push=AXcoOmR6LizgejXi1ttLOEsLgJ5ZrVBqZp-ekyLWYRIUbbIGaMfw8ixH4l_URB1RQR3g4...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.80.233.57 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-233-57.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 08:34:31 GMT
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4159 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8DPkJd8ahsQJ6k93Miu_5zAoDHbZV4NeOnZvaWdu3jE89bBn2DaFqq3b8WnblU9SmlIueAzk
Requested by
Host: 7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
URL: https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 57D5 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:21:24 GMT
x-content-type-options
nosniff
age
205987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 23:21:24 GMT
v3
id5-sync.com/gm/ 		698 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
3e883a80bcc7ea06ad0e3525983920dc89503aa813db81019812982dd9b80889
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
OpportunityServlet
opps.taboola.com/ 		1 B
132 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406871.295560,VS0,VE44
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870517&de=161041985527&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=23&cb=0&ym=0&cu=1703406870517&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=FEED_MANAGER%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Fmjvk8adxecftoyfq9ae4sDEu_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=1203777133&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:31 GMT
OpportunityServlet
opps.taboola.com/ 		1 B
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406871.324271,VS0,VE87
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
OpportunityServlet
opps.taboola.com/ 		1 B
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406871.329232,VS0,VE67
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
OpportunityServlet
opps.taboola.com/ 		1 B
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406872.516875,VS0,VE44
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 08:34:31 GMT
cache-control
no-store
server
nginx
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870529&de=263492087653&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=27&cb=0&ym=0&cu=1703406870529&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=RECO_REEL_WIDGET%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Fmjvk8adxecftoyfq9ae4sDEu_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=500461818&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:31 GMT
OpportunityServlet
opps.taboola.com/ 		1 B
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406872.887316,VS0,VE45
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
OpportunityServlet
opps.taboola.com/ 		1 B
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406872.981903,VS0,VE48
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
get.media
direct.ad.cpe.dotomi.com/w/ 		68 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/w/get.media?sid=230221&placement_id=28ac17b1&vpaid=2&m=11
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.207.22.114 Singapore, Singapore, ASN399104 (CNVR-APAC, US),
Reverse DNS
sin02-convex-float1.dotomi.com
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:33 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
av
taboola-d.openx.net/v/1.0/ 		48 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taboola-d.openx.net/v/1.0/av?auid=540790697&gdpr=0&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
taboola-d.openx.net/v/1.0/ 		48 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taboola-d.openx.net/v/1.0/av?auid=540940978&gdpr=0&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame 3894 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqj8gujy&c=2110318816598&slotId=1055159408299&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.193.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iu-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ovvbundle_moat.js
js.brealtime.com/ Frame 2C41 		175 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.brealtime.com/ovvbundle_moat.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.21.64.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07743779ae2fa5aad24754153ec3d919d11a7bc7896f8d5f621edad1b54cd1fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:31 GMT
Via
1.1 82008a7e089b84e7f0a6d8d139a4e3de.cloudfront.net (CloudFront)
Content-Encoding
br
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Amz-Cf-Pop
SYD62-P1
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 08 Mar 2021 20:03:00 GMT
Server
cloudflare
ETag
W/"c9720c4eb1878a14382004daa0cc2458"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxLVDz1zvw2EHIzvtrifxA%2BzRyIBCrzwPoYYKsskJmftHVa7f1PeLTv9PFIKX1siSO5HNSFHv7FXRhb%2BDcPD8h%2FMOO0OJ5acsYKd2N4D7cROMHy7%2F%2BuiJ2ImvfD9h7ot%2B58L"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=60
CF-RAY
83a78172bacc79cf-SYD
X-Amz-Cf-Id
jhh5xi518CvPhlmNcOUJswlyuybF70ukjZvER7omgv-5S5WLwjLHQA==
vast
aax.amazon-adsystem.com/e/dtb/ Frame 3894 		69 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/vast?b=JHd4oo0qLqTDMAxorZDt5dsAAAGMmvYViwUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDDulp6&rnd=304354226&pp=v_1uix7uo
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
e79570e30c474e4175ac4de645fb0c48f730e9964e53635471bad737c5ab54a1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
via
1.1 dc7f2062b70b5b710c1b09d21b43f900.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-store, max-age=0
access-control-allow-credentials
true
content-length
70161
x-amz-cf-id
RXjwT7WBtP2T7YNlgQPl7V2Y8WjIu7AxFoROu4kmEwW4jMAPTaGBfw==
rid
match.adsrvr.org/track/ 		108 B
800 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=tcugyhe&fmt=json
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
259562a102316bdad565e59ac96db1e20f80c15e250073afa0c2b1c592c13080

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 23 Jan 2024 08:34:31 GMT
cksync
hb.yahoo.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=da55406d-0593-41c8-8da4-7f3f342c02e4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS14aEFuTEN0RTJ1R1ZnUFAuMmFxVHVGMHFBWVdwSnptZn5B&gdpr=0&ovsid=da55406d-0593-41c8-8da4-7f3f342c02e4&dpid=55953
57 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS14aEFuTEN0RTJ1R1ZnUFAuMmFxVHVGMHFBWVdwSnptZn5B&gdpr=0&ovsid=da55406d-0593-41c8-8da4-7f3f342c02e4&dpid=55953
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
23.206.242.194 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-242-194.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 24 Dec 2023 08:34:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sun, 24 Dec 2023 08:34:32 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS14aEFuTEN0RTJ1R1ZnUFAuMmFxVHVGMHFBWVdwSnptZn5B&gdpr=0&ovsid=da55406d-0593-41c8-8da4-7f3f342c02e4&dpid=55953
date
Sun, 24 Dec 2023 08:34:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUq7rFO2HZb25KrKnz7sPqM6X6A2ggbrSdL6kwonREeSCu_uaAhABILTOlQhgpfiRgJABoAGhwJjxKMgBCakCxZcMiifPgj7gAgCoAwHIA8sEqgTkAk_Q1qtFbHYPxGhZNzYRYyO0ctSntdShgY3x8_WB6PitSwJROUA9uFmDGBvzpO9kuux3pXFdC0XgWfQoyNgVTmK4G8dWcVx_kAE4DY4jvO-XYkNasTQH-0UAy5V_t7iSQjZcVss7tGwsE-k5YW73T27_BIdGJYTpPUuU-PfkeyYZiRaNscAPB2Ycvp6NRId5m_ROvmcN6tUGj_WgaYzhP9_nn_zLjpoc7k5TyMm2zXTKErynnKMCjmJjf1PijeBaE84-atzIxvTJms5jXMpHeWZgiPU5uqcZ72FGBnnEWUIWX2-mVB6YKjqSRSAiOJHqhTNblYvmaslSaxUD2VnqChCgD-m0ovbYDWCMl-G3W19RHmsh2p2zy6ubnF74C8MEQMPPWYLizCyskNV4AO5U6K8fcIyo3HhI64L3pA7GO2TOzUPJPM3zesqVEh66Bagdd-SnUzaZe6m0lU1ltxeUyAD09BC4wAS6otfWtgTgBAGIBd3Nk59MkgUECAQYAZIFBAgFGASgBi6AB9yp5ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEJWsF9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpYgpHCitWngwOaCYACaHR0cHM6Ly93d3cudGVtdS5jb20vYXUva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0xMn5lbn5BVUQmZ29vZHNfaWQ9NjAxMDk5NTE0OTU5Njg1Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDk3Mzc4OC0xJnRvcGljX2NsYXNzaWZ5PTExM4AKA8gLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAtoMEQoLENCIw7r_q6-t2wESAgED4g0TCMrQworVp4MDFbLTcwEdKOcF3dgTC9AVAYAXAbIXHgocCAASFHB1Yi05OTg3NTAxNDk4NTI5MDg4GMCGEA&sigh=_j369NO_zYs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_rYFh4MvpDtdqKeOiGmuK_7UHjOiNdssQPDH0As6SR9rlkFbu4_oOa4OGJLdX9WQogx_X0C7O8hgB&template_id=494&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 08:34:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 57D5
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CUq7rFO2HZb25KrKnz7sPqM6X6A2ggbrSdL6kwonREeSCu_uaAhABILTOlQhgpfiRgJABoAGhwJjxKMgBCakCxZcMiifPgj7gAgCoAwHIA8sEqgTkAk_Q1qtFbHYPxGhZNzYRYyO0ctSn...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78ace5f7dc4389ec0000000000000000%22,%222%22:%220x66e35b66edcdd0a30000000000000000%22,%223%22:%220xebdb0c...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78ace5f7dc4389ec0000000000000000%22,%222%22:%220x66e35b66edcdd0a30000000000000000%22,%223%22:%220xebdb0ca6d1979dad0000000000000000%22,%224%22:%220xa15ee07948bd08500000000000000000%22,%225%22:%220x26c1666a7541fe150000000000000000%22},%22debug_key%22:%2215499590619962919408%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229861506702110122097%22}&andc=true
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x78ace5f7dc4389ec0000000000000000","2":"0x66e35b66edcdd0a30000000000000000","3":"0xebdb0ca6d1979dad0000000000000000","4":"0xa15ee07948bd08500000000000000000","5":"0x26c1666a7541fe150000000000000000"},"debug_key":"15499590619962919408","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"9861506702110122097"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 08:34:32 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Dec 2023 08:34:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x78ace5f7dc4389ec0000000000000000","2":"0x66e35b66edcdd0a30000000000000000","3":"0xebdb0ca6d1979dad0000000000000000","4":"0xa15ee07948bd08500000000000000000","5":"0x26c1666a7541fe150000000000000000"},"debug_key":"15499590619962919408","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"9861506702110122097"}&andc=true
access-control-allow-origin
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChoVfFO2HZcbQKO6n3LUPvZqOwA2ggbrSdL6kwonREeSCu_uaAhABILTOlQhgpfiRgJABoAGhwJjxKMgBCakCxZcMiifPgj7gAgCoAwHIA8sEqgTmAk_Qikb8xW0Xr5F1cP228CHldaxOfmRP0MUiaPmYQCmY_q6lCxAXve2d7a7Ui6C1x8zTuYlyLWhQ3St3ndnXYqTgqkWzg_rg5GU6ooJj5EOcADPv9_Pd5eJlMMeW_TnmJ3hHTWqG6YqmqJWis3Dv9NaIKVrJJsv0tG7VK5nzFh28anJu1P6abMgMgwYYsdglTPH_zqLJwuzVzltzyby4iTRMemdhNkrBidlrdh02bWkQpPadg-zQWZDO4ue3YKjNKqARvsQ9WUmZ9lxX0vSnrUR_6qnXziIz5HG0cvgpBXbhA8J-yFH6B7YVHwmrq5Z70Le86jJ8HeC80lydOztd7aNSngStpHVo7od-rAMZ3ZrvCgPpMLxbavFopmafNXF-Tc008JMEAoWLrrn6gVjBKMZmYoKtxAoipGT3JPmtEdTfQbRzhuNilNmAGsCKVTY8DMWDy967iKySqAEBQ3bQmHgbNQC2FsbABLqi19a2BOAEAYgF3c2Tn0ySBQQIBBgBkgUECAUYBKAGLoAH3KnlkgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQv9gG0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli608CK1aeDA5oJgAJodHRwczovL3d3dy50ZW11LmNvbS9hdS9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTEyfmVufkFVRCZnb29kc19pZD02MDEwOTk1MTQ5NTk2ODUmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkOTczNzg4LTEmdG9waWNfY2xhc3NpZnk9MTEzgAoDyAsBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwRCgsQoJqvn8rqlMDBARICAQPiDRMI8oTBitWngwMV7hO3AB09jQPY2BML0BUBgBcBshceChwIABIUcHViLTk5ODc1MDE0OTg1MjkwODgYwIYQ&sigh=JJR_-CI4Jds&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_ABJQsoUWErVWkylloGTchBSz4hvsewJAc6sWHECaGWacXrPOy3oPxKhDcVlEaFx4KKE3HtZKGAE&template_id=494&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 08:34:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 7A27
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=ChoVfFO2HZcbQKO6n3LUPvZqOwA2ggbrSdL6kwonREeSCu_uaAhABILTOlQhgpfiRgJABoAGhwJjxKMgBCakCxZcMiifPgj7gAgCoAwHIA8sEqgTmAk_Qikb8xW0Xr5F1cP228CHldaxO...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78ace5f7dc4389ec0000000000000000%22,%222%22:%220x66e35b66edcdd0a30000000000000000%22,%223%22:%220xebdb0c...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78ace5f7dc4389ec0000000000000000%22,%222%22:%220x66e35b66edcdd0a30000000000000000%22,%223%22:%220xebdb0ca6d1979dad0000000000000000%22,%224%22:%220xa15ee07948bd08500000000000000000%22,%225%22:%220x26c1666a7541fe150000000000000000%22},%22debug_key%22:%222462932738271424318%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215816305688724689345%22}&andc=true
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x78ace5f7dc4389ec0000000000000000","2":"0x66e35b66edcdd0a30000000000000000","3":"0xebdb0ca6d1979dad0000000000000000","4":"0xa15ee07948bd08500000000000000000","5":"0x26c1666a7541fe150000000000000000"},"debug_key":"2462932738271424318","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"15816305688724689345"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 08:34:32 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Dec 2023 08:34:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x78ace5f7dc4389ec0000000000000000","2":"0x66e35b66edcdd0a30000000000000000","3":"0xebdb0ca6d1979dad0000000000000000","4":"0xa15ee07948bd08500000000000000000","5":"0x26c1666a7541fe150000000000000000"},"debug_key":"2462932738271424318","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"15816305688724689345"}&andc=true
access-control-allow-origin
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame 99BA 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 22:28:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
36369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19933
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 22:28:22 GMT
5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame 1CF0 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 22:28:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
36369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19933
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 22:28:22 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870541&de=645619413068&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=31&cb=0&ym=0&cu=1703406870541&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=FEED_MANAGER%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Fa1edfmpjit73egvp59ydb0Z8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=376292350&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:31 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870553&de=403461285747&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=35&cb=0&ym=0&cu=1703406870553&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=RECO_REEL_WIDGET%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Fletrkpcw1t8y7ecikw9dHJ7l_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=285516507&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:31 GMT
OpportunityServlet
opps.taboola.com/ 		1 B
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406872.029195,VS0,VE44
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
moatvideo.js
z.moatads.com/emxsspvideo326487385820/ Frame 2C41 		330 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/emxsspvideo326487385820/moatvideo.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a730ccb9e58b78c4170bc5f503d4e2583e16b5f4a29ed503ed35d251556abc12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:31 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:35:06 GMT
server
AmazonS3
x-amz-request-id
TYVQH36BCM8DQ7G7
etag
"e1bcc74a163ff171c79c9695d64d874f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=37240
accept-ranges
bytes
content-length
114007
x-amz-id-2
bJcUP/HOeE0u5VqRFVw2FQsbBlFf4iPMsvJ2sJSkz69D2HXQA/KOCYLgUYRp96ZtCpGRJ+ApBL+09pq4v3LCwg==
OpportunityServlet
opps.taboola.com/ 		1 B
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406872.048418,VS0,VE43
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
G7_BDXC0423000H_Yoga_15_960_540_1200k.mp4
edge.blockboardtech.com/7482/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://edge.blockboardtech.com/7482/G7_BDXC0423000H_Yoga_15_960_540_1200k.mp4?ttl=1703462400
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
9a7550f51dfeaced9f29842f1ae4941556c4fcf3751a738bdfc6dbc707c7d717

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:33 GMT
x-cf-tsc
1701667037
x-cf3
H
x-amz-request-id
3E3Z41RH43357ZYM
cf4ttl
2678400.000
x-amz-server-side-encryption
AES256
x-cf1
34042:fB.sea1:co:1697133543:cacheN.sea1-01:P
Content-Range
bytes 0-2649712/2649713
Content-Length
2649713
x-amz-id-2
qzJhEevhP3JXPBia+PXTEMyh82aYhZskGS0xARvdu/RFkyo3WwU7AJsjcyG82HasTA/9Rn8P158=
x-cf2
H
last-modified
Thu, 30 Nov 2023 00:25:51 GMT
server
CFS 0215
x-cff
B
etag
"00d2a8a16d50d8474d5ae2803fecada7"
content-type
video/mp4
access-control-allow-origin
*
cf4age
0
accept-ranges
bytes
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406870565&de=26410158423&m=0&ar=cc84ca2002d-clean&iw=e94b13e&q=39&cb=0&ym=0&cu=1703406870565&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=RECO_REEL_WIDGET%3A203735%3A67404575%3Awww.chicagotribune.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2Fta%2F67404575%2Fa1edfmpjit73egvp59ydb0Z8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=chicagotribune.com&zMoatSubdomain=chicagotribune.com&gw=taboolajsvideo2446883476&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jm=-1&fs=206701&na=1732700078&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:32 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 08:34:32 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78ace5f7dc4389ec0000000000000000%22,%222%22:%220x66e35b66edcdd0a30000000000000000%22,%223%22:%220xebdb0ca6d1979dad0000000000000000%22,%224%22:%220xa15ee07948bd08500000000000000000%22,%225%22:%220x26c1666a7541fe150000000000000000%22},%22debug_key%22:%222462932738271424318%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215816305688724689345%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 08:34:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78ace5f7dc4389ec0000000000000000%22,%222%22:%220x66e35b66edcdd0a30000000000000000%22,%223%22:%220xebdb0ca6d1979dad0000000000000000%22,%224%22:%220xa15ee07948bd08500000000000000000%22,%225%22:%220x26c1666a7541fe150000000000000000%22},%22debug_key%22:%2215499590619962919408%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229861506702110122097%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 08:34:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://id5-sync.com/i/687/8.gif?id5id=ID5*7qtIKOYEfgMyzcRKl37GpNOKzIo1wpXIgtlD0W8MLj13VC8-K6eEVX1lnDDvubigd1Xz9lKt1WEfWUlwpzCy9w&o=api&gdpr_consent=undefined&gdpr=false
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/687/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/687/2/7/2.gif?puid=399068538422166660&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=da55406d-0593-41c8-8da4-7f3f342c02e4&ttl=%%TTL%%
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F112%2F5%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/687/112/5/4.gif?puid=8E5EDCF1381479C7&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/687/108/4/5.gif?puid=e42cd243-253d-41b2-a603-b0125185d9c0&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F10%2F3%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/687/10/3/6.gif?puid=8877890029443442616&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/687/19/2/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/687/19/2/7.gif?puid=a0b644e93e3181bab4f54ac0864fd0bf&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LQJ8GVDY-1Y-64YE&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OEU1RURDRjEzODE0NzlDNw%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-0127OJ4EHOxXvlVJ5Ly7DRC2letY79dcQznOsZZUIg
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEMkhl4LAUlEnwneR6Nrie2Y&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-0127OJ4EHOxXvlVJ5Ly7DRC2letY79dcQznOsZZUIg&...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
70 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:35 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:52 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 28C8 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84312096&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
acc22528760db724da4c4c8b48a939ff1afe0d2fdf16a0f554f0db01e99dea0d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 08:34:32 GMT
content-length
1303
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_VIDEO1&hp=1&wf=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406872118&de=445158581112&m=0&ar=cc84ca2002d-clean&iw=4f99470&q=42&cb=0&ym=0&cu=1703406872118&ll=3&lm=0&ln=1&em=0&en=0&d=1643%3A16810%3A173339%3Aundefined&bo=chicagotribune.com&bp=undefined&bd=&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=chicagotribune.com&zMoatOrigSlicer2=N%2FA&gw=emxsspvideo326487385820&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&fs=206701&na=1539374122&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:32 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame CC4B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
OpportunityServlet
opps.taboola.com/ 		1 B
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406872.218550,VS0,VE46
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame CC4B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14021295&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
acc22528760db724da4c4c8b48a939ff1afe0d2fdf16a0f554f0db01e99dea0d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 08:34:30 GMT
content-length
1303
content-type
text/html; charset=UTF-8
OpportunityServlet
opps.taboola.com/ 		1 B
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406872.239575,VS0,VE75
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
csi
csi.gstatic.com/ Frame 3894 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqj8gxuy&c=2110318816598&slotId=1055159408299&ghmsh_eids=44772139%2C44777649%2C44781409%2C44804291%2C44804618&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x77&vmfc=18&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.193.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iu-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&cmd=INV&key=oX3gvkbQ&c_id=4591&seq=1&order=8&vIndex=0&absoluteTime=12697.5&relativeTime=6209&alt=0&sC_ID=9683&sm_id=2798099&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.chicagotribune.com/entertainment/theater/&REF=https://www.chicagotribune.com/entertainment/theater/&playerCfg=BR&playerType=BARKER
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 3894 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BobrmFu2HZbTrN8Tr4t4P2aqnsA7ev5O0RgAAABABING9tz04AVjM6JvWgwRgpfiRgJABsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gEfaHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tL5gC4gnAAgLgAgDqAhIvOTIwNTYyODEvNTQwOTgwMDb4AoHSHpAD5AqYA9AFqAMB4AQB0gUGEO_TuaAXkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDgBwHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WKuXy4vVp4MD2AgCgAoFmAsBgAwBqg0CQVXaDRMIx5vNi9WngwMVxLXYBR1Z1Qnm0BUB-BYBgBcB&sigh=k9jfY0xUDQo&label=video_ad_loaded&sdkv=h.3.609.1&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3894 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvj-UjUptEovIIktuAkN4yymBO__2MnAkyRbnlNbyRYCuymwjIEvlyOIrz2gyvOALLBSGYa2yttk179P-NyxunXBpDx83dFCADOKqPYE3QBOVVsCL8n6K0GeO_k85_74Sx9HemIvlch4m_RpWp5-yXcRSD-G9y8xmFYhAzfyfa8XTFgit6cC04gZnpnwampvKWmRcVzFEBYVCHLcHkmMJdFbweIiVb3Vitz89wH_x6_SE0aeHPDpFziRfFedJkZ4LFMpfY4cZCJU5ABae1AY5YhqooHngjISR08ga1RKLIGUmOMAaTInIm4mWYHsOj9Mw5He99ZrCklUJE1Jzfo6Tr0qhh_GWNIw9cilSTXt-cMWsUypI-AaAmgLTSHO8i4&sai=AMfl-YS_ZZbL-H0OZHfgWhhJLVVePy3fnvbCFeEn-9lp-dIZG7kL8sapL6hhPZ-2ZXlqQhUFf7uiTCJxNxGqALNBq39Sw2oQDo9oJdBgLpl6nsworH7hT4ji3vWjjngfwvw&sig=Cg0ArKJSzKtevXjWG4HjEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&sdkv=h.3.609.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYyNDIwNjg5NzUyDDEzODQyNTA3MDY2OEDiCQpjCAESF2FheC5hbWF6b24tYWRzeXN0ZW0uY29tGg5SdWJpY29uUHJvamVjdCADKghwZGdjbXBuajIIcGRnY21wbmpA8QVSHSUAAPBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
get
choices.trustarc.com/ Frame 3894 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-99.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:30:51 GMT
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
2210621
x-cache
Hit from cloudfront
content-length
739
pragma
public
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
IID9FXfJG2q0RqCtiAKwD26hrwXwTp7HzadzZyj6Kv5nG8E8aq6XMw==
expires
Thu, 28 Dec 2023 18:30:51 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame FC14 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
sffe /
Resource Hash
c05c035b6439fd6a41c684eddfc54e460c2f390f0b73ab792392486c02fd848b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21114
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Sun, 24 Dec 2023 08:38:22 GMT
match
c1.adform.net/serving/cookie/ Frame B780 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 24 Dec 2023 08:34:32 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2753
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 05:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
1871b1a4-dcac-4717-8de5-1f349f43cd3b
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 08:34:32 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4994
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=21265b1c-1cf4-4d81-b7b1-ba02b21f8ab4&expires=1&user_group=5&ssp=pubmatic&bsw_param=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 02:37:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 08:34:33 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c32b22a-397f-44a2-b699-3032a1ebc79c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame FEDF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 24 Dec 2023 08:34:32 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 9AAD
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqrevdw
1 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqrevdw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 05:35:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sun, 24 Dec 2023 08:34:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqrevdw
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame C05B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
0
0
ecm3
s.amazon-adsystem.com/ Frame D288 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3D86ADBB-57FD-485D-B899-815E8B54C115
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XQG8GV88S860BF52VZMC
458249.gif
idsync.rlcdn.com/ Frame 28C8
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3D86ADBB-57FD-485D-B899-815E8B54C115
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3af510ecb0fe64718fe87f6bd0c9c95457ac469761113e2b39ae2a799bb59869791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzYWY1MTBlY2IwZmU2NDcxOGZlODdmNmJkMGM5Yzk1NDU3YWM0Njk3NjExMTNlMmIzOWFlMmE3OTliYjU5ODY5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzYWY1MTBlY2IwZmU2NDcxOGZlODdmNmJkMGM5Yzk1NDU3YWM0Njk3NjExMTNlMmIzOWFlMmE3OTliYjU5ODY5NzkxNDI2YjU0MTdkY2UyMRAAGgwImNqfrAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=b32af544-3a9f-4640-8156-2a007582d395
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=b32af544-3a9f-4640-8156-2a007582d395
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:33 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 24 Dec 2023 08:34:33 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=b32af544-3a9f-4640-8156-2a007582d395
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Pug
simage2.pubmatic.com/AdServer/ Frame 28C8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8877890029443442616
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8877890029443442616
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 05:09:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8877890029443442616
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
moatwrapper.js
svastx.moatads.com/thetradedeskvideo910663478306/ Frame FC14 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/thetradedeskvideo910663478306/moatwrapper.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ccf2a8b42a1fb107512aed1d20ca6128e3e30462165f7ac998c09fdd2782d123

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2023 15:33:37 GMT
server
AmazonS3
x-amz-request-id
MPWSX64NXW1TB13B
etag
"658b7c0efbb59728e86ca0608227b492"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1819
accept-ranges
bytes
content-length
22199
x-amz-id-2
+zVTsZe7ecDXZcfQ6wU/8K0HkWgti7xKzXWsSFfOJrPgUFjNYKq9WoZ1N4OOphZLiPX73vCxJFY=
match
c1.adform.net/serving/cookie/ Frame 5AD1 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 24 Dec 2023 08:34:32 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
396846.gif
idsync.rlcdn.com/ Frame CC4B
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3D86ADBB-57FD-485D-B899-815E8B54C115
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=377e740d-724c-4536-a494-e340419597bb
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=377e740d-724c-4536-a494-e340419597bb
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 24 Dec 2023 08:34:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=377e740d-724c-4536-a494-e340419597bb
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8B55
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 02:37:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
da1ead5c-4e8e-4a68-a221-4f1d56824a3b
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 08:34:32 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=399068538422166660&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame 87A5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=59b201f5-c634-4e16-bff3-57b346a63eba&ssp=pubmatic
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=59b201f5-c634-4e16-bff3-57b346a63eba&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:33 GMT
Server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 24 Dec 2023 08:34:33 GMT
location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=59b201f5-c634-4e16-bff3-57b346a63eba&ssp=pubmatic
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame E179
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
42 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 05:00:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 24 Dec 2023 08:34:32 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 7DA3
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqzd5gu
1 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqzd5gu
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 00:17:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sun, 24 Dec 2023 08:34:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12ttocqzd5gu
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 797F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame CC4B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8877890029443442616
42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8877890029443442616
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 04:57:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8877890029443442616
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 6A31 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3D86ADBB-57FD-485D-B899-815E8B54C115
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
W5QKMJ68H1WAHNKCK5RJ
OpportunityServlet
opps.taboola.com/ 		1 B
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406872.474154,VS0,VE76
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
27781077_39987605_non_skippable.xml
video-assets.brandcdn.com/vast_xmls/346782/ Frame FC14 		10 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-assets.brandcdn.com/vast_xmls/346782/27781077_39987605_non_skippable.xml
Requested by
Host: svastx.moatads.com
URL: https://svastx.moatads.com/thetradedeskvideo910663478306/moatwrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-66.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1745abdb46594cb3e9d3fdd4c524db52fed168022ec6344b48c9b5a2a9cd13d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
x-amz-version-id
Gp4kqfdv45yoEN7VHAF3ZkYAgBAFBZP9
via
1.1 483c7c88d4db2ecfd894042db6a4e9c8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
10414
last-modified
Wed, 29 Nov 2023 15:12:40 GMT
server
AmazonS3
etag
"5fce36cd626c8bdec904aa6ad85a725a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/xml
access-control-allow-origin
*
vary
Origin
accept-ranges
bytes
x-amz-cf-id
Mt20stAbw6M1Q-rNNqIHr-tYXUSq0rFX_VBjcynh15AvtN6ootmNPw==
letrkpcw1t8y7ecikw9dHJ7l_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/ta/67404575/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/ta/67404575/letrkpcw1t8y7ecikw9dHJ7l_DESKTOP.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b8ea00d9679c54e34b0cd0159650a40856e96e775d2eae328c800e546b956e4

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=851968-

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 649b6b05ca9ae28ccc2413cb40b9b26c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SEA900-P3
age
1951055
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront, HIT
Content-Range
bytes 851968-3514056/3514057
Content-Length
2662089
x-served-by
cache-bfi-krnt7300040-BFI
last-modified
Mon, 02 Oct 2023 23:02:05 GMT
server
AmazonS3
x-timer
S1703406873.548231,VS0,VE1
etag
"22c41b9705e3a3c5a17b08918abc1c87"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hzg0sRAaeHeT3NTmiPLRLS1t36axvcdYEHpv82fh_DaqReU0HqdZlA==
x-cache-hits
0
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=5&cisd=convusmp&cipid=66361655&crid=-1&dast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&cmcv=&pix=31579657&cb=1703406872613&uv=3369&tms=1703406872613&su=0&abt=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45&ft=0&unm=RECO_REEL_WIDGET&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
content-length
0
server
nginx
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22Visible_1%22%2C%22eventTime%22%3A1703406872645%7D&tim=16%3A34%3A32.645&id=3849&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
activeview
pagead2.googlesyndication.com/pcs/ Frame 7A27 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1skqMNYSx95c8B0JxW_JdsGb_anFzL7epz9fOxHMAWjneLSJwuTK7TLZnGKu3BsAL_UaN7-btKElTPHYjyOg3chlJujksc0dXb90BQR2kUlmujLvrG99-jONmKK-0AQDOrl7v4lxYHiFA6fZ9UCFsNVw9&sai=AMfl-YSbjVUqvIy6bEApG32YiRjqXMQavGAazYcWFXGzB29H_bTQyaWgAmvK-aqA5lvdUr4F0Sy2OP-jH8-BKIWLC84TkrnmSLn1oU9FPkRRaySgYkalisO5QM1wdik&sig=Cg0ArKJSzJ3-w6nlKcDxEAE&cid=CAQSOwAvHhf_ABJQsoUWErVWkylloGTchBSz4hvsewJAc6sWHECaGWacXrPOy3oPxKhDcVlEaFx4KKE3HtZKGAE&id=lidar2&mcvt=1002&p=598,1134,848,1434&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=588754960&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703406869513&rpt=2196&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 57D5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuI5hTTnbH6ViHvmJXmNsXWmACjFbuaN-3JC1-ygmeJixkeCSEz8rT1BxKYb2TxeygynkYt666736sje3lB__EMsL5MjwnSYnKl84fdoLWIiOKR9CXpCxBzvv3d4TvGz0vFpeNzBKXqMGeUdS5Gg8qOOy0y&sai=AMfl-YTJ6Wa-1Gs1aRKI7qzElHwIMPWoMAwQ4GbO_8nLx4BDRd_ucPgtTBO_LSMn5jPFJDsd7nLuguUqJAhq0uoNLJAOlkcctQLEzLDmpnG7gBcOZWQCN7mx240R0P4m&sig=Cg0ArKJSzG9a_1cKCOyuEAE&cid=CAQSPAAvHhf_rYFh4MvpDtdqKeOiGmuK_7UHjOiNdssQPDH0As6SR9rlkFbu4_oOa4OGJLdX9WQogx_X0C7O8hgB&id=lidar2&mcvt=1006&p=308,84,558,1516&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1076070205&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703406869739&rpt=1953&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
envelope
lexicon.33across.com/v1/ Frame E189 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&gdpr=0&src=pbjs&ver=8.6.0&coppa=0&us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 08:34:32 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usync.html
eus.rubiconproject.com/ Frame 04EA 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 08:34:32 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 04EA 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
097b6477742ed2b1922445df1dc82fde1bf4f5d6a195421b82acb94d0c68fb6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Dec 2023 02:10:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63345
Connection
keep-alive
Content-Length
13200
Expires
Mon, 25 Dec 2023 02:10:17 GMT
bid
ap.lijit.com/rtb/ 		23 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: americanhometownmedia.com
URL: https://americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4ca76e6e4dd7d02fac59fcf41f8b89e486a5a141a6025cdb3115233d1caa739b

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Dec 2023 08:34:33 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.chicagotribune.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
PugMaster
image6.pubmatic.com/AdServer/ Frame 4E40 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45765956&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bd1a812d8ce37fb62d93767013b748bddc4f746ec979e7b8fa68a811d31e76ea

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 08:34:31 GMT
content-length
1566
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 190C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 05:10:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 24 Dec 2023 08:34:33 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VvsKSL_3W_1J1MHeEqGRKkLLcKM&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 72A6
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=3b2d592dc9ac45cbb2094f80984b7787
42 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=3b2d592dc9ac45cbb2094f80984b7787
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Sun, 24 Dec 2023 08:34:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=3b2d592dc9ac45cbb2094f80984b7787
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame F09A 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 24 Dec 2023 08:34:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 35B4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 08:34:33 GMT
expires
Sun, 24 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1076000
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame B3B9 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame CCDC
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LgFc_1bCCu-P20E8Ge2HZQ
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LgFc_1bCCu-P20E8Ge2HZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 08:34:33 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LgFc_1bCCu-P20E8Ge2HZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 4E60
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e769bebd2a24c9d831699de6e92e752
42 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e769bebd2a24c9d831699de6e92e752
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 08:34:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5e769bebd2a24c9d831699de6e92e752
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 9CFB
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4429924a-a237-11ee-a3ad-6fd26945a56d
42 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4429924a-a237-11ee-a3ad-6fd26945a56d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 00:17:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 24 Dec 2023 08:34:34 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=4429924a-a237-11ee-a3ad-6fd26945a56d
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1a-delivery-1
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 3EC0 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:33 GMT
Pragma
no-cache
Server
nginx
expires
-1
usersync
usersync.gumgum.com/ Frame 4E6D 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=3D86ADBB-57FD-485D-B899-815E8B54C115
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:33 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 4E40
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2b95229fd3321f25&is_secure=true&networkId=17100&version=1&nuid=3D86ADBB-57FD-485D-B899-815E8B54C115&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMWCo8lLfl9wMBMRSCAAAAAAA&expiration=1703493274&nuid=3D86ADBB-57FD-485D-B899-815E8B54C115&...
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMWCo8lLfl9wMBMRSCAAAAAAA&expiration=1703493274&nuid=3D86ADBB-57FD-485D-B899-815E8B54C115&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMWCo8lLfl9wMBMRSCAAAAAAA&expiration=1703493274&nuid=3D86ADBB-57FD-485D-B899-815E8B54C115&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
moatvideo.js
z.moatads.com/thetradedeskvideo910663478306/ 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/thetradedeskvideo910663478306/moatvideo.js
Requested by
Host: svastx.moatads.com
URL: https://svastx.moatads.com/thetradedeskvideo910663478306/moatwrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
42a005307322477006772c2e5019a400262164f6c9b7644f303fc24fb84fe52d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:33 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:33:52 GMT
server
AmazonS3
x-amz-request-id
ASSQWZAY3ANE7JPC
etag
"fa8a2104b9d7fe6b754047002f608b4f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=36168
accept-ranges
bytes
content-length
125687
x-amz-id-2
a6+UCh7U3DaNKalknbCj6tPMMwejRklSvThDVDJcYuOyIh8Bt55ZT4VU4j9IP2zKn2zgpSehEx8=
6567040836e41_S13283006.352x288.198k.3gp
video-assets.brandcdn.com/video_files/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video-assets.brandcdn.com/video_files/6567040836e41_S13283006.352x288.198k.3gp
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-66.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
IEys6T8y5LtH6qFyay7JXgPAWmwfCijN
date
Sun, 24 Dec 2023 08:34:35 GMT
via
1.1 ac2d783151ad01d001afb8d6b8b16550.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 09:27:37 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C2
x-amz-server-side-encryption
AES256
etag
"4183084e5b4cf3729c84362972aca9e2"
x-cache
RefreshHit from cloudfront
content-type
video/3gpp
Content-Range
bytes 0-680361/680362
x-amz-replication-status
COMPLETED
accept-ranges
bytes
x-amz-cf-id
PydvP3UnAjyisretBfKbL0WOlYtlh-UHKjzD0x2yNy-aVxFUxvv2tQ==
Content-Length
680362
v2
mb.moatads.com/s/ 		146 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&pcode=thetradedeskvideo910663478306&ord=1703406873526&jv=1818021337&callback=BrandSafetyNadoscallback_2347040
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.9.186.67 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2121d19bd323e9fff27ceabcb822c94181eaba3630522a5051a7466c6f500117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:33 GMT
server
istio-envoy
etag
"c21da7957c63fc2b389a0f97386b67c5f3728d3d"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
22
timing-allow-origin
*
content-length
146
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRADEDESKVIDEO1&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406873526&de=401281975619&m=0&ar=cc84ca2002d-clean&iw=0443e71&q=45&cb=0&ym=0&cu=1703406873526&ll=3&lm=0&ln=0&r=0&em=0&en=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&bo=chicagotribune.com&bd=chicagotribune.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=thetradedeskvideo910663478306&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&jk=-1&jm=-1&fs=206701&na=444782313&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:33 GMT
OpportunityServlet
ch-vid-events.taboola.com/ 		1 B
125 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:34 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
OpportunityServlet
ch-vid-events.taboola.com/ 		1 B
125 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:34 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
SPug
simage4.pubmatic.com/AdServer/ Frame 28C8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame CC4B 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
6567040836e41_S13283006.352x288.198k.3gp
video-assets.brandcdn.com/video_files/ 		24 KB
25 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://video-assets.brandcdn.com/video_files/6567040836e41_S13283006.352x288.198k.3gp
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-66.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95a3be0e9a1b05152296cf246841e61e97f3b57dd7ac3a0099b3ce5f8562db85

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=655360-

Response headers

x-amz-version-id
IEys6T8y5LtH6qFyay7JXgPAWmwfCijN
date
Sun, 24 Dec 2023 08:34:35 GMT
via
1.1 ac2d783151ad01d001afb8d6b8b16550.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 09:27:37 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C2
x-amz-server-side-encryption
AES256
etag
"4183084e5b4cf3729c84362972aca9e2"
x-cache
Hit from cloudfront
content-type
video/3gpp
Content-Range
bytes 655360-680361/680362
x-amz-replication-status
COMPLETED
accept-ranges
bytes
x-amz-cf-id
kJgNOSVQgOmM6zAO2IlXLG46ZkNp50O48I3VmH_qVGg2ptVRwZ98qA==
Content-Length
25002
6567040836e41_S13283006.352x288.198k.3gp
video-assets.brandcdn.com/video_files/ 		600 KB
602 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://video-assets.brandcdn.com/video_files/6567040836e41_S13283006.352x288.198k.3gp
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-66.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10b3464b5fe8d62a5799c78d0c09394203fc5b3867201782e678c04564672a23

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=65536-

Response headers

x-amz-version-id
IEys6T8y5LtH6qFyay7JXgPAWmwfCijN
date
Sun, 24 Dec 2023 08:34:35 GMT
via
1.1 ac2d783151ad01d001afb8d6b8b16550.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 09:27:37 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C2
x-amz-server-side-encryption
AES256
etag
"4183084e5b4cf3729c84362972aca9e2"
x-cache
Hit from cloudfront
content-type
video/3gpp
Content-Range
bytes 65536-680361/680362
x-amz-replication-status
COMPLETED
accept-ranges
bytes
x-amz-cf-id
VUqe3P4tSd4uazVbtC1PIzre4_WWyygt0X4wq-fRihWW5RV-avKV7w==
Content-Length
614826
vt
adservices.brandcdn.com/video/ Frame FC14 		0
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservices.brandcdn.com/video/vt?aid=346782&crid=39987605&cid=3849584&event=creativeView
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.248.142 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-248-142.us-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
last-modified
Mon, 10 Apr 2023 18:00:27 GMT
server
Apache/2.4.52 (Ubuntu)
etag
"0-5f8ff265c97b6;5f8ff265c97b6
vary
negotiate
content-type
text/html
tcn
choice
accept-ranges
bytes
content-location
vt.html
content-length
0
imp
adservices.brandcdn.com/pixel/ Frame FC14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservices.brandcdn.com/pixel/imp?aid=346782&crid=39987605&cid=3849584
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.248.142 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-248-142.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
/
insight.adsrvr.org/enduser/moat/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=30&w=0&h=0&d=30.0&t=0.1&v=0&a=0&o=imp%3d83ead082-1825-40cf-b9be-c705359e272f%26ag%3di476nj4%26crid%3dpdgcmpnj%26cf%3d5874261%26fq%3d0%26t%3d1%26td_s%3dwww.chicagotribune.com%26rcats%3d%26mste%3dchicagotribune.com%26mfld%3d4%26mssi%3d%26mfsi%3d%26sv%3drubicon%26uhow%3d2%26agsa%3d%26wp%3d%24%7bAUCTION_PRICE%3aBF%7d%26rgz%3d50501%26dt%3dPC%26osf%3dWindows%26os%3dWindows10%26br%3dChrome%26svpid%3d18782%26rlangs%3den%26mlang%3d%26did%3d%26rcxt%3dOther%26tmpc%3d%26vrtd%3d%26osi%3d%26osv%3d%26daid%3d%26dnr%3d0%26vpb%3dPreRoll%26c%3dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%26dur%3dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%26durs%3dLWeVG9%26crrelr%3d%26npt%3d%26mk%3dGoogle%26mdl%3dChrome%26fpa%3d685%26pcm%3d3%26ict%3dUnknown%26said%3dbb60e7108ed94447a76a8360c5a9cd8e2d845307%26auct%3d1%26tail%3d1%26sfe%3d17bf6d13%26vp%3d0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
server
Kestrel
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.chicagotribune.com%2F%2Fentertainment%2Ftheater%2F-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=0&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=900&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=-1&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=0&ag=37&an=0&gf=37&gg=0&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=37&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=767&cd=0&ah=767&am=0&dq=73&dr=0&ds=73&dt=0&xd=00&zx=0&vu=0&tb=0&cvt=37&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&wt=js&xs=0x0&rf=0&re=0&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=1622002691&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:34 GMT
vt
adservices.brandcdn.com/video/ Frame FC14 		0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservices.brandcdn.com/video/vt?aid=346782&crid=39987605&cid=3849584&event=start
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.248.142 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-248-142.us-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
last-modified
Mon, 10 Apr 2023 18:00:27 GMT
server
Apache/2.4.52 (Ubuntu)
etag
"0-5f8ff265c97b6;5f8ff265c97b6
vary
negotiate
content-type
text/html
tcn
choice
accept-ranges
bytes
content-location
vt.html
content-length
0
36075097-5b41-472e-922c-c25dd6a88ed6
beacon-nf.rubiconproject.com/beacon/v/ Frame 3894 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/v/36075097-5b41-472e-922c-c25dd6a88ed6?oo=0&accountId=18782&siteId=410756&zoneId=2310224&sizeId=201&e=498E45A22EEBCA466A3C6CDACA62F615A5374BC16CD242E8B5F07A1D440486009604B371A0FA6D31B3ADB2857DFD6E64F7878DC41A48D63DDF547751BB9F9F365ECD0421C269ED7EC35F49CA742CC16C9A42A3293D719D8E488C738C6975812F2D3912022E64CC3243BB922D622612793472FB42B4F16F5CEBFFFE8E59E8A58C2A615B2C7D830916FC3BE8685EBA97EB8FB17BC3BBB5A1E639F7E95985FDE4D127AFD9EF772C65F2C46BDCF82EAF8BDA44019E5D0F67491D05A2E75FF5ACC319
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.68 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:35 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame 3894 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=creativeView&imp=83ead082-1825-40cf-b9be-c705359e272f&ag=i476nj4&crid=pdgcmpnj&cf=5874261&fq=0&t=1&td_s=www.chicagotribune.com&rcats=&mste=chicagotribune.com&mfld=4&mssi=&mfsi=&sv=rubicon&uhow=2&agsa=&wp=A1D2DDDAAF7C6355&rgz=50501&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=18782&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=Cg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E&dur=CjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=LWeVG9&crrelr=&npt=&mk=Google&mdl=Chrome&fpa=685&pcm=3&ict=Unknown&said=bb60e7108ed94447a76a8360c5a9cd8e2d845307&auct=1&tail=1&sfe=17bf6d13&vp=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
server
Kestrel
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 3894 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BobrmFu2HZbTrN8Tr4t4P2aqnsA7ev5O0RgAAABABING9tz04AVjM6JvWgwRgpfiRgJABsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gEfaHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tL5gC4gnAAgLgAgDqAhIvOTIwNTYyODEvNTQwOTgwMDb4AoHSHpAD5AqYA9AFqAMB4AQB0gUGEO_TuaAXkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDgBwHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WKuXy4vVp4MD2AgCgAoFmAsBgAwBqg0CQVXaDRMIx5vNi9WngwMVxLXYBR1Z1Qnm0BUB-BYBgBcB&sigh=k9jfY0xUDQo&label=vast_creativeview&ad_mt=0&sdkv=h.3.609.1&vci=CmUIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYyNDIwNjg5NzUyDDEzODQyNTA3MDY2OEDiCVoiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbwp8CAESF2FheC5hbWF6b24tYWRzeXN0ZW0uY29tGg5SdWJpY29uUHJvamVjdCADKghwZGdjbXBuajIIcGRnY21wbmpA8QVSJQiAERAEJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkj-EFAAYAFaD2FtYXpvbi5jb20tb21pZBgB
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 3894 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BobrmFu2HZbTrN8Tr4t4P2aqnsA7ev5O0RgAAABABING9tz04AVjM6JvWgwRgpfiRgJABsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gEfaHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tL5gC4gnAAgLgAgDqAhIvOTIwNTYyODEvNTQwOTgwMDb4AoHSHpAD5AqYA9AFqAMB4AQB0gUGEO_TuaAXkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDgBwHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WKuXy4vVp4MD2AgCgAoFmAsBgAwBqg0CQVXaDRMIx5vNi9WngwMVxLXYBR1Z1Qnm0BUB-BYBgBcB&sigh=k9jfY0xUDQo&label=videoautoplayed&ad_mt=0&sdkv=h.3.609.1&vci=CmUIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYyNDIwNjg5NzUyDDEzODQyNTA3MDY2OEDiCVoiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbwp8CAESF2FheC5hbWF6b24tYWRzeXN0ZW0uY29tGg5SdWJpY29uUHJvamVjdCADKghwZGdjbXBuajIIcGRnY21wbmpA8QVSJQiAERAEJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkj-EFAAYAFaD2FtYXpvbi5jb20tb21pZBgB
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=1&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=902&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=-1&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=0&ag=37&an=37&gf=37&gg=37&ez=1&aj=1&pg=100&pf=100&ib=1&cc=0&bw=37&bx=37&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=767&cd=767&ah=767&am=767&dq=73&dr=73&ds=73&dt=73&xd=00&zx=0&vu=0&tb=0&cvt=37&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&wt=js&xs=0x0&ef=1&rf=0&re=0&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=1557155221&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3894 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa0fAVLNcpNJZuJ5tHzfaV8DL5YvdrlEA96jhM0EaXaWaBTlCkkXi8W70tDyrVC9TDLBEASTctqgmtbbfeKhazSFCKoRrjxgWN63ub7Rhl4a5FzPytBdzbowMfkPjAkCC9bPgLu6BPAnhLNtGvl4UeY8eV9vjlq2IppPZ7kfIIXKL2l_1WaFqsEiBLxK8hl8r8VoFRySIJW_11Qri0oHW8k-N6d42eraApe-QjfCkxKB1pZBaXxSDYUwToBGdmT3obXDjbZ1vyHwplBVTdXcvIid5ikFEwYbAKO6zWrK2vgKyjNG8mKTidmQYl8xFWM5VAU8X80qRo8s-CTJEnNEi1gUMsybnGeyfUcX-JECHAsKP-8w8bKEJtdvtTFA&sai=AMfl-YRjBZXjq4nFTSFOegQysJTRu3ZI5joEm8CfNse2GDXVFiqtDU3WCZm7Sqqq_dI5xjC0iOEJMZIwo4eYIoxlcu2Qi82RXWQz39gneP9wazx6W7YGFn8d4AlUo_psqxU&sig=Cg0ArKJSzKBVELqJW2FREAE&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&sdkv=h.3.609.1&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
impv
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame 3894 		43 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/e/dtb/impv?b=JHd4oo0qLqTDMAxorZDt5dsAAAGMmvYViwUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDDulp6&rnd=304354226&pp=v_1uix7uo
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.221.8.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:34 GMT
Cache-Control
no-store, max-age=0
Server
Server
Content-Length
43
Content-Type
image/gif
36075097-5b41-472e-922c-c25dd6a88ed6
beacon-sin1.rubiconproject.com/beacon/v/ Frame 3894 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-sin1.rubiconproject.com/beacon/v/36075097-5b41-472e-922c-c25dd6a88ed6?oo=0&accountId=18782&siteId=410756&zoneId=2310224&sizeId=201&e=CBADCB97774921C617563B54FF2250FCF34813B2161DD80BCFFB977A4B914EBE3359D6F416C7F67591305E56CD3D608CACA86037D005F781607F55FCA739E1B04CDD0E6B2882FA5275CB10F73569FD3B17A2164DE6CF6F4243797252D42BD031854E5968C69BEB55FAFD7CC9555D8826EA51BECE55B093271C077FC53C0C5E3B81EAE29F41F710737BF97680467211E71BBB5D3BA31E2575B3437C06745E239876D818480D4B2F9A29A9E88168A2828C740B44B61CEAA57B
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.67 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=da55406d-0593-41c8-8da4-7f3f342c02e4&gdpr=0&gdpr_consent=&expires=30
date
Sun, 24 Dec 2023 08:34:34 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://um.simpli.fi/rb_match?
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5C7638686559407991A04AAA71D259CA&expires=365
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5C7638686559407991A04AAA71D259CA&expires=365
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 08:34:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5C7638686559407991A04AAA71D259CA&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 23 Dec 2023 08:34:34 GMT
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBMqHy1tO8SF2G2shYmKH_g&google_cver=1
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBMqHy1tO8SF2G2shYmKH_g&google_cver=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBMqHy1tO8SF2G2shYmKH_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AANRO07LD9oAABPGPvuH7w&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AANRO07LD9oAABPGPvuH7w&expires=30
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AANRO07LD9oAABPGPvuH7w&expires=30
Date
Sun, 24 Dec 2023 08:34:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bR2C6MA-09iQFRpNIv4Jvsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0kaJxMFE2oLSihe_p94qUZLuezxETGtsetjFLQ--~A
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0kaJxMFE2oLSihe_p94qUZLuezxETGtsetjFLQ--~A
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 08:34:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0kaJxMFE2oLSihe_p94qUZLuezxETGtsetjFLQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D17149%26nid%3D2861%26put%3D%24%7BADELPHIC_CUID%7D%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2&expires=30
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a82eb6f-403d-4ba4-881e-5f50e15ae1f2&expires=30
Date
Sun, 24 Dec 2023 08:34:34 GMT
Connection
keep-alive
X-CI-RTID
dec91c8e-f5f8-4020-8ae4-271b1205bcc4
Content-Length
144
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3288562651539434917&expires=60&gdpr=0&gdpr_consent=
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3288562651539434917&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3288562651539434917&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=399068538422166660&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=399068538422166660&expires=30
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
an-x-request-uuid
3b7d5440-952c-480f-afd7-6795cd9d089e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=399068538422166660&expires=30
x-proxy-origin
66.203.112.163; 66.203.112.163; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3894 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
37WCD7H5157C5DSZYXGG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3894
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=fwAVYZfJ1RhjWr5&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=fwAVYZfJ1RhjWr5&expires=30
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:35 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-083f2e64da6706325@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=fwAVYZfJ1RhjWr5&expires=30
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 3894
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ8GVDY-1Y-64YE
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ8GVDY-1Y-64YE
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 80CAAF2805BE47979B7547A48FEFAD74 Ref B: SYD03EDGE1917 Ref C: 2023-12-24T08:34:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNPVGs6VSJbiP9pzgdjQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ8GVDY-1Y-64YE
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
register
token.rubiconproject.com/ Frame 3894 		0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LQJ8GUYN-A-81S6
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
analytics.gif
s.update.rubiconproject.com/2/873648/ Frame 3894 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.update.rubiconproject.com/2/873648/analytics.gif?&ti=36075097-5b41-472e-922c-c25dd6a88ed6&pv=8918345b-2537-4637-817f-6fddf1b2c90e&dt=8736481691442372201000&di=chicagotribune.com&sr=magnite.com&pp=18782&md=2&c2=201&ui=LQJ8GUYN-A-81S6&si=410756&de=2&to=0&gt=us&c1=2310224&pd=avt
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.251.27.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-27-98.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 08:34:34 GMT
rubicon
sg2-bid.adsrvr.org/bid/feedback/ Frame 3894 		807 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg2-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=83ead082-1825-40cf-b9be-c705359e272f&crid=pdgcmpnj&wp=A1D2DDDAAF7C6355&aid=1&wpc=USD&sfe=17bf6d13&puid=&tdid=&pid=nc31odz&ag=i476nj4&adv=0bbd8mf&sig=1teG7eDNaUJYv6MgqxcZ126yEr_xS5jNKlpnYwJEyJjc.&bp=2.29&cf=5874261&fq=0&td_s=www.chicagotribune.com&rcats=&mste=chicagotribune.com&mfld=4&mssi=&mfsi=&uhow=2&agsa=&rgz=50501&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=18782&did=&rcxt=Other&lat=&lon=&tmpc=&daid=&vp=0&osi=&osv=&bv=1&vvp=100&bffi=41&mk=Google&mdl=Chrome&vpb=PreRoll&c=Cg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E&dur=CjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=LWeVG9&crrelr=&fpa=685&pcm=3&said=bb60e7108ed94447a76a8360c5a9cd8e2d845307&ict=Unknown&auct=1&im=1&mc=bb9919b9-abc0-47ff-86ff-43d20e5955e9&abr=c3607199-3e19-49a6-8423-548d246304d9&tail=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.33.241.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
36075097-5b41-472e-922c-c25dd6a88ed6
beacon-nf.rubiconproject.com/beacon/v/ Frame 3894 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/v/36075097-5b41-472e-922c-c25dd6a88ed6?oo=0&accountId=18782&siteId=410756&zoneId=2310224&sizeId=201&e=076252371F2F4DB1A5374BC16CD242E8B5F07A1D440486009604B371A0FA6D31B3ADB2857DFD6E64F7878DC41A48D63DDF547751BB9F9F365ECD0421C269ED7EC35F49CA742CC16C9A42A3293D719D8E488C738C6975812F2D3912022E64CC3243BB922D622612793472FB42B4F16F5CEBFFFE8E59E8A58C2A615B2C7D830916FC3BE8685EBA97EB8FB17BC3BBB5A1E639F7E95985FDE4D127AFD9EF772C65F2C46BDCF82EAF8BDA44019E5D0F67491D05A2E75FF5ACC319
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.68 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:35 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame 3894 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=start&imp=83ead082-1825-40cf-b9be-c705359e272f&ag=i476nj4&crid=pdgcmpnj&cf=5874261&fq=0&t=1&td_s=www.chicagotribune.com&rcats=&mste=chicagotribune.com&mfld=4&mssi=&mfsi=&sv=rubicon&uhow=2&agsa=&wp=A1D2DDDAAF7C6355&rgz=50501&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=18782&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=Cg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E&dur=CjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=LWeVG9&crrelr=&npt=&mk=Google&mdl=Chrome&fpa=685&pcm=3&ict=Unknown&said=bb60e7108ed94447a76a8360c5a9cd8e2d845307&auct=1&tail=1&sfe=17bf6d13&vp=0&ast=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
server
Kestrel
%7B%22c%22%3A%22video%22%2C%22src%22%3A600%2C%22start%22%3A1%7D
aax-fe-sin.amazon-adsystem.com/x/px/RHd4oo0qLqTDMAxorZDt5dsAAAGMmvYk8AUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDDulp6/ Frame 3894 		43 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/x/px/RHd4oo0qLqTDMAxorZDt5dsAAAGMmvYk8AUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDDulp6/%7B%22c%22%3A%22video%22%2C%22src%22%3A600%2C%22start%22%3A1%7D
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.221.8.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:34 GMT
Cache-Control
no-cache
Server
Server
Connection
close
Content-Length
43
Content-Type
image/gif
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 3894 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BobrmFu2HZbTrN8Tr4t4P2aqnsA7ev5O0RgAAABABING9tz04AVjM6JvWgwRgpfiRgJABsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gEfaHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tL5gC4gnAAgLgAgDqAhIvOTIwNTYyODEvNTQwOTgwMDb4AoHSHpAD5AqYA9AFqAMB4AQB0gUGEO_TuaAXkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDgBwHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WKuXy4vVp4MD2AgCgAoFmAsBgAwBqg0CQVXaDRMIx5vNi9WngwMVxLXYBR1Z1Qnm0BUB-BYBgBcB&sigh=k9jfY0xUDQo&label=part2viewed&ad_mt=0&sdkv=h.3.609.1&vci=CmUIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYyNDIwNjg5NzUyDDEzODQyNTA3MDY2OEDiCVoiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbwp8CAESF2FheC5hbWF6b24tYWRzeXN0ZW0uY29tGg5SdWJpY29uUHJvamVjdCADKghwZGdjbXBuajIIcGRnY21wbmpA8QVSJQiAERAEJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkj-EFAAYAFaD2FtYXpvbi5jb20tb21pZBgB
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cache.sendtonews.com/av/ 		97 B
521 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cache.sendtonews.com/av/?id=6242068975&cid=4591
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.25.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-25-29.lax53.r.cloudfront.net
Software
Apache /
Resource Hash
a6cc6209a1f2630a25262b82d91b3740f48a9cb0cd357b3a2a472c3503853c0a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:31:00 GMT
content-encoding
gzip
via
1.1 7f51caabae8141bdcde4283a42be2a56.cloudfront.net (CloudFront), 1.1 60a739d966f0e7be8035a21cab92a320.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
HIO52-P2, LAX53-P1
age
214
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
96
x-amz-cf-id
-s0wDztsZWB2ZrQ8_lfQpXl_VMHxcNv5pcA2_gzQ-xtHzWv4RI9vlQ==
expires
Sun, 24 Dec 2023 08:31:01 GMT
p
sb.scorecardresearch.com/ Frame E189 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1703406866408&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2798099&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1703406874466&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=8058&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Conde%20Nast&c3=sendtonews&c4=Housing&c6=*null&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&c8=&c9=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-14.syd1.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
via
1.1 d464a17a20fc9cad7861828ec660c392.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
VMPJhuddzOfIg9MMv3NFSSegQsQnHQNSN5VD7cHjOU8KdXhJEO4A4Q==
vt
adservices.brandcdn.com/video/ Frame FC14 		0
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservices.brandcdn.com/video/vt?aid=346782&crid=39987605&cid=3849584&event=mute
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.248.142 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-248-142.us-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
last-modified
Fri, 21 Apr 2023 11:03:33 GMT
server
Apache/2.4.52 (Ubuntu)
etag
"0-5f9d69bae4944;5f9d69bae4944
vary
negotiate
content-type
text/html
tcn
choice
accept-ranges
bytes
content-location
vt.html
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3515674252318606&correlator=1197116331719924&eid=31079962%2C31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&iu_parts=281191609%3A22960152043%2Ccityspark_tribchicago&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dec36e0f15dae9095%3AT%3D1703406868%3ART%3D1703406868%3AS%3DALNI_MYCeCWgutxiEtIDiTrs7ymj7T4uPA&gpic=UID%3D00000cc08c47d672%3AT%3D1703406868%3ART%3D1703406868%3AS%3DALNI_MbQSRcO4Hp0FlJFp18-MkPntIioUg&abxe=1&dt=1703406874505&lmt=1703406863&adxs=1216&adys=3998&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=61678404.1703406866&ga_sid=1703406869&ga_hid=400281181&ga_fc=true&ga_cid=1550482072.1703406867&dlt=1703406863849&idt=2919&prev_scp=frstlk%3Dtrue&cust_params=htlbidid%3D27503%26is_testing%3Dno%26has_ats%3Dtrue%26ss%3Dl%26ref%3Dnone%26ptype%3Dsf%26subtype%3D%26site%3Dtrb.chicagotribune%26slug%3D%26cid%3D%252Fentertainment%252Ftheater%26at%3D%26design%3Darcfusion&adks=1853327045&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
64c8660bf5f5225ccf270a24877eb8f1082b603b9d58c4d192aee1c706a66117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13122
x-xss-protection
0
google-lineitem-id
6308504833
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437589352
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cap
choices-or.trustarc.com/ Frame 3894 		43 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://choices-or.trustarc.com/cap?pid=tradedesk01&aid=tradedesk01&cid=t8dkfei_i476nj4_pdgcmpnj&w=640&h=480
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.179.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-179-206.compute-1.amazonaws.com
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:35 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 24 Dec 2023 08:34:34 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=2&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=1394&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=0&ag=383&an=37&gf=383&gg=37&ez=1&aj=1&pg=100&pf=100&ib=1&cc=0&bw=383&bx=37&dj=1&aa=0&ad=283&cn=0&gk=283&gl=0&cq=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1113&cd=767&ah=1113&am=767&dq=419&dr=73&ds=419&dt=73&xd=00&zx=0&vu=0&tb=0&cvt=383&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=4&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&wt=js&xs=0x0&ef=1&rf=0&re=0&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=1528848825&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:34 GMT
b-552b890-bc02cc4e.js
tagan.adlightning.com/mng-trib/ Frame CAB7 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-123.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f4b617a984bb7bec5fea820558b71b5099c61ce8c7875a9df9d97445e70206e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 18:57:37 GMT
content-encoding
gzip
via
1.1 f865f1be74e5f717fcfbc68b80767134.cloudfront.net (CloudFront)
x-amz-version-id
PXIOVZBA8xVAtZRHb5a3mVGkB6wrDYt4
x-amz-cf-pop
SYD1-C1
age
653818
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26507
x-amz-meta-git_commit
552b890
last-modified
Thu, 14 Dec 2023 16:48:08 GMT
server
AmazonS3
etag
"d330a68b62242aead5b751bfa8e111f1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CPFP_ZmtBJVTylyeqDTae4dSECkxzTKlEEn4_-QG6hcdKYd8Lve3bQ==
7112679327604372142
tpc.googlesyndication.com/simgad/ Frame CAB7 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7112679327604372142?
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f1.1e100.net
Software
sffe /
Resource Hash
df20d6a696c00699cbf5d87094feb2b052ef949d3c1da0d261809e04b782394c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 02:12:49 GMT
date
Tue, 19 Dec 2023 02:12:49 GMT
x-content-type-options
nosniff
age
454906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69551
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 13:35:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CAB7 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 08:34:35 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&ldt=AD_IMP&key=oX3gvkbQ&seq=1&order=9&vIndex=0&absoluteTime=15525.9&relativeTime=9037.4&sm_id=2798099&visiblestatecd=I&soundcd=OFF&adX=false&lineItem=6242068975&adSystem=GDFP&firstLineItem=6242068975&firstAdSystem=GDFP&lineItemsGDFP=6242068975&adIndex=-1&advertiser=&bidIndex=1&cid=4591&pposition=float&floattype=s&DS=found&adServer=gam&iu=/92056281,22960152043/54098006&logAssertiveYield=false&rand=9&rmt=ns&prebidABS=G&prebidABC=[[1,%22control_mod_del%22],[1,%22bidder_mod%22,%220_mod%22],[1,%22bidder_del%22,%220_del%22]]&eg.enabled=true&eg.delay=5&eg.ctdwn=7&eg.vl=12&eg.mid=rm&eg.source=p6&eg.time=false&isDesktop=false&isTablet=false&isMobile=false&platform=DESKTOP&bidvl=1.25
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:35 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame CAB7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRvwPbstQEqR6HDBagBrPCOC5FwKO3aOAYp84ONtTIGZbKTbjEgVZjDf8ZrdPWsi1FCXZ-eiZ1bLXwEgC93HfQ9Zp1mGOEMFG0ok4E9eDamEYpHGB7Zxkxf3TzPHlk1iR-7V0Cb4e0v2clQklhtQD9MjeHKGQCXJnLUp0R2r9leCbJ2q8M-17tQhpLtfn9do2u7GZraYrbHoPwhR91Oq-x5s74Cep5eTi0wNGJzB07nR8YcTYpckvm8iq-Eh2wTCc2kU2-d8aunUzQQ9_IQ1iRqfcqq1o8drYql51rM9Cv1Xr1TbHq90Fl8sFJtkmgcwQIwMrdl1H5TS79a93XQ-rliyd2dBThSU7L2zzckx6zBMyrGzyvxZkQJIfWdO55tWWA_H891Db64g&sai=AMfl-YR9eOttkXV61RUI_HuN9TvdhqhPM-Rhf-G-WRLbYTBKrCWaD6RYyM1ZWkmq-GOoQnTfK8ckyDkZ6y96NKC1-Z9KFdbX0oukaFmLhctRmR3LfS_21f86OiyPdvv6j1w&sig=Cg0ArKJSzMfjfNWoHOa1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 28C8 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69612756&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
84d1fbc142889028eaf72ce825e87d55a543a2f71eaf7f43f10b60ee93a40de6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 08:34:35 GMT
content-length
1017
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame CAB7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujHfPHgp10jd3hhJe66Q5FxW5bPbuTvSntMYAWdXMl56nvV0Rn7NwEmBUlOJkYAtnWpT3YSI5ucVXvuWkNI4b3fvfO2z6Cu7On6B1sxad6ymM63ELMzVKzSlwymZLSuubqh6NIfPF3vcod94wFiTODFKKSHaEmpW5XW_D6fPIYjdY_CD_TQi-Z-_l-nwSIN7U5NIhnV1MA-mFmL7JdMHt-gadOOXUpWUoCA3zSNVtl5elx-4gVIILe6ZNTo-dwFdCiHbgG8rCNYRK-SXqx048hqRsZUfTOT0r-TRztWMTeSt443T2NlmzFsrqCkABX0LTZJ-HRx914U5QV1jHDY10w7g6tZEnMkagLT3vvTy7PiSsswP_U1RRXFp7nXPYnA6tXh3kYt1yOR3GL&sai=AMfl-YTwssJOM57yGfrnVfEQgEDA8gsS9JOiMIeFKyjSbIHBokuRpIV7cA4oLB5EFvSP6Ls_wvMwSLP0yF7G84eL1yeRXZLMxRp8oVxCxXByEWLsZVrdVRyW1ApaA6lJaBE&sig=Cg0ArKJSzMRT5oEb4KEwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 08:34:35 GMT
truncated
/ Frame CAB7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03a5e73099383f82d8af2c40542efe7d84cda68e8e3894ed55144012b2d338ae

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
SPug
simage4.pubmatic.com/AdServer/ Frame 4E40 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pxd
dps.jp.cinarra.com/ Frame F4C8 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3D86ADBB-57FD-485D-B899-815E8B54C115
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.102.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-102-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 24 Dec 2023 08:34:35 GMT
i.match
s.tribalfusion.com/z/ Frame 59FC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83a7818dffa1ab05-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83a7818ceef3ab05-SYD
content-type
text/html
date
Sun, 24 Dec 2023 08:34:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
39
cookiesync
core.iprom.net/ Frame CECB 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:36 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-6ee70e93e55f@version_1.579
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame A3BC
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 05:10:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 24 Dec 2023 08:34:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
141
match.deepintent.com/usersync/ Frame 3BD3 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 24 Dec 2023 08:34:34 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 60D9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fwAVYZfJ1RhjWr5&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fwAVYZfJ1RhjWr5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 05:35:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 08:34:35 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fwAVYZfJ1RhjWr5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-019419e25e51af8eb@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame FABA 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3D86ADBB-57FD-485D-B899-815E8B54C115
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Z8XT9BA2H7NE5PY9JFGA
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=1906&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=1&ag=1054&an=383&gi=1&gf=1054&gg=383&ez=1&kw=1583&aj=1&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1054&bx=383&jz=1583&dj=1&dx=1&aa=0&ad=954&cn=283&gk=954&gl=283&cq=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1583&cd=1113&ah=1583&am=1113&dq=889&dr=419&ds=889&dt=419&xd=00&zx=0&vu=0&tb=0&cvt=889&te=0&nj=0&fc=1&fk=1&vm=1&vl=4&vt=11&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&wt=js&xs=0x0&ef=1&rf=0&re=0&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=1817915527&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:35 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=4&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=1908&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=1&ag=1054&an=1054&gi=1&gf=1054&gg=1054&ez=1&kw=1583&aj=1&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1054&bx=1054&jz=1583&dj=1&dx=1&aa=0&ad=954&cn=954&gk=954&gl=954&cq=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1583&cd=1583&ah=1583&am=1583&dq=889&dr=889&ds=889&dt=889&xd=00&zx=0&vu=0&tb=0&cvt=889&te=0&nj=0&fc=1&fk=1&vm=1&vl=11&vt=11&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&wt=js&xs=0x0&ef=1&rf=0&re=0&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=391769851&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:35 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=5&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=2114&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=1&ag=1262&an=1054&gi=1&gf=1262&gg=1054&ez=1&kw=1583&aj=1&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1262&bx=1054&jz=1583&dj=1&dx=1&aa=1&ad=1162&cn=954&gn=1&gk=1162&gl=954&cp=1784&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1784&cd=1583&ah=1784&am=1583&dq=1090&dr=889&ds=1090&dt=889&xd=00&zx=0&vu=0&tb=0&cvt=1090&te=0&nj=0&fc=1&fk=1&vm=1&vl=11&vt=13&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&wt=js&xs=0x0&ef=1&rf=0&re=0&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=1889352967&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:35 GMT
VideoBidRequestHandlerServlet
ch-wf.taboola.com/ 		33 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=1437&height=808&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1703406875910&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1586&pt=-1304982331&tz=480&viewable=true&ddast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=0&ctsldr=0&dtagid=3054575&dpubid=189827&abtst=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45&mPre=0.033&cirf=https%3A%2F%2Fwww.chicagotribune.com&en=1&subu=0&panid=fa03655cdaff5fffbbe6b60cb1a7185ca02c03b69ec5f1e956c0f38189446386
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.6/UnitRecoReelWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ae86f02c6c37e80dfca889f2395ad795fc8660396b7a6c7b6b2ce5ef43e8d36f

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:36 GMT
content-encoding
gzip
server
nginx
machineid
1805
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://js.brealtime.com>; rel=preconnect,<https://direct.ad.cpe.dotomi.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=fusion&f_privb=0&tid=3d416a57-d239-4be0-a891-62242bc6e5f5&pid=9aeb7356-a4d5-45fe-b720-504946290d17&dtm=1703406876041&qnm=_matherq&visible=1&tabid=f75b207f-ab21-434a-b501-15f6e94a8f8f&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&vp=1600x1200&ds=1600x14415&tofa=1703406866&vid=1&lvidt=1703406866&duid=a23b5d70-719a-4890-9c43-2dc77d15c83c&fp=757557249&cid=ma89701&mrk=197837611&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwMzQwNjg1OTUyOSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiI1MjI3IiwiZmV0Y2hTIjoiMjAzNyIsImRvbWFpblMiOiIyMDM4IiwiZG9tYWluRSI6IjIwMzgiLCJjb25uUyI6IjIwMzgiLCJjb25uRSI6IjIzNTciLCJzc2xTIjoiMjM0MCIsInJlcXVTIjoiMjM1NyIsInJlc3BTIjoiNDMxNiIsInJlc3BFIjoiNDcyMCIsImRvbUxvYWQiOiI0MzIwIiwiZG9tSW50ZXIiOiI1MjM3IiwiZG9tTG9hZFMiOiI1NjY3IiwiZG9tTG9hZEUiOiI1NzE4In19
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-156-105.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sun, 24 Dec 2023 08:34:36 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 4E40 		572 B
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=131709&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
28570723d519559b09140ffff2a402d539c48d43bf3f0e54fd0865b3a45d8fa5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 08:34:35 GMT
content-length
572
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame E8FD
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1977432095613495040
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1977432095613495040
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 08:34:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 24 Dec 2023 08:34:37 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1977432095613495040
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame FBE7
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=1380393634
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-OSaF8XJE2oVeUKKmqY.3k2nO7j8Hnq7dqg5W~A
  • https://sync.1rx.io/usersync/verizon/y-OSaF8XJE2oVeUKKmqY.3k2nO7j8Hnq7dqg5W~A
  • https://sync.targeting.unrulymedia.com/csync/RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 04:50:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sun, 24 Dec 2023 08:34:37 GMT
etag
RX55013440478c43d28c5e9c9e56ac3ef8004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame D799
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C7638686559407991A04AAA71D259CA&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C7638686559407991A04AAA71D259CA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 08:34:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 24 Dec 2023 08:34:36 GMT
expires
Sat, 23 Dec 2023 08:34:36 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5C7638686559407991A04AAA71D259CA&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 7EC9 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=3D86ADBB-57FD-485D-B899-815E8B54C115
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 08:34:36 GMT
Expires
0
Pragma
no-cache
get.media
direct.ad.cpe.dotomi.com/w/ 		68 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/w/get.media?sid=230221&placement_id=28ac17b1&vpaid=2&m=11
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.207.22.114 Singapore, Singapore, ASN399104 (CNVR-APAC, US),
Reverse DNS
sin02-convex-float1.dotomi.com
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:36 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
ovvbundle_moat.js
js.brealtime.com/ Frame D97B 		175 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.brealtime.com/ovvbundle_moat.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07743779ae2fa5aad24754153ec3d919d11a7bc7896f8d5f621edad1b54cd1fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:36 GMT
via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SYD62-P1
age
4294
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 08 Mar 2021 20:03:00 GMT
server
cloudflare
etag
W/"c9720c4eb1878a14382004daa0cc2458"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVallnu2Wl60JIdWCC0HcjxJtxJkhkiwfV6cRzw9X3fETgRPbjYYuhge9s5ikHz3FVLh4nsZ8v%2Bzn8ukEGY%2FxTTvcaS4wWuPoZUtTXdntzfiDIATdLeLudMiwxx3fXd6FVV%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=60
cf-ray
83a78191cff9a94f-SYD
x-amz-cf-id
OyEdAt-HlZStLAu3oSQGu5T-U_akI4RJfm91tkIGn5quk6nmVrxLkg==
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=6&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=2938&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=1&ag=2086&an=1262&gi=1&gf=2086&gg=1262&ez=1&ck=2086&kw=1583&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=2086&bx=1262&ci=2086&jz=1583&dj=1&dx=1&undefined=1&aa=1&ad=1986&cn=1162&gn=1&gk=1986&gl=1162&cp=1784&cq=1&cr=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2612&cd=1784&ah=2612&am=1784&dq=1918&dr=1090&ds=1918&dt=1090&xd=00&zx=0&vu=0&tb=0&cvt=1918&te=0&nj=0&fc=1&fk=1&vm=1&vl=13&vt=22&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&fh=2086&fi=2086&fj=0&wt=js&xs=0x0&ef=1&rf=0&re=0&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=1406471904&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:36 GMT
/
insight.adsrvr.org/enduser/moat/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=31&w=400&h=225&d=30.0&t=2.1&v=2.1&a=0&o=imp%3d83ead082-1825-40cf-b9be-c705359e272f%26ag%3di476nj4%26crid%3dpdgcmpnj%26cf%3d5874261%26fq%3d0%26t%3d1%26td_s%3dwww.chicagotribune.com%26rcats%3d%26mste%3dchicagotribune.com%26mfld%3d4%26mssi%3d%26mfsi%3d%26sv%3drubicon%26uhow%3d2%26agsa%3d%26wp%3d%24%7bAUCTION_PRICE%3aBF%7d%26rgz%3d50501%26dt%3dPC%26osf%3dWindows%26os%3dWindows10%26br%3dChrome%26svpid%3d18782%26rlangs%3den%26mlang%3d%26did%3d%26rcxt%3dOther%26tmpc%3d%26vrtd%3d%26osi%3d%26osv%3d%26daid%3d%26dnr%3d0%26vpb%3dPreRoll%26c%3dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%26dur%3dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%26durs%3dLWeVG9%26crrelr%3d%26npt%3d%26mk%3dGoogle%26mdl%3dChrome%26fpa%3d685%26pcm%3d3%26ict%3dUnknown%26said%3dbb60e7108ed94447a76a8360c5a9cd8e2d845307%26auct%3d1%26tail%3d1%26sfe%3d17bf6d13%26vp%3d0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:36 GMT
server
Kestrel
moatvideo.js
z.moatads.com/emxsspvideo326487385820/ Frame D97B 		330 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/emxsspvideo326487385820/moatvideo.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a730ccb9e58b78c4170bc5f503d4e2583e16b5f4a29ed503ed35d251556abc12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:36 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:35:06 GMT
server
AmazonS3
x-amz-request-id
TYVQH36BCM8DQ7G7
etag
"e1bcc74a163ff171c79c9695d64d874f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=37235
accept-ranges
bytes
content-length
114007
x-amz-id-2
bJcUP/HOeE0u5VqRFVw2FQsbBlFf4iPMsvJ2sJSkz69D2HXQA/KOCYLgUYRp96ZtCpGRJ+ApBL+09pq4v3LCwg==
OpportunityServlet
opps.taboola.com/ 		1 B
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406877.601860,VS0,VE75
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=2&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=7&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=2939&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=1&ag=2086&an=2086&gi=1&gf=2086&gg=2086&ez=1&ck=2086&kw=1583&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=2086&bx=2086&ci=2086&jz=1583&dj=1&dx=1&undefined=1&aa=1&ad=1986&cn=1986&gn=1&gk=1986&gl=1986&cp=1784&cq=1&cr=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2612&cd=2612&ah=2612&am=2612&dq=1918&dr=1918&ds=1918&dt=1918&xd=00&zx=0&vu=0&tb=0&cvt=1918&te=0&nj=0&fc=1&fk=1&vm=1&vl=22&vt=22&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&fh=2086&fi=2086&fj=2086&wt=js&xs=0x0&ef=1&rf=0&re=0&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=1071053339&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:36 GMT
BDXC0420000H_Camper_15_960_540_1200k.mp4
edge.blockboardtech.com/8090/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://edge.blockboardtech.com/8090/BDXC0420000H_Camper_15_960_540_1200k.mp4?ttl=1703462400
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
dfe5dd4883131c520d459a2b47d845c4779add574cf388a1aa8d9e16b7f7ab8e

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:36 GMT
x-cf-tsc
1703295784
x-cf3
H
x-amz-request-id
6XVBAN0JM6SEZJQA
cf4ttl
2678400.000
x-amz-server-side-encryption
AES256
x-cf1
34042:fB.sea1:co:1697133543:cacheN.sea1-01:P
Content-Range
bytes 0-2664097/2664098
Content-Length
2664098
x-amz-id-2
VjfFfsZc8jZysD3/Z5SAIOxjXx+3ne6zwJS14CfH6/KEw8C55qbcejXObYk05bXEYae0J6WilJJIsgzqcUOsKQ==
x-cf2
H
last-modified
Fri, 22 Dec 2023 23:07:23 GMT
server
CFS 0215
x-cff
B
etag
"b049b0259d1910e7d1ac5172c3d3aed9"
content-type
video/mp4
access-control-allow-origin
*
cf4age
0
accept-ranges
bytes
perf
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/perf?tvi48=13667&tvi50=14563&route=US%3ACH%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_VIDEO1&hp=1&wf=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406876562&de=217375929565&m=0&ar=cc84ca2002d-clean&iw=4f99470&q=48&cb=0&ym=0&cu=1703406876562&ll=3&lm=0&ln=1&em=0&en=0&d=1643%3A16810%3A173339%3Aundefined&bo=chicagotribune.com&bp=undefined&bd=&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=chicagotribune.com&zMoatOrigSlicer2=N%2FA&gw=emxsspvideo326487385820&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&fs=206701&na=1504818712&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:36 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=3&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=8&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=3147&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=1&ag=2295&an=2086&gi=1&gf=2295&gg=2086&ez=1&ck=2086&kw=1583&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=2295&bx=2086&ci=2086&jz=1583&dj=1&dx=1&undefined=1&aa=1&ad=2195&cn=1986&gn=1&gk=2195&gl=1986&co=2195&cp=1784&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2816&cd=2612&ah=2816&am=2612&dq=2122&dr=1918&ds=2122&dt=1918&xd=00&zx=0&vu=0&tb=0&cvt=2122&te=0&nj=0&fc=1&fk=1&vm=1&vl=22&vt=25&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&fh=2086&fi=2295&fj=2086&wt=js&xs=0x0&ef=1&rf=0&re=1&ft=105&fv=0&fw=105&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=206701&na=756252461&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:36 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 28C8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
insight.adsrvr.org/enduser/moat/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=70&w=400&h=225&d=30.0&t=3.2&v=3.1&a=0&o=imp%3d83ead082-1825-40cf-b9be-c705359e272f%26ag%3di476nj4%26crid%3dpdgcmpnj%26cf%3d5874261%26fq%3d0%26t%3d1%26td_s%3dwww.chicagotribune.com%26rcats%3d%26mste%3dchicagotribune.com%26mfld%3d4%26mssi%3d%26mfsi%3d%26sv%3drubicon%26uhow%3d2%26agsa%3d%26wp%3d%24%7bAUCTION_PRICE%3aBF%7d%26rgz%3d50501%26dt%3dPC%26osf%3dWindows%26os%3dWindows10%26br%3dChrome%26svpid%3d18782%26rlangs%3den%26mlang%3d%26did%3d%26rcxt%3dOther%26tmpc%3d%26vrtd%3d%26osi%3d%26osv%3d%26daid%3d%26dnr%3d0%26vpb%3dPreRoll%26c%3dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%26dur%3dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%26durs%3dLWeVG9%26crrelr%3d%26npt%3d%26mk%3dGoogle%26mdl%3dChrome%26fpa%3d685%26pcm%3d3%26ict%3dUnknown%26said%3dbb60e7108ed94447a76a8360c5a9cd8e2d845307%26auct%3d1%26tail%3d1%26sfe%3d17bf6d13%26vp%3d0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:37 GMT
server
Kestrel
SPug
simage4.pubmatic.com/AdServer/ Frame 4E40 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
OpportunityServlet
ch-vid-events.taboola.com/ 		1 B
125 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:39 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=9&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=6036&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=1&ag=5184&an=2295&gi=1&gf=5184&gg=2295&ez=1&ck=2086&kw=1583&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=5184&bx=2295&ci=2086&jz=1583&dj=1&dx=1&undefined=1&aa=1&ad=5084&cn=2195&gn=1&gk=5084&gl=2195&co=2195&cp=1784&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5914&cd=2816&ah=5914&am=2816&dq=5220&dr=2122&ds=5220&dt=2122&xd=00&zx=0&vu=0&tb=0&cvt=5184&te=0&nj=0&fc=1&fk=1&vm=1&vl=25&vt=57&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&ek=1&fh=2086&fi=5184&fj=2295&wt=js&xs=0x0&ef=1&rf=0&re=1&ft=2994&fv=105&fw=105&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=206701&na=204153337&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:39 GMT
/
insight.adsrvr.org/enduser/moat/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=71&w=400&h=225&d=30.0&t=5.2&v=5.2&a=0&o=imp%3d83ead082-1825-40cf-b9be-c705359e272f%26ag%3di476nj4%26crid%3dpdgcmpnj%26cf%3d5874261%26fq%3d0%26t%3d1%26td_s%3dwww.chicagotribune.com%26rcats%3d%26mste%3dchicagotribune.com%26mfld%3d4%26mssi%3d%26mfsi%3d%26sv%3drubicon%26uhow%3d2%26agsa%3d%26wp%3d%24%7bAUCTION_PRICE%3aBF%7d%26rgz%3d50501%26dt%3dPC%26osf%3dWindows%26os%3dWindows10%26br%3dChrome%26svpid%3d18782%26rlangs%3den%26mlang%3d%26did%3d%26rcxt%3dOther%26tmpc%3d%26vrtd%3d%26osi%3d%26osv%3d%26daid%3d%26dnr%3d0%26vpb%3dPreRoll%26c%3dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%26dur%3dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%26durs%3dLWeVG9%26crrelr%3d%26npt%3d%26mk%3dGoogle%26mdl%3dChrome%26fpa%3d685%26pcm%3d3%26ict%3dUnknown%26said%3dbb60e7108ed94447a76a8360c5a9cd8e2d845307%26auct%3d1%26tail%3d1%26sfe%3d17bf6d13%26vp%3d0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:39 GMT
server
Kestrel
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22Visible_2%22%2C%22eventTime%22%3A1703406880414%7D&tim=16%3A34%3A40.415&id=2840&llvl=2&cv=20231221-6-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
VideoBidRequestHandlerServlet
ch-wf.taboola.com/ 		33 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=1437&height=808&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1703406881910&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1586&pt=-1304982331&tz=480&viewable=true&ddast=V8GpwCLAYcyPH6fmYKEhI4kOP1_cwUJCwAAABgYMD_AMmNXA7PwjhZSwwbl1u0Mo7WwoVpuJa5jIPNzDIYDUczIyC5kcvhWRgna4lh43KLVsbRWrgwDdcyl3GwmVkGo-FoZgUxxnKZDGqB6GHx-80Ot8Rl9vvempfH9PTb3TLL3256i46ut8XucJo9b4Xl4wY1aDodPte9Xvf73TVGp8fh85suT4vr7rJr_G6_ym56WU4Pp93tspv-oqPLYXpZ_nIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWKRg8I9zW6n3Wf62_0BAAAAAAQAAAAACQCB8sESAC6b7yf-_________2MM0GfeyPj___-_sdAD4MEHwIMQAACAiyEMJNUd-qauAEQOaIowAgAAACC0DDd6ZJJOULGo8v__328F4AoAQACjpr2EexbdQYm3MAAAAAJjFuhh8fvNDrvG73aZ_________38z_2f-0Qh5hCOlEb7EkVLzCwgAsOYXEACAjbgBAHgTACfoGORgMNjsVmcgR4PZAQAAALjz____rwckbKaRaeaxrYaThcfjm81mM4vNOBsZJ87BYDjZeE-gzLlYtCo_ah-PYJ3-bofpZTJIWh6_QdJymQ0Kit_2MshYLpP9TNhitJpMNsvhbLmYDIaj4Wi0PwMxGQzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCwdHCtNw4LG7BbrJZizaO0Vo48k3cisFwtlkNNg7TxuUWvT6mj3Gxmyw3WyQYgLMXydMinSg3Ft9sYluOPBObzeMwbhyj3ca1WI4snsHItLJYxBLNySKdyC77hs00Ms08ttVwsvB4fLPZbGaxGWcj48Q5GAwnG39xtDAtNw6LW7CbbNaijWO0Fo58E7diMJxtVoONw7RxuUWvj-ljXOwmy82-sRtsRoPZcLbbN3aDzWgwG852-w6d4bv6nI3Kx-_c8flcy5xmZXMaFC6DxTstWqStw9FnlFluEddqsp6-JlahZ-I1KDwHj2qqvDaNzW3X5gwNvwejIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70KrvpZTk9nHa3y276i44uh-lluYglgtNFOtE4TC-f3_K8qP_IwWZzyWAzVywmc8Vss0oAAAAAAAAAAJZgkukmAAAAAE4GMVwOJ7t1OpjBarTarZYL4KGsRdePu5D3OH8yya701LNGFQ6w82KNPdZBl6fFdXeZnD6n6WF2a4xOj8PnN12eFtfdZWUAD2UszDb7jCDWarWsAQAACGADAAAI4KYbbwLEorj_____cQAAAADk0AMAAPDfB0QEAgAAAADAryBGq9lm_wBUiLVarW431mq1Ag7IZjWBAAAB-AQBAAAAAABwxgsCAAAAAADgvAA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=0&ctsldr=0&dtagid=3054575&dpubid=189827&abtst=adxsub-out_vA!adxsub-out_vB!iiqrc_vA!t45&mPre=0.033&cirf=https%3A%2F%2Fwww.chicagotribune.com&en=1&subu=0&panid=fa03655cdaff5fffbbe6b60cb1a7185ca02c03b69ec5f1e956c0f38189446386
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.6/UnitRecoReelWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0cf29a52d706ba91207321367951aeb81db7400acb029161349eb8635bd5c229

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:42 GMT
content-encoding
gzip
server
nginx
machineid
1826
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://js.brealtime.com>; rel=preconnect,<https://direct.ad.cpe.dotomi.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
get.media
direct.ad.cpe.dotomi.com/w/ 		68 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.ad.cpe.dotomi.com/w/get.media?sid=230221&placement_id=28ac17b1&vpaid=2&m=11
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.207.22.114 Singapore, Singapore, ASN399104 (CNVR-APAC, US),
Reverse DNS
sin02-convex-float1.dotomi.com
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:42 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
ovvbundle_moat.js
js.brealtime.com/ Frame 5DD0 		175 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.brealtime.com/ovvbundle_moat.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07743779ae2fa5aad24754153ec3d919d11a7bc7896f8d5f621edad1b54cd1fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:42 GMT
via
1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SYD62-P1
age
4300
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 08 Mar 2021 20:03:00 GMT
server
cloudflare
etag
W/"c9720c4eb1878a14382004daa0cc2458"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiigGkvOFP9n90yZg7trxw%2B5dDlJ66sXi%2FETMzeDAjnB8LUWmXXEYgl830OijkaME8nIEB2NaxGAXwQaEAXVFpLIIysPwx1nJhhldTV3N809cwpvMJbQyrisT6OP7ayVrTOv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=60
cf-ray
83a781b67b2aa94f-SYD
x-amz-cf-id
OyEdAt-HlZStLAu3oSQGu5T-U_akI4RJfm91tkIGn5quk6nmVrxLkg==
moatvideo.js
z.moatads.com/emxsspvideo326487385820/ Frame 5DD0 		330 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/emxsspvideo326487385820/moatvideo.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-552b890-bc02cc4e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a730ccb9e58b78c4170bc5f503d4e2583e16b5f4a29ed503ed35d251556abc12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:42 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:35:06 GMT
server
AmazonS3
x-amz-request-id
TYVQH36BCM8DQ7G7
etag
"e1bcc74a163ff171c79c9695d64d874f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=37229
accept-ranges
bytes
content-length
114007
x-amz-id-2
bJcUP/HOeE0u5VqRFVw2FQsbBlFf4iPMsvJ2sJSkz69D2HXQA/KOCYLgUYRp96ZtCpGRJ+ApBL+09pq4v3LCwg==
OpportunityServlet
opps.taboola.com/ 		1 B
201 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-bfi-krnt7300040-BFI
date
Sun, 24 Dec 2023 08:34:42 GMT
via
1.1 varnish
server
nginx
x-timer
S1703406882.423045,VS0,VE45
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
BDXC0420000H_Camper_15_960_540_1200k.mp4
edge.blockboardtech.com/7672/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://edge.blockboardtech.com/7672/BDXC0420000H_Camper_15_960_540_1200k.mp4?ttl=1703462400
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
dfe5dd4883131c520d459a2b47d845c4779add574cf388a1aa8d9e16b7f7ab8e

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 24 Dec 2023 08:34:42 GMT
x-cf-tsc
1702393299
x-cf3
H
x-amz-request-id
8KNEMSVRPMZTV861
cf4ttl
2678400.000
x-amz-server-side-encryption
AES256
x-cf1
34042:fB.sea1:co:1697133543:cacheN.sea1-01:P
Content-Range
bytes 0-2664097/2664098
Content-Length
2664098
x-amz-id-2
9rNR5z1Yzl34Fw9c1VZQSmuM62HZUl3/PseSjXLSVk/Lwac9kPVF1dam0xsfhXTTNmRl+D5ZbkM=
x-cf2
H
last-modified
Mon, 11 Dec 2023 20:53:10 GMT
server
CFS 0215
x-cff
B
etag
"b049b0259d1910e7d1ac5172c3d3aed9"
content-type
video/mp4
access-control-allow-origin
*
cf4age
0
accept-ranges
bytes
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_VIDEO1&hp=1&wf=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1703406882371&de=949927115644&m=0&ar=cc84ca2002d-clean&iw=4f99470&q=51&cb=0&ym=0&cu=1703406882371&ll=3&lm=0&ln=1&em=0&en=0&d=1643%3A16810%3A173339%3Aundefined&bo=chicagotribune.com&bp=undefined&bd=&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&zMoatOrigSlicer1=chicagotribune.com&zMoatOrigSlicer2=N%2FA&gw=emxsspvideo326487385820&fd=1&it=500&ti=0&ih=2&pe=1%3A5227%3A5227%3A0%3A5237&fs=206701&na=610582358&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:42 GMT
vt
adservices.brandcdn.com/video/ Frame FC14 		0
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservices.brandcdn.com/video/vt?aid=346782&crid=39987605&cid=3849584&event=firstQuartile
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.248.142 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-248-142.us-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:42 GMT
last-modified
Mon, 10 Apr 2023 18:00:27 GMT
server
Apache/2.4.52 (Ubuntu)
etag
"0-5f8ff265c97b6;5f8ff265c97b6
vary
negotiate
content-type
text/html
tcn
choice
accept-ranges
bytes
content-location
vt.html
content-length
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&wf=1&ra=2&pxm=1&vz=-&zp=2&zq=6.1&sgs=2&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRADEDESKVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-s%2FJSc3FITyBas3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-qt8hWNpaStQXJA%3D%3D&sc=1&os=1-LA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=10&h=225&w=400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1200&gp=863&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&id=1&ii=4&f=0&j=&t=1703406873526&de=401281975619&cu=1703406873526&m=8946&ar=cc84ca2002d-clean&iw=0443e71&cb=0&ym=0&ll=3&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&ru=0.046875&lk=863&lb=14415&le=1&lf=0&lg=1&lh=29&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5227%3A5227%3A0%3A5237&as=1&ag=8045&an=5184&gi=1&gf=8045&gg=5184&ez=1&ck=2086&kw=1583&aj=1&pg=100&pf=100&ib=1&dw=1&ka=1&kb=1&cc=1&bw=8045&bx=5184&ci=2086&jz=1583&dj=1&dx=1&undefined=1&aa=1&ad=7945&cn=5084&gn=1&gk=7945&gl=5084&co=2195&cp=1784&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8775&cd=5914&ah=8775&am=5914&dq=8081&dr=5220&ds=8081&dt=5220&xd=00&zx=0&vu=0&tb=0&cvt=8045&te=0&nj=0&fc=1&fk=1&vm=1&vl=57&vt=88&vd=0&zMoatSRE=0.046875&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=14900&ek=1&fh=2086&fi=8045&fj=5184&wt=js&xs=0x0&ef=1&eg=1&rf=0&re=1&ft=5044&fv=2994&fw=105&cl=0&at=0&d=0bbd8mf%3At8dkfei%3Ai476nj4%3Apdgcmpnj&bo=chicagotribune.com&bd=chicagotribune.com&gw=thetradedeskvideo910663478306&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&data=imp%253d83ead082-1825-40cf-b9be-c705359e272f%2526ag%253di476nj4%2526crid%253dpdgcmpnj%2526cf%253d5874261%2526fq%253d0%2526t%253d1%2526td_s%253dwww.chicagotribune.com%2526rcats%253d%2526mste%253dchicagotribune.com%2526mfld%253d4%2526mssi%253d%2526mfsi%253d%2526sv%253drubicon%2526uhow%253d2%2526agsa%253d%2526wp%253d%2524%257bAUCTION_PRICE%253aBF%257d%2526rgz%253d50501%2526dt%253dPC%2526osf%253dWindows%2526os%253dWindows10%2526br%253dChrome%2526svpid%253d18782%2526rlangs%253den%2526mlang%253d%2526did%253d%2526rcxt%253dOther%2526tmpc%253d%2526vrtd%253d%2526osi%253d%2526osv%253d%2526daid%253d%2526dnr%253d0%2526vpb%253dPreRoll%2526c%253dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%2526dur%253dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%2526durs%253dLWeVG9%2526crrelr%253d%2526npt%253d%2526mk%253dGoogle%2526mdl%253dChrome%2526fpa%253d685%2526pcm%253d3%2526ict%253dUnknown%2526said%253dbb60e7108ed94447a76a8360c5a9cd8e2d845307%2526auct%253d1%2526tail%253d1%2526sfe%253d17bf6d13%2526vp%253d0&zMoatViewType=0&zMoatDealID=-&zMoatPartnerID=nc31odz&zMoatPartnerId=-&zMoatImpressionId=83ead082-1825-40cf-b9be-c705359e272f&zMoatQI=0&zMoatSupplyVendor=rubicon&zMoatCachebuster=742449&zMoatSite=www.chicagotribune.com&zMoatDID=-&zMoatPID=e30eee3e-27bb-48a5-8937-ec9d812ba01f&zMoatApp=-&zMoatPublisherID=18782&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=1620149234&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.46.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-46-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 08:34:42 GMT
/
insight.adsrvr.org/enduser/moat/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=32&w=400&h=225&d=30.0&t=8.1&v=8.0&a=0&o=imp%3d83ead082-1825-40cf-b9be-c705359e272f%26ag%3di476nj4%26crid%3dpdgcmpnj%26cf%3d5874261%26fq%3d0%26t%3d1%26td_s%3dwww.chicagotribune.com%26rcats%3d%26mste%3dchicagotribune.com%26mfld%3d4%26mssi%3d%26mfsi%3d%26sv%3drubicon%26uhow%3d2%26agsa%3d%26wp%3d%24%7bAUCTION_PRICE%3aBF%7d%26rgz%3d50501%26dt%3dPC%26osf%3dWindows%26os%3dWindows10%26br%3dChrome%26svpid%3d18782%26rlangs%3den%26mlang%3d%26did%3d%26rcxt%3dOther%26tmpc%3d%26vrtd%3d%26osi%3d%26osv%3d%26daid%3d%26dnr%3d0%26vpb%3dPreRoll%26c%3dCg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E%26dur%3dCjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..%26durs%3dLWeVG9%26crrelr%3d%26npt%3d%26mk%3dGoogle%26mdl%3dChrome%26fpa%3d685%26pcm%3d3%26ict%3dUnknown%26said%3dbb60e7108ed94447a76a8360c5a9cd8e2d845307%26auct%3d1%26tail%3d1%26sfe%3d17bf6d13%26vp%3d0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:42 GMT
server
Kestrel
/
insight.adsrvr.org/enduser/video/ Frame 3894 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=firstQuartile&imp=83ead082-1825-40cf-b9be-c705359e272f&ag=i476nj4&crid=pdgcmpnj&cf=5874261&fq=0&t=1&td_s=www.chicagotribune.com&rcats=&mste=chicagotribune.com&mfld=4&mssi=&mfsi=&sv=rubicon&uhow=2&agsa=&wp=A1D2DDDAAF7C6355&rgz=50501&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=18782&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=Cg1Vbml0ZWQgU3RhdGVzEgRJb3dhGgM2NzkiCkZvcnQgRG9kZ2UwBDgCSABQAYABAIgBApABALABALoBBAhIGATJATQzMzMzA0dA4AEA6AEA_QEAAAAAkgIIc3RhbmRhcmTYAogO4AKIDugCHvACBfgCAYADAYgDApADAZgDBKADPbgDwd8E&dur=CjoKH2NoYXJnZS1hbGxRQVZpZGVvQ29tcGxldGlvblJhdGUiFwiZ__________8BEgpxLWFsbGlhbmNlCkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=LWeVG9&crrelr=&npt=&mk=Google&mdl=Chrome&fpa=685&pcm=3&ict=Unknown&said=bb60e7108ed94447a76a8360c5a9cd8e2d845307&auct=1&tail=1&sfe=17bf6d13&vp=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:42 GMT
server
Kestrel
%7B%221q%22%3A1%2C%22c%22%3A%22video%22%2C%22src%22%3A600%7D
aax-fe-sin.amazon-adsystem.com/x/px/RHd4oo0qLqTDMAxorZDt5dsAAAGMmvYk8AUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDDulp6/ Frame 3894 		43 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/x/px/RHd4oo0qLqTDMAxorZDt5dsAAAGMmvYk8AUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDDulp6/%7B%221q%22%3A1%2C%22c%22%3A%22video%22%2C%22src%22%3A600%7D
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.221.8.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 08:34:42 GMT
Cache-Control
no-cache
Server
Server
Connection
close
Content-Length
43
Content-Type
image/gif
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 3894 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BobrmFu2HZbTrN8Tr4t4P2aqnsA7ev5O0RgAAABABING9tz04AVjM6JvWgwRgpfiRgJABsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gEfaHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tL5gC4gnAAgLgAgDqAhIvOTIwNTYyODEvNTQwOTgwMDb4AoHSHpAD5AqYA9AFqAMB4AQB0gUGEO_TuaAXkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDgBwHSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WKuXy4vVp4MD2AgCgAoFmAsBgAwBqg0CQVXaDRMIx5vNi9WngwMVxLXYBR1Z1Qnm0BUB-BYBgBcB&sigh=k9jfY0xUDQo&label=videoplaytime25&ad_mt=7878&sdkv=h.3.609.1&vci=CmUIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjYyNDIwNjg5NzUyDDEzODQyNTA3MDY2OEDiCVoiZG91YmxlY2xpY2tieWdvb2dsZS5jb20tb21pZC12aWRlbwp8CAESF2FheC5hbWF6b24tYWRzeXN0ZW0uY29tGg5SdWJpY29uUHJvamVjdCADKghwZGdjbXBuajIIcGRnY21wbmpA8QVSJQiAERAEJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkj-EFAAYAFaD2FtYXpvbi5jb20tb21pZBgB
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 08:34:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=GoaenNCxjVFrYolu&instance=114107495&version=7.29.3&age=231224&ldt=AD_QUARTILE&key=oX3gvkbQ&seq=1&order=10&vIndex=0&absoluteTime=22954&relativeTime=16465.5&sm_id=2798099&visiblestatecd=I&soundcd=OFF&quartile=1&adIndex=-1&pposition=float&floattype=s&rand=9
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.3/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.232.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-232-225.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:42 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
OpportunityServlet
ch-vid-events.taboola.com/ 		1 B
125 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagRECO_REEL_WIDGET.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Sun, 24 Dec 2023 08:34:44 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
p
sb.scorecardresearch.com/ Frame E189 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1703406866408&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10003&ns_st_cl=30000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2798099&ns_st_pt=10003&ns_st_dpt=10003&ns_st_ipt=10003&ns_st_ap=10003&ns_st_dap=10003&ns_st_et=10003&ns_st_det=10003&ns_st_upc=10003&ns_st_dupc=10003&ns_st_iupc=10003&ns_st_upa=10003&ns_st_dupa=10003&ns_st_iupa=10003&ns_st_lpc=10003&ns_st_dlpc=10003&ns_st_lpa=10003&ns_st_dlpa=10003&ns_st_pa=10003&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1703406884469&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Conde%20Nast&c3=sendtonews&c4=Housing&c6=*null&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&c8=&c9=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-14.syd1.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 08:34:44 GMT
via
1.1 d464a17a20fc9cad7861828ec660c392.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
-Bzign2p3xmJX_VYO55TpTuhGmMj8Ac0eMqyZzCEtiCuW9i2HO8llA==
perf
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/perf?tvi48=13667&tvi50=14563&route=US%3ACH%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Sun, 24 Dec 2023 08:34:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.24.0&p=%5B%7B%22placement_id%22%3A%22htlad-2-gpt%22%2C%22callback_id%22%3A%2222fa3de028fce78%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%223261757598788952383%22%2C%22gpid%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%233%22%2C%22tid%22%3A%22301993a2-d824-46c9-b653-16a5a1a48d3f%22%2C%22auctionId%22%3A%220d76ae26-999d-4616-8097-f1516afbaf33%22%7D%5D&page_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bust=1703406866897&dnt=false&description=Chicago%20Tribune&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&w=1600&h=1200
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYftGAAJRJlQNgBd
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYftGAAJRBlPvQBd
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ch-trc-events.taboola.com
URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi48=13667&tvi50=14563&lti=deflated&ri=9cb76b69d3bffca8c147c519db30d4eb&sd=v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ&ui=84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293&pi=/entertainment/theater&wi=-1609641535813689113&pt=category&vi=1703406867043&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22Visible_3%22%2C%22eventTime%22%3A1703406887414%7D&tim=16%3A34%3A47.414&id=2520&llvl=2&cv=20231221-6-RELEASE&

Verdicts & Comments Add Verdict or Comment

610 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture number| zphrSegmentsTime boolean| segmentsCalled function| adOfTypeLoaded object| dataLayer boolean| isIE function| trackNotificationEvents function| trackPermissionEvents function| promptAndSubscribeUser function| tagToUser function| registerVisit function| deleteUserTags object| BOOMR_mq string| BOOMR_API_key object| BOOMR function| closeOsano object| Fusion function| zephrLoad function| determinePaywallInclusion function| createEvent object| zephrBrowser object| blueConicPreListeners function| BCClass object| blueConicClient object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| google_tag_manager object| google_tag_data object| cswidgetoverR string| zeusAdUnitPath boolean| isSubscriber object| ntv boolean| ntvFired object| trb function| setupS2NApi object| _taboola string| GoogleAnalyticsObject function| ga object| sophi object| htlbid function| Osano function| __gpp function| __tcfapi function| __uspapi function| _typeof object| PARSELY object| litHtmlVersions object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| bc_json267 object| registration object| JSUtil object| webpackChunksnowplow_tracker_javascript_new object| $OPHI_GN function| sophiTag string| sophiGlobalVariable object| Snowplow undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus number| BOOMR_configt boolean| htlbidLoaded object| pbjsChunk object| pbjs object| _pbjsGlobals function| HTLBIDLoader object| googletag object| apstag function| userSubscription function| fecthNewsletters function| userSubscriptionStatus function| OneSignal object| Zephr object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount string| lock object| zephrOutcomes string| key string| testAndVariation object| zephrAccessDetails undefined| activeProducts undefined| activeProductLength undefined| activeProductCount string| leftEarOutcome string| rightEarOutcome undefined| accountFlyoutOutcome string| topicFlyoutOutcome string| subButtonOutcome undefined| regWallOutcome string| toasterOutcome function| readCookie function| cookieValue string| featureOutcome string| sophiRec string| toasterCookie string| toasterValue object| zephrTestGroups string| leftEarMetric string| rightEarMetric string| accountFlyoutMetric string| topicFlyoutMetric string| subButtonMetric string| regWallMetric string| toasterMetric object| zephrMeters object| zephrTrialTrackingDetails object| zephrCredits undefined| entitlementName undefined| entitlementId number| countIncremented undefined| entitlementObj undefined| num undefined| meterName undefined| remCred undefined| totCred undefined| creditName string| uType boolean| loggedIn string| ssorId number| __mobxInstanceCount undefined| __mobxGlobals object| _mather object| _mg2q object| _matherq object| tid object| headertag object| _aps boolean| apstagLOADED object| gKUxDX function| gKUxDB object| xop object| -10rn4sd4a5fk object| 3rw5am88buo function| _33AcrossPpidMappingsProvider object| VPbHbU function| VPbHbL object| xblacklist object| XEkliJ2 function| XEkliJ3 function| xblocker object| TRC object| _tblConsole string| pm_pgtp undefined| msg function| InteractionTypeImpl string| ahm_cs_gtm boolean| ahm_cs_loaded object| ggeac boolean| google_plmetrics object| google_js_reporting_queue object| default_gsi object| _F_toggles object| google object| closure_lm_830571 undefined| google_measure_js_timing object| Criteo object| apscustom boolean| htlbidStarted object| __G_ID_CLIENT__ object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_605987 function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id boolean| plHookRanOnce object| TRCImpl number| taboola_view_id object| ox_esp object| hadron boolean| __halo_loaded__ boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| PublisherCommonId object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 function| $ object| _bcp function| RuleService function| jwt_decode object| justDetectAdblock function| FormRuleService function| BlueConicEngagement function| md5 function| BlueConicMetaDataService object| bcConnectionUtil function| BlueConicDataLayerUtility object| signal_decrypted object| ID5 object| __id5_instances object| closure_lm_460513 string| p54621421 string| p54621476 number| p54621477 function| p54621535 function| oAddDVTag_ function| oGetPageStats_ function| p54621506 function| oGetSlotRenderedLineItemIdByDivId_ function| p54621501 function| p54621498 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p54621495 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p54621478 function| p54621474 function| p54621531 function| p54621472 function| p54621484 function| p54621481 function| p54621479 function| p54621455 function| p54621460 function| p54621446 function| p54621445 function| p54621443 function| p54621436 function| oEnableNullChecklistener_ function| p54621488 function| p54621427 function| oPageUnload function| p54621356 function| p54621361 function| oSetDataParam function| p54621480 number| p54621346 string| p54621347 object| p54621348 object| p54621349 boolean| p54621350 number| p54621352 number| p54621353 object| p54621374 string| p54621416 number| p54621357 object| p54621424 string| p54621392 string| p54621393 object| p54621430 number| p54621431 boolean| p54621435 number| p54621437 boolean| p54621439 boolean| p54621489 boolean| p54621464 boolean| p54621491 boolean| oObserverChanges_ boolean| p54621490 boolean| p54621492 boolean| oAudienceListenerEnabled_ object| p54621441 string| oDevice string| p54621529 number| p54621532 string| oParentHostname_ string| oParentPathname_ boolean| p54621442 boolean| p54621444 number| p54621459 boolean| p54621461 number| p54621462 object| p54621451 object| oAdSlots_ object| otkjs boolean| p54621482 boolean| p54621483 object| optimeraInsights string| p54621493 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p54621504 object| p54621505 boolean| oEnableInfiniteScrollUrls_ boolean| p54621500 object| p54621503 object| p54621507 string| oHasStnVideo_ object| p54621530 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ object| oDumpedDivs_ object| p54621534 string| p54621537 boolean| p54621536 string| p54621401 function| p54621354 string| p54621355 boolean| oVisibileState_ number| oVisibileChangedState_ boolean| p54621423 boolean| p54621403 object| p54621402 number| p54621405 undefined| p54621509 undefined| p54621510 object| opbjs object| oaudLibjs object| ovpjs number| p54621404 object| bc_json268 object| p54621429 object| oDv number| p54621358 object| prodKObj string| oUrl_ function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ch object| _pm_mcg number| p54621359 number| oIndex4_ number| p54621373 function| postscribe object| google_tag_manager_external string| myPropertyId object| clientSettings object| confiant object| au string| nam object| list object| placementData object| optimera object| cmTag object| ahm_config number| google_unique_id object| __uid2SecureSignalProvider object| __uid2 object| ahmpb object| webpackChunkadUnits function| Zepto object| Backbone function| startCMTagMain string| category boolean| DFPMessageEnabled function| OvaMediaPlayer object| _cm_wfCounters undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| DOMlessLLDcallback_12226663 string| lastWfUrl object| ahmpbChunk number| x object| ahm_adParent object| ahm_friendDiv object| pubgroup_config object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| criteo_syncframe_state object| closure_lm_648487 object| BrandSafetyNadoscallback_2347040 boolean| pixelWasFired string| keyName number| measureInterval

229 Cookies

Domain/Path Name / Value
.taboola.com/tribunedigital-chicagotribune/ Name: taboola_session_id
Value: v2_af4d4fc6582acc7666fbf86d8b90082c_84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293_1703406867_1703406867_CNawjgYQrco9GOOk2NfJMSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjTr5S1s6WM3hpwAQ
.chicagotribune.com/subscriptions/ad-arc-ears/img Name: _lbz
Value: 0
.chicagotribune.com/entertainment/theater Name: _lbz
Value: 0
r610.chicagotribune.com/DG/DEFAULT Name: BCSessionID
Value: d99160ac-1157-47b6-9e72-f7a336c35dd3
tribune.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: d99160ac-1157-47b6-9e72-f7a336c35dd3
.chicagotribune.com/ Name: _lb
Value: 1
.chicagotribune.com/ Name: AKA_A2
Value: A
.scorecardresearch.com/ Name: UID
Value: 1396b6a593a72a2c4e2417a1703406865
.chicagotribune.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.chicagotribune.com/entertainment/theater/%22%2C%22sref%22:%22%22%2C%22sts%22:1703406865491%2C%22slts%22:0}
.chicagotribune.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=48738134ab3150350a1d141cb51a0039%22%2C%22session_count%22:1%2C%22last_session_ts%22:1703406865491}
.chicagotribune.com/ Name: sophiTagses.f6cf
Value: *
.chicagotribune.com/ Name: _sp_duid
Value: 02008854-bdea-4175-a6e1-d115837979fc
.onesignal.com/ Name: __cf_bm
Value: a4aHXRhLvpQNTMkTE3gZVwEyf.DS7mJC.RTgu.Rc8q0-1703406865-1-AbGm8TV0GxAtbX4zLxV3HJRq2jljIVyu4q8Dyw/K88rwvtK8GsCqv8lHDgt+5z/yoG3mw2N6qBgcac0AXkCHBFc=
zephr.chicagotribune.com/ Name: blaize_session
Value: dacc9264-6119-4a2b-aa14-0220992df694
zephr.chicagotribune.com/ Name: blaize_tracking_id
Value: eae08f11-6490-4651-a1aa-b131c8c513b3
www.chicagotribune.com/ Name: ntv_as_us_privacy
Value: 1---
.www.chicagotribune.com/ Name: RT
Value: "z=1&dm=www.chicagotribune.com&si=1f3f5547-9536-44d5-8e4f-bc3df1e870f0&ss=lqj8gop5&sl=0&tt=0"
.chicagotribune.com/ Name: _ga
Value: GA1.2.61678404.1703406866
.chicagotribune.com/ Name: _gid
Value: GA1.2.983766581.1703406866
.chicagotribune.com/ Name: _gat_UA-6459251-3
Value: 1
zephr.chicagotribune.com/ Name: AWSALB
Value: kK7y5eiWr2VB/9CVMLIeuNTyTANLEDnqG5ByKADMxInX1V3ZUrRhHP0xsN8fZa3VnVnHX8J4xDy1j0VZS7CVPKg+jp+nahP3LCq3EbB1ev1BEjyI374ZodR26Y6W
zephr.chicagotribune.com/ Name: AWSALBCORS
Value: kK7y5eiWr2VB/9CVMLIeuNTyTANLEDnqG5ByKADMxInX1V3ZUrRhHP0xsN8fZa3VnVnHX8J4xDy1j0VZS7CVPKg+jp+nahP3LCq3EbB1ev1BEjyI374ZodR26Y6W
.chicagotribune.com/ Name: osano_consentmanager_uuid
Value: 78876c58-69c3-4220-8e81-d2a0671f1572
.chicagotribune.com/ Name: osano_consentmanager
Value: T7EEyXmf9jzzcgWRPaN9qwTl9p-KwTZX2eRIT4limTbOwYJuHP9fnBndEraed4prEygfJ4qaLKy_oQ87fst3--9Fez37C1y4TbtXg6auoXIP_oO8omNoBRMuwM_8HLuszylJRvDZ_Hx16PSyqlpI2vVE1FTbSsSRG-bMZbK5A1M72ssUrvbTBZP8qKPJYigSQ4TNW3WAOf1VFIMNe9fWah0oFsf70ft7hz7jbeltVskle50Nnrgw4Sv2udSJsbTloRUjvLqZFZhQ01IQnZUSxcdlAF9WwLddgkpkgKmsI8E2whmpYao6wSBuaO19LYGdwrw1hEo_8Mt1_eFSAkT_B09APcyn0OBsM77KI9_uX9oBglA2WFe2EupHAGoZRRnKMJSwNh5Zct8n0AAnX_5wKJ4CRm48GOsKTgR_hbyX3yfP8E6sFsb6Q50B11cKPwjl1RvaJ-zgWgk_2DSeUDu2buXkFqiPxdDXOpxV4Gr3oJ5KYxh6mpfd3Lby4CgLYCI-13YlkeaGD9oCZ5o3GCX5xtk1WRRMFqALWTKjaMaQYYNKGsLphpg9DuyewW-UJALL4d_RyIQDZQvlODLWoIcp9U6AQfQHZNwOfA0nSoGyOiBv1DXoBXR5YfcerifkrLifwDh10XFDnytHslEthfjN25X64IZLos2pOiabStSXVfH2TwDDBYPr6_JKn_NbAeGQZ_LAIzHEvTxYXoB1PajOAAmLOZI_7bbkR2T_mWZCUXhXXKP-EPhdaIWrQrfgMbf1NGN8B2NwGO9VZoHgjOTM8P9fOyyQIJ2eJsob0l3k6Ew=
.chicagotribune.com/ Name: _ml_ses
Value: *
.chicagotribune.com/ Name: _matheriSegs
Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/ Name: _matherSegments
Value: MATHER_U9_FIRSTTIMEMET2_20191016
cdn.taboola.com/ Name: abLdr
Value: 23
.postrelease.com/ Name: visitor
Value: bb599c78-74ce-43ff-b644-f9f7ebf792ef
.postrelease.com/ Name: status
Value: 0
.adsrvr.org/ Name: TDID
Value: da55406d-0593-41c8-8da4-7f3f342c02e4
www.chicagotribune.com/ Name: ntvSession
Value: {"id":2841341,"placementID":1183930,"lastInteraction":1703406866288,"sessionStart":1703406866288,"sessionEndDate":1703433600000,"experiment":""}
www.chicagotribune.com/ Name: _ntv_uid
Value: bb599c78-74ce-43ff-b644-f9f7ebf792ef
.chicagotribune.com/ Name: c_mId
Value:
.chicagotribune.com/ Name: c_PUID
Value:
.postrelease.com/ Name: ver
Value: 1
.33across.com/ Name: check
Value: true
.rkdms.com/ Name: sessionid
Value: h-83655f4ee18b4c099664b1ec17be9f9f_t-1703406866
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.chicagotribune.com/ Name: _sp_flow.b979
Value: paywall
www.chicagotribune.com/ Name: csparkW_ga_39CWM68PTE
Value: GS1.1.1703406867.1.0.1703406867.0.0.0
www.chicagotribune.com/ Name: csparkW_ga
Value: GA1.1.1550482072.1703406867
.openx.net/ Name: i
Value: b1143432-168c-4ca1-a13b-ab5b1c29c59e|1703406867
www.chicagotribune.com/ Name: BCSessionID
Value: d99160ac-1157-47b6-9e72-f7a336c35dd3
.3lift.com/ Name: tluid
Value: 192548972257572329755
.quantserve.com/ Name: mc
Value: 6587ed13-6857b-cdc7a-70cc7
www.chicagotribune.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
tribune.blueconic.net/ Name: AWSALBCORS
Value: LCGKLIrAchZ1kzFj9gTzCMEZZgnLsn0f4b/S1/m6/A5L8y4fC6jrJzFwJBncDVgdJ/PE4iRVnY0zW1LCxRDATNpRSkFKtKT7SrZcOD2B0c3K/Iw77Imrcg+ttCyL
.taboola.com/ Name: t_gid
Value: 84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293
.taboola.com/ Name: t_pt_gid
Value: 84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293
.openx.net/ Name: univ_id
Value: 537072971|da55406d-0593-41c8-8da4-7f3f342c02e4|1703406867811387
.ladsp.com/ Name: cr
Value: 1
www.chicagotribune.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D84a49cab-0723-4c14-8d7b-1086350ca4ce-tuctc817293
.ladsp.com/ Name: smn_uid
Value: vnzN2yc7idG-pn0UGxvztBA8ZBTmvKc
.ladsp.com/ Name: lum
Value: CNar2NfJMRIFCAMQ0AU
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: a0b644e93e3181bab4f54ac0864fd0bf
.chicagotribune.com/ Name: _cc_id
Value: a0b644e93e3181bab4f54ac0864fd0bf
.chicagotribune.com/ Name: panoramaId_expiry
Value: 1704011667892
.chicagotribune.com/ Name: panoramaId
Value: fa03655cdaff5fffbbe6b60cb1a7185ca02c03b69ec5f1e956c0f38189446386
.chicagotribune.com/ Name: panoramaIdType
Value: panoDevice
.doubleclick.net/ Name: IDE
Value: AHWqTUnn6iPTORyKk_lbIrPxnx5NHNG9BxaygA3M11YrGiS4u1GeVmOZPwQ08LIChMU
.rubiconproject.com/ Name: khaos
Value: LQJ8GVDY-1Y-64YE
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAzNDA2ODY4fQ
r610.chicagotribune.com/ Name: AWSALB
Value: daTUhJjGfSXWOfoE/1SxUAsmFnBDyhvqcr3lynyD/3W0NxSqWIVZ1XuIIftcJEZ0FT5lESwx//MlGGFQJooIhg/mvmq92AIMfv88rlOkHzvMmRas6bmoI0oG3SFd
r610.chicagotribune.com/ Name: AWSALBCORS
Value: daTUhJjGfSXWOfoE/1SxUAsmFnBDyhvqcr3lynyD/3W0NxSqWIVZ1XuIIftcJEZ0FT5lESwx//MlGGFQJooIhg/mvmq92AIMfv88rlOkHzvMmRas6bmoI0oG3SFd
.chicagotribune.com/ Name: _au_1d
Value: AU1D-0100-001703406868-JDOOG8VT-7B3G
.chicagotribune.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDM0MDY4NjgsInR0ZCI6MTcwMzQwNjg2OCwicHViIjoxNzAzNDA2ODY4LCJydWIiOjE3MDM0MDY4NjgsInRhcGFkIjoxNzAzNDA2ODY4LCJhZHgiOjE3MDM0MDY4NjgsImdvbyI6MTcwMzQwNjg2OCwidW5ydWx5IjoxNzAzNDA2ODY4LCJzb24iOjE3MDM0MDY4Njh9
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: APC
Value: AfxxVi68YdFFLFZyOF7ZtbxE6qKjO7MeyLr7PEtf0W3wpqZymuHFmg
.amazon-adsystem.com/ Name: ad-id
Value: Az0eU0oI6EEDuXDJO0xNQYM
.adnxs.com/ Name: uuid2
Value: 399068538422166660
.chicagotribune.com/ Name: sophiTagid.f6cf
Value: 02008854-bdea-4175-a6e1-d115837979fc.1703406866.1.1703406869.1703406866.72617def-238b-47a4-af28-aff7844b2d5d
.tapad.com/ Name: TapAd_TS
Value: 1703406868819
.tapad.com/ Name: TapAd_DID
Value: e42cd243-253d-41b2-a603-b0125185d9c0
.media.net/ Name: visitor-id
Value: 3464084682889919000V10
.ad.gt/ Name: au_id
Value: AU1D-0100-001703406868-JDOOG8VT-7B3G
.openx.net/ Name: pd
Value: v2|1703406867.1|lYvOjEiuhI.iauIjIlQlU
.smaato.net/ Name: SCM
Value: 4a1dd63e35
.smaato.net/ Name: SCMaps
Value: 4a1dd63e35
.gumgum.com/ Name: vst
Value: a_84494336-f1e2-471e-993f-ee0def91ba1d
.go.sonobi.com/ Name: __uis
Value: cf077e2d-1baa-45dc-a6b7-5ae6f51e5aa5
.bidr.io/ Name: bito
Value: AANRO07LD9oAABPGPvuH7w
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidswitch.net/ Name: tuuid
Value: 4c32b22a-397f-44a2-b699-3032a1ebc79c
.bidswitch.net/ Name: c
Value: 1703406869
.bidswitch.net/ Name: tuuid_lu
Value: 1703406869
.sharethrough.com/ Name: stx_user_id
Value: 3046fce5-20cd-4b7b-8898-2c7cd999c4a2
.yieldmo.com/ Name: yieldmo_id
Value: 3zViwwwll1wyy78f92HY%7C1703376000000%7C3435544904198342931
.mediago.io/ Name: __mguid_
Value: f5ef61cad29783d52lw51100lqj8gw9i
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1183761%7Ct%3D1183761%7Cdv360%3D1183761%7Cpub%3D1183761%7Can%3D1183761
.kargo.com/ Name: ktcid
Value: af5cae6c-b8d6-0f8d-5400-df6139e207a3
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3D86ADBB-57FD-485D-B899-815E8B54C115
.chicagotribune.com/ Name: __gads
Value: ID=ec36e0f15dae9095:T=1703406868:RT=1703406868:S=ALNI_MYCeCWgutxiEtIDiTrs7ymj7T4uPA
.chicagotribune.com/ Name: __gpi
Value: UID=00000cc08c47d672:T=1703406868:RT=1703406868:S=ALNI_MbQSRcO4Hp0FlJFp18-MkPntIioUg
.socdm.com/ Name: SOC
Value: ZYftFcCo8X4AAJcvMlkAAAAA
.contextweb.com/ Name: V
Value: VVZLKk9GD3eK
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b72743a087bf3822
.yahoo.com/ Name: A3
Value: d=AQABBBXth2UCEF9zlvBV_-zunATFnfZW8C8FEgEBAQE-iWWRZdww0iMA_eMAAA&S=AQAAAlRudiPgFnPO3FnU4M0V0y8
.turn.com/ Name: uid
Value: 3288562651539434917
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a.DAAhdU3i%2F4UTt58rfqjraIBWX5bM6c92LQ8Yt7fgnIY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-56fb0a48-bff7-5bfd-49d4-c1de12a1912a.DAAhdU3i%2F4UTt58rfqjraIBWX5bM6c92LQ8Yt7fgnIY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVvsKSL_3W_1J1MHeEqGRKkLLcKM.z1G8An9qcnpXMQzy6STyVc8%2FOZFgRSVu%2F%2Bqc7hN1nOc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVvsKSL_3W_1J1MHeEqGRKkLLcKM.z1G8An9qcnpXMQzy6STyVc8%2FOZFgRSVu%2F%2Bqc7hN1nOc
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACJTjfKtZTEMi-Kw-uyeoeOpw1iQ8srx7YQS1NrwhUmEHwYBCCV2p-sBjABOgQ8w7t9QgRtyvgB.3as6KH8lDBfSRcxmiHD4%2FNa6MCwmxOB61SaRC13CHiw
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACJTjfKtZTEMi-Kw-uyeoeOpw1iQ8srx7YQS1NrwhUmEHwYBCCV2p-sBjABOgQ8w7t9QgRtyvgB.3as6KH8lDBfSRcxmiHD4%2FNa6MCwmxOB61SaRC13CHiw
.zemanta.com/ Name: zuid
Value: J0E_35ZT18WcvxK00xMq
.ipredictive.com/ Name: cu
Value: 5a82eb6f-403d-4ba4-881e-5f50e15ae1f2|1703406870062
.ads.yieldmo.com/ Name: ptrt
Value: da55406d-0593-41c8-8da4-7f3f342c02e4
.ads.yieldmo.com/ Name: ptran
Value: 399068538422166660
.ads.yieldmo.com/ Name: ptrc
Value: CAESEBIg7KFCVnt1ntRbutSOPwU
.creativecdn.com/ Name: ts
Value: 1703406870
.creativecdn.com/ Name: u
Value: OyStF0rgR2lAPUZuaN0w
.creativecdn.com/ Name: g
Value: OyStF0rgR2lAPUZuaN0w_1703406870267
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEN7fmBqWyTve3HOV1Z0a1so&KRTB&23025-CAESEN7fmBqWyTve3HOV1Z0a1so&KRTB&23386-CAESEN7fmBqWyTve3HOV1Z0a1so
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8600-2!8600
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AANRO07LD9oAABPGPvuH7w
.mathtag.com/ Name: uuid
Value: 05c66587-ed16-4e00-877f-4096355e4ab0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-da55406d-0593-41c8-8da4-7f3f342c02e4&KRTB&22918-da55406d-0593-41c8-8da4-7f3f342c02e4&KRTB&22926-da55406d-0593-41c8-8da4-7f3f342c02e4&KRTB&23031-da55406d-0593-41c8-8da4-7f3f342c02e4
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 5C7638686559407991A04AAA71D259CA
.smartadserver.com/ Name: pid
Value: 1183772345424093850
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:05c66587-ed16-4e00-877f-4096355e4ab0
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:5C7638686559407991A04AAA71D259CA&KRTB&23486-uid:5C7638686559407991A04AAA71D259CA&KRTB&23489-uid:5C7638686559407991A04AAA71D259CA&KRTB&23539-uid:5C7638686559407991A04AAA71D259CA
.linkedin.com/ Name: bcookie
Value: "v=2&cfe3b459-617f-47a9-8904-0896accf851f"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3047:u=1:x=1:i=1703406870:t=1703493270:v=2:sig=AQF_ZhlOkLqNCP7qPfb-mdDeziLOofVr"
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oq3|7dN.0.AANRO07LD9oAABPGPvuH7w|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3288562651539434917&KRTB&23150-3288562651539434917&KRTB&23527-3288562651539434917
.semasio.net/ Name: SEUNCY
Value: 8E5EDCF1381479C7
.adform.net/ Name: uid
Value: 8877890029443442616
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3hAYuWFfA8CX1SEdXI4nXfMI7t2RUVtcI_Erv-05GDW5PJXJmr2fnsH3JQC4TM1
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2GU(gTnKG!]tbP6j2F-.aDabByFnKcfMPTdIL-m?Z-Y$kCBQl@JK`-v1sZ1*qF1`*b^At(L5^3
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRSjhHVkRZLTFZLTY0WUUiLCJleHBpcmVzIjoiMjAyNC0wMy0yM1QwODozNDozMVoifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0yNFQwODozNDozMVoifQ==
.criteo.com/ Name: uid
Value: d00171fc-9f97-4b7e-b540-f89192de852d
.ctnsnet.com/ Name: gid_CAESEI9JpWKkN81kpjz0FMQmeNI
Value: 1
.teads.tv/ Name: tt_viewer
Value: 7238e1a8-506c-457a-b2b4-22b08dbb8833
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: ebac0bea-3e2c-4a9a-8a2e-77f10615ae2a
.prebid.a-mo.net/ Name: sd_amuid2
Value: ebac0bea-3e2c-4a9a-8a2e-77f10615ae2a
www.chicagotribune.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22da55406d-0593-41c8-8da4-7f3f342c02e4%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-24T08%3A34%3A31%22%7D
www.chicagotribune.com/ Name: pbjs-unifiedid_cst
Value: VyxHLMwsHQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: H36iBQZHXNbDojh4S1mdF6vx
.hb.yahoo.net/ Name: visitor-id
Value: 3464084712889951000V10
.hb.yahoo.net/ Name: data-mag
Value: LQJ8GVDY-1Y-64YE~~63
.connatix.com/ Name: cnx_userId
Value: 65b899e5f0b0409db922383d9a487e93
.smartadserver.com/ Name: csync
Value: 127:AANRO07LD9oAABPGPvuH7w
.fout.jp/ Name: uid
Value: hOvgl8bNpfbVt1rS0YaYrIS4uNE
.csync.loopme.me/ Name: viewer_token
Value: e35333ea-1399-4000-97f1-5028b5962308
.33across.com/ Name: 33x_ps
Value: u%3D212414408442931%3As1%3D1703406871937%3Ats%3D1703406871937
.ads.yieldmo.com/ Name: ptrpub
Value: 3D86ADBB-57FD-485D-B899-815E8B54C115
.demdex.net/ Name: demdex
Value: 24744254767496728642308392305136763588
.gsspat.jp/ Name: gid
Value: 516146c20c50e3405db92b4cae376e45
.pubmatic.com/ Name: DPSync3
Value: 1704585600%3A226_201_197_245%7C1703980800%3A164%7C1703462400%3A248
.id5-sync.com/ Name: id5
Value: ff7963e0-efa1-7607-9702-c4a5f464d457#1703406871955#2
.dpm.demdex.net/ Name: dpm
Value: 24744254767496728642308392305136763588
.quantserve.com/ Name: d
Value: EJMBEgHeKvijD9r7EA
.adnxs.com/ Name: XANDR_PANID
Value: yv9jY42vmp5TUps0VSwsCd6F7qG6ReFYBqVZANghSUyEKbBS1n9eNUsk5UDk9Bt6fuSNmBefXjZx89oGdCJUsH0K7DSS-PC0IKaRcJ4Gdz4.
.googleadservices.com/ Name: ar_debug
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2fs8:18z8~2fs8:19e0~2fs8:1769~2fs8"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je&KRTB&19420-DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je&KRTB&22979-DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je&KRTB&23462-DJmzlF_IupAXmrOWDc6mwF7PvMIXm7vAWZtpQ_je
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-399068538422166660&KRTB&23339-399068538422166660
.pippio.com/ Name: did
Value: IQd6mnBC-MRpLeAx
.pippio.com/ Name: didts
Value: 1703406872
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8877890029443442616&KRTB&23263-8877890029443442616&KRTB&23481-8877890029443442616
.hb.yahoo.net/ Name: data-ttd
Value: da55406d-0593-41c8-8da4-7f3f342c02e4~~63
.rlcdn.com/ Name: pxrc
Value: CJjan6wGEgYIuOsBEAASDwiQvCsQ/v//////////AQ==
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 12ttocqzd5gu
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYftGAAJRJlQNgBd
.primis.tech/ Name: csuuid
Value: 6587ed18ae554
.adkernel.com/ Name: ADKUID
Value: A8883016734441585047
.sportradarserving.com/ Name: zuuid
Value: 59b201f5-c634-4e16-bff3-57b346a63eba
.sportradarserving.com/ Name: c
Value: 1703406872
.pippio.com/ Name: pxrc
Value: CJjan6wGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: b32af544-3a9f-4640-8156-2a007582d395
.linksynergy.com/ Name: icts
Value: 2023-12-24T08:34:33Z
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-12ttocqzd5gu
.sportradarserving.com/ Name: zuuid_lu
Value: 1703406873
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1703406873
.intentiq.com/ Name: intentIQ
Value: Cz6q3A3G0F
.intentiq.com/ Name: IQver
Value: 1.9
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A8883016734441585047
.rlcdn.com/ Name: rlas3
Value: /1k7DWJykM5/Ncw0IBGbUk2C0mLDD834opJ2k2QwpVk=
.nrich.ai/ Name: _nauid
Value: 21265b1c-1cf4-4d81-b7b1-ba02b21f8ab4
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUekxOZTNK
.intentiq.com/ Name: IQPData
Value: 1120628899#1703406873239#0#1703406873239
.intentiq.com/ Name: intentIQCDate
Value: 1703406873240
.lijit.com/ Name: ljtrtb
Value: eJyrVrIwULJS8gn0snAPc4nUNYzUNTOJdFWqBQBQ6gZo
.ctnsnet.com/ Name: cid
Value: 3b2d592dc9ac45cbb2094f80984b7787
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-4c32b22a-397f-44a2-b699-3032a1ebc79c
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-3b2d592dc9ac45cbb2094f80984b7787&KRTB&23328-3b2d592dc9ac45cbb2094f80984b7787&KRTB&23427-3b2d592dc9ac45cbb2094f80984b7787&KRTB&23445-3b2d592dc9ac45cbb2094f80984b7787
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23334-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23417-VvsKSL_3W_1J1MHeEqGRKkLLcKM&KRTB&23426-VvsKSL_3W_1J1MHeEqGRKkLLcKM
.c.appier.net/ Name: _auid
Value: LgFc_1bCCu-P20E8Ge2HZQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-LgFc_1bCCu-P20E8Ge2HZQ
.adx.opera.com/ Name: UID
Value: OPU5e769bebd2a24c9d831699de6e92e752
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU5e769bebd2a24c9d831699de6e92e752&KRTB&23485-OPU5e769bebd2a24c9d831699de6e92e752&KRTB&23524-OPU5e769bebd2a24c9d831699de6e92e752
.adgrx.com/ Name: ADGRX_UID
Value: 4429924a-a237-11ee-a3ad-6fd26945a56d
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 2b95229fd3321f25
adservices.brandcdn.com/ Name: AWSALBCORS
Value: 6HqTVBNLQdNVdKzXvo5pgz2zLWyHbO9vw7d8gFdWlaL/ZAuz6KuCkaNttKvFrKpJXekzT6VSrV2L+YrVe2dzNk2BeXSlmuuVp88LGwcp+fan1joKQY0Xt2Cv/02W
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-4429924a-a237-11ee-a3ad-6fd26945a56d&KRTB&23275-4429924a-a237-11ee-a3ad-6fd26945a56d
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiUmLnWpZnCPBAFEhsKDHNoYXJldGhyb3VnaBILCJrWsd-lmcI8EAUSFgoHcnViaWNvbhILCJTzzYmmmcI8EAUSFwoIcHVibWF0aWMSCwjI2bbgpZnCPBAFEhIKA2FhbRILCMKeoo7s5rY8EAUSGQoKcmlnaHRtZWRpYRILCMTvgPalmcI8EAUYBTgBQgQiAggB
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMWCo8lLfl9wMBMRSCAAAAAAA&KRTB&22713-AAAMWCo8lLfl9wMBMRSCAAAAAAA&KRTB&22715-AAAMWCo8lLfl9wMBMRSCAAAAAAA&KRTB&23519-AAAMWCo8lLfl9wMBMRSCAAAAAAA
.w55c.net/ Name: wfivefivec
Value: fwAVYZfJ1RhjWr5
.id5-sync.com/ Name: 3pi
Value: 112#1703406873465#1733136485#8E5EDCF1381479C7|2#1703406872731#-941423496#399068538422166660|19#1703406874925#982308378#a0b644e93e3181bab4f54ac0864fd0bf|1221#1703406875439#-943326639|264#1703406873021#299131744#da55406d-0593-41c8-8da4-7f3f342c02e4|10#1703406874452#2054976948#8877890029443442616|108#1703406873942#1608636408|285#1703406875439#1878967449#LQJ8GVDY-1Y-64YE
.tribalfusion.com/ Name: ANON_ID
Value: a1ntuJMwTkE6XlypqpMS1ZbvexaZdOb7Zcu8YmxhxPpMgZdtJc43fT4EQN02rHksloHxtCu6qZdgH58R9QR39st5opobQ
.w55c.net/ Name: matchpubmatic
Value: 5
.chicagotribune.com/ Name: _ml_id
Value: a23b5d70-719a-4890-9c43-2dc77d15c83c.1703406866.1.1703406876.1703406866
.w55c.net/ Name: matchrubicon
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:fwAVYZfJ1RhjWr5&KRTB&23421-uid:fwAVYZfJ1RhjWr5
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLUW+N+ccBqpmsvGr/qdDoV7Mg3NUTe/L5av/oZ4kQb3DD2H14sNDHla6DHE+zOnoqi8+sqs8BO8yYbB5SW5XQ38+4eX38de/pfW8pPU411Fg==
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: SyncRTB3
Value: 1703980800%3A2_223_15%7C1704240000%3A63%7C1704672000%3A35%7C1708560000%3A69%7C1704585600%3A5_254_7_209_96_179_8_21_220_107_46_165_247_176_234_56_233_54_238_264_13_214_22_3_231_99_71
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004%22%2C%22nxtrdr%22%3Afalse%7D
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjKwNDUzNDaxNDUwMRDiM9S1MMnSrajKDzIIyg0EAMd4r18lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjKwNDUzNDaxNDUwMRDiM9S1MMnSrajKDzIIyg0EAMd4r18lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBsYmBmYW5ubmoAAB6GtNcQAAAA
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004&KRTB&17107-RX-55013440-478c-43d2-8c5e-9c9e56ac3ef8-004
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1977432095613495040
.pubmatic.com/ Name: PugT
Value: 1703406877
.pubmatic.com/ Name: SPugT
Value: 1703406878

13 Console Messages

Source Level URL
Text
security warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.chicagotribune.com/entertainment/theater/
Message:
Access to fetch at 'https://ads.yieldmo.com/exchange/prebid?pbav=8.24.0&p=%5B%7B%22placement_id%22%3A%22htlad-2-gpt%22%2C%22callback_id%22%3A%2222fa3de028fce78%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%223261757598788952383%22%2C%22gpid%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%233%22%2C%22tid%22%3A%22301993a2-d824-46c9-b653-16a5a1a48d3f%22%2C%22auctionId%22%3A%220d76ae26-999d-4616-8097-f1516afbaf33%22%7D%5D&page_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bust=1703406866897&dnt=false&description=Chicago%20Tribune&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&w=1600&h=1200' from origin 'https://www.chicagotribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://ads.yieldmo.com/exchange/prebid?pbav=8.24.0&p=%5B%7B%22placement_id%22%3A%22htlad-2-gpt%22%2C%22callback_id%22%3A%2222fa3de028fce78%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%223261757598788952383%22%2C%22gpid%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%233%22%2C%22tid%22%3A%22301993a2-d824-46c9-b653-16a5a1a48d3f%22%2C%22auctionId%22%3A%220d76ae26-999d-4616-8097-f1516afbaf33%22%7D%5D&page_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2F&bust=1703406866897&dnt=false&description=Chicago%20Tribune&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=The%20Theater%20Loop%3A%20Chicago%20Theater%20News%20%26%20Reviews%20-%20Chicago%20Tribune&w=1600&h=1200
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://p.ad.gt/api/v1/p/694
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEAkrZbj4lFaqKf_HM1Y0j9k&google_cver=1&google_push=AXcoOmSeRUmHsJsF4bg-RzqhVsBsufyA6WDPRvgoETPDLOs9ZtgwpiJ6tRuWF9D6I5Gu3C3h7ucdivcGSzicb5EktMu4ClJjHrTmUOEFJq2JqDRtLFDLebujLNbolBq-MXOL6OCJtR2tk-zjBOe6q1AsHg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7cd985a9eb902c603892462e84636344.safeframe.googlesyndication.com
a.ad.gt
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax-fe-sin.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
adservices.brandcdn.com
americanhometownmedia.com
ams-pageview-public.s3.amazonaws.com
ap.lijit.com
api.rlcdn.com
app.cauly.co.kr
assets.zephr.com
authenticate.chicagotribune.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-nf.rubiconproject.com
beacon-sin1.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c.go-mpulse.net
c0.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
c1.adform.net
c1.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c3.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
c4.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
c5.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
c6.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
c7.eu-3-id5-sync.com
c7.eu-4-id5-sync.com
cache.sendtonews.com
capi.connatix.com
cdn-ima.33across.com
cdn-p.cityspark.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.taboola.com
cdn59755463.blazingcdn.net
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
ch-wf.taboola.com
choices-or.trustarc.com
choices.trustarc.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cmp.osano.com
cms.quantserve.com
collector2.sophi.io
config.aps.amazon-adsystem.com
consent.api.osano.com
core.iprom.net
cr-p3.ladsp.com
crb.kargo.com
creativecdn.com
cs.media.net
cs.minutemedia-prebid.com
cs.nex8.net
csi.gstatic.com
csync.loopme.me
d15kdpgjg3unno.cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
d24zb9qreavi2u.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
direct.ad.cpe.dotomi.com
direct.adsrvr.org
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adkernel.com
dsp.nrich.ai
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
edge.blockboardtech.com
embed.sendtonews.com
embedcdn.sendtonews.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
eus.rubiconproject.com
events-ssc.33across.com
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gocm.c.appier.net
google-bidout-d.openx.net
gum.criteo.com
hb.undertone.com
hb.yahoo.net
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
htlbid.com
i.w55c.net
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id.sv.rkdms.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imprchmp.taboola.com
insight.adsrvr.org
invstatic101.creativecdn.com
ipac.ctnsnet.com
jadserve.postrelease.com
jp-u.openx.net
js-sec.indexww.com
js.brealtime.com
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
leisureblogs.chicagotribune.com
lexicon.33across.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
mng-trib-tagan.adlightning.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
opps.taboola.com
p.ad.gt
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
player.sendtonews.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
r610.chicagotribune.com
rt.gsspat.jp
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s.seedtag.com
s.tribalfusion.com
s.update.rubiconproject.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sg2-bid.adsrvr.org
simage2.pubmatic.com
simage4.pubmatic.com
sqs.us-east-1.amazonaws.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssor.tribdss.com
static.criteo.net
stats.g.doubleclick.net
svastx.moatads.com
sync-amz.ads.yieldmo.com
sync-dsp.ad-m.asia
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.fout.jp
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync1.intentiq.com
t.adx.opera.com
taboola-d.openx.net
tagan.adlightning.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
targeting.unrulymedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc-events.taboola.com
trc.taboola.com
tribune.blueconic.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
usersync.gumgum.com
video-assets.brandcdn.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.chicagotribune.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.tribdss.com
x.bidswitch.net
z.moatads.com
zephr.chicagotribune.com
ads.yieldmo.com
ch-trc-events.taboola.com
cm-supply-web.gammaplatform.com
cs.nex8.net
sync-tm.everesttech.net
103.229.10.171
103.43.90.19
104.17.25.14
104.18.214.59
104.18.24.173
104.18.36.155
104.18.38.76
104.18.41.104
104.18.43.90
104.21.64.98
104.22.4.69
104.22.5.69
104.22.53.86
104.68.31.231
104.74.46.234
104.80.232.135
104.80.233.57
104.99.59.17
107.178.250.234
107.178.254.65
119.9.108.211
124.146.153.164
13.107.42.14
13.112.54.241
13.224.181.100
13.224.181.14
13.224.181.52
13.224.181.66
13.224.181.8
13.225.141.90
13.228.126.19
13.228.9.27
13.250.207.233
13.251.208.106
13.251.27.98
13.35.147.123
13.35.147.91
13.35.147.92
131.153.206.101
133.186.161.89
139.162.40.113
141.226.124.48
141.226.224.32
141.226.229.48
142.250.204.14
142.250.204.2
142.250.204.3
142.250.204.6
142.250.66.194
142.250.66.202
142.250.66.238
142.250.67.1
142.250.67.10
142.250.67.2
142.250.67.3
142.250.71.66
142.251.175.157
142.251.175.84
142.251.221.66
15.197.193.217
15.197.196.10
15.221.8.212
151.101.129.44
151.101.65.229
151.101.65.44
152.199.39.108
162.19.138.119
162.19.138.82
172.217.167.104
172.217.167.65
172.217.167.68
172.217.167.70
172.217.167.78
172.64.152.89
172.67.36.110
173.194.193.94
174.137.133.49
18.118.89.101
18.138.18.111
18.139.210.126
18.140.162.50
18.143.230.122
18.161.180.118
18.161.181.197
18.164.154.17
18.164.173.42
18.180.45.14
18.65.25.29
18.67.101.66
18.67.111.102
18.67.111.105
18.67.111.116
18.67.111.126
18.67.111.13
18.67.111.14
18.67.111.99
18.67.114.43
18.67.92.138
18.67.93.11
18.67.93.111
18.67.93.116
18.67.93.126
18.67.93.46
18.67.93.60
18.67.93.77
18.67.97.57
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.73.232.225
184.84.165.201
185.184.8.90
185.84.60.20
188.240.13.1
188.240.13.2
192.9.186.67
195.5.165.20
198.8.71.131
202.232.238.37
205.234.175.175
207.65.33.78
207.65.33.82
207.65.33.83
209.191.163.152
209.54.182.161
216.137.39.73
216.200.232.249
216.22.16.52
220.150.223.50
222.230.178.29
23.106.127.169
23.106.127.53
23.202.168.127
23.204.65.234
23.206.242.194
23.214.36.171
23.221.21.71
23.38.131.47
23.55.12.201
23.55.6.117
3.215.25.133
3.218.94.162
3.236.169.72
3.33.241.113
34.102.146.192
34.111.113.62
34.117.239.71
34.120.135.53
34.120.58.62
34.149.26.226
34.149.50.64
34.224.179.206
34.96.70.87
34.98.64.218
34.98.67.3
35.162.220.137
35.186.193.173
35.190.39.111
35.194.66.159
35.208.249.213
35.213.12.39
35.213.93.179
35.214.187.199
35.227.252.103
35.244.154.8
35.244.159.8
35.244.193.51
35.72.102.184
35.74.118.231
50.116.239.135
50.31.142.159
51.68.39.188
51.75.88.178
51.75.89.127
51.75.89.188
51.75.92.250
51.75.93.98
51.75.95.152
51.75.95.199
51.79.154.29
52.216.170.91
52.223.1.76
52.223.2.229
52.25.95.187
52.76.165.247
52.76.177.21
52.89.2.84
52.89.208.126
54.162.68.92
54.183.248.142
54.198.156.105
54.215.107.128
54.215.67.68
54.227.169.0
54.255.34.175
54.255.42.142
54.70.109.25
57.129.22.38
64.38.119.43
67.199.150.82
67.199.150.85
67.199.150.86
67.202.105.23
67.220.224.150
69.173.158.64
69.173.158.65
69.173.158.67
69.173.158.68
69.173.158.92
72.34.250.75
74.118.186.106
74.118.186.107
74.214.196.131
8.18.47.7
8.43.72.98
82.145.213.8
89.207.22.114
89.207.22.73
0040155605050f9f4213a5320ef04ff1c83ce0f40f8e35f9fe9f6a211b8c9334
00780e70e73b7298c973ec9c7f95340abccc7a8cc9c64c92095636d9423a7be8
00eba6a35ca2f6ba8d4cb10e39dc9743f165e5fe05df883085addacb761c6820
0295dc9ffa05332413a394e59e9c5aa4333d7b92075052ea4ab14809ceaae4ef
02c5a06b4c13fd58a5f56263cc1486ea41ceae047e48912a062fe5ee9d962caa
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880
038e34f0b7d13c052b7c3f35ae343785a36e7b851f66419c7f0f4da52d84a674
03a5e73099383f82d8af2c40542efe7d84cda68e8e3894ed55144012b2d338ae
03e16c767841f2ab4ee4c09f8ea9904590c07914f0929d115af79ad6538c39d0
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0431097556adadb810d9a6460952cdc2d42b96efc8a1fbc4663d990796397f02
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
056d91bee178e92d43ec10d38fd831c115cb9c17f71a13a69d3ef43aa1980f7d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07743779ae2fa5aad24754153ec3d919d11a7bc7896f8d5f621edad1b54cd1fe
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
094c53f3d2ab17cba20238510906cb255868348f2fc899cd7500359fc678f65a
097b6477742ed2b1922445df1dc82fde1bf4f5d6a195421b82acb94d0c68fb6f
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a3679f626fcbcad905b59d7f6e91d0e443da550a82d393a64aadd4c1c200135
0a3a14e8f7f67ccade8799d4f19b031e2cb10a705366392a3b35b5d21537d300
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8ea00d9679c54e34b0cd0159650a40856e96e775d2eae328c800e546b956e4
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cf29a52d706ba91207321367951aeb81db7400acb029161349eb8635bd5c229
0cf520f27d8473488a05d42bf1a41727ece94663563b28250f285077cc5ccc97
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10b3464b5fe8d62a5799c78d0c09394203fc5b3867201782e678c04564672a23
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
12899275c1df5d2c9bc427847d07cf596ad57f8a569064f7dfad2475605986ac
12ac85e52c7f9f79b9ca04f745b8031ce61269ed2738be934d0f91a4e2709e15
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
136da243e8530b5a610fe55ae0e0c4d9a85f6a3c14119177be59e940569263c9
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
13bc6fe02e303225dc2a9d9ba3cda4cb973b86489ec253727f54ebbea089cc8d
14e06db8878ce6fcd09fd513ca16170901efdf36aef798feb62c4fda48d0c05d
1543fe3f4af7cf88491360677e7ad4049ee50e4fd23e81e2a06c1f79e09afb89
1728b8c2bbd6639a6c6c392ed0c0141f1a1749cc4d3bb72453e9956f04662f32
1803c7af697e8608efea1365af8bc4c908525993052e54380f93641409cea184
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1b509a2700f2fc4a2d523d692622e1740ad765e5cc13ffbc6c36b7b2f873544b
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d94c96db9e0666e51f97a821f8d812010b44ae4d25683c25ba71d45ae622f70
1e41bed45469f5aa1999ef5bbffa07fbeb3c1184720bfc09dbc2f2e0424dcf6f
2121d19bd323e9fff27ceabcb822c94181eaba3630522a5051a7466c6f500117
2173471d2057bf7f6a4f1e832e72dca89b13655ac8fad8780c2c984160d6ec61
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
2579a57717226af37995578f8cd93ed630cd40e930e4b3391893ce973cc1bbbe
259562a102316bdad565e59ac96db1e20f80c15e250073afa0c2b1c592c13080
25f9c4ee75160f22a5e0ca25099324fec70b9358c5f5d658343699faed84bf24
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269898f6d237fead22e7f47ce9cb656b79fdb8fd89328a96fd463957f37558ba
278fd25ce778a3057a3cec28ef5fd1d72e02c8f83ac85aec6f05040d7f285a52
28570723d519559b09140ffff2a402d539c48d43bf3f0e54fd0865b3a45d8fa5
28fc0aa4c7fe123c5eb98044e4b47416d4bb2e7cb74fd0cb0953e3928ba7195d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aaed3c3bc1abebad1d691d6629a032f7cb60efc7927014a0eb13588f89f623d
2b746f6fd9fe6894f10d0780594408a714619fedf6cc7b1da4d70ebb81949d86
2be8427430e7224f12fa866716a531fde2ad5d1726db5f218bfa7154db642a0c
2c3f9e7a3da6579940bfdaa2eec384c08e8936546c755f78f58936ebf1d15d20
2c6af19ca8643a7a412e4f1f2316475b7b4e1b10735b33078f5582ade617722f
2d11c1d8ebc1e6fb7fc8718a26773ee778807c7024a0b00a8b92074bc1c68c67
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439
2e68f001139068648a00b789f6f8239168506c84b94615bfe0271e83a1ebe153
2e89f12f5b295126335885dd2c01f5c77c69d501230fd7c76a4d6b2522da9be4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4786c976f67c84985dde7a0f7b384e3bdb3602c68c5e9fb5108a20f6908cb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3
35d723878f5ed470f59776f9d9b25edcc5574bf4641b7ddf6554a5463da5c8dd
365e791282ddd2777064c34441974960191378938aa5763c7bcdb15630fc8c12
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b
385b775f1349e9d369a6c6f63a0aafc11c22515ca8c97f2303038a2c6cdaf858
38a6615419cf824b4b42cd20fb3ab7d2fcb7c270a38b8c1b286629ce6770b693
38eb4b0e66b3a70db4cf4070cd713c2d6ff5abaf35d0ad27a22c9038ece0b3ec
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
397b52ad51a20a5929e3835fe1ac5dc80f0b8da34f5845dddecd8f8bc67b7cf6
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a67fe1e3752a0a0fa3db75543bb7eaa6acc2e9627f903967e93225e205eb987
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c486a0179c2c6ec8027953c94dfd076d4e358bd22498ead877f4f875c95e93c
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3e883a80bcc7ea06ad0e3525983920dc89503aa813db81019812982dd9b80889
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41f11f646e259f22baac637aa29f6e84dff447b532c3f2d22cd435d8da1f8302
41f7954da7b3a26296adca8a0d1724d404068ebeef48a7ba4994013649d7cda4
42a005307322477006772c2e5019a400262164f6c9b7644f303fc24fb84fe52d
43222dd3c165ca832722ebd99e62517b3991a313f867870c3fc3cc21e928e4a0
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a5b80c9809c9323c5393246317d5ca563893b092659e96cebc9ddab67018dc
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b5371117d04078248ac30bd15b952841a2e5e20d4128f3610cf5ad10f189cf
4820a92bf392bbe71205cd586e2b14ba757b39abbce2ade1337b59ac7cbaa3ab
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f8e4c1e23417bc793d63648af151809f03da460e7239ffda47431798424cf7
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
49da2800a745ccd79fa0495be32c6221c15e109d91e0544caafb129913fe325e
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bacd8bdc9484ed67e2910781a529e931e3129507a16036f4e346bbf554fb210
4ca76e6e4dd7d02fac59fcf41f8b89e486a5a141a6025cdb3115233d1caa739b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e49d30bd41ac22839665e038310cfbfd237be350da00e1cca8753e4c5c59424
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5115a5423518d3688fc7371a291c36d4a086b40c3f4c022bfe539989dd77d365
5118dea2c357c2d68cb39bcf228ed64d34dd34739b6dcc7d3f4236b476932b62
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5686bcb387468aa4aee44c7777977fb187f48cd6c324171647e2342ebfac423b
5757f49e783830cc9fc1f2d675544f1a315c69952d203ea1331d3a55ac46d230
57aefa73d85db298c5a33696ee366282ca6ddaedb1112405a1662a703826a216
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5dc6229c240f16708f2d39ca6e7e5508cb18e4b2e0be6d69f2d0df07cb3f8111
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
62cd9d59f2633ccf99d5dfefb7065610b62648e345138b4391e75c255b9b0aa8
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64c8660bf5f5225ccf270a24877eb8f1082b603b9d58c4d192aee1c706a66117
65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98
66e7656dc57ecf05b433ebae0948744b817616f643cc85099147f0cf89f21bba
681bbe9680ae5ae44eeb6d06c2ab166c1a7b457e0410cb73ddc77b02be6f6c40
68695c601fa95d4bb33373955d52ec3f8a5c0b8233df2019918276a1fe1f55e3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb175f86abcc01c241a9083821d08a869a81b5520e5b09c83fb86fbedecb1c7
6cb8130702088124b2c83acf10845c278984c8bd84ca17e22bebd4ebd5aa72e6
6f455714b7204d2dce526ed15996d2ad9f4a4e13a0fa32d57e3af0c4157cc177
70c512cb9e53a27c317eb61e14f5a5e8caa1c796beb1b5cc125b27ecb9db21af
70f1ff4f6915f04fbcb20b209134899dee458390b803e98007d5eb5695669b3c
7295658a636b95bf5803504a22d250ec541694d213761696eb838ded7f9cac45
72d4bde5ff8cdb3db436c3077fbc4a7556367c5b5099ecea01950b90333c74f3
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
738caf369e1920dd88781f1e886076d9ad0cf15ba1733efc995f730a6eb89a84
743aff87bd9a634c1ae32e122e1c8c40f957fdad1dc396f2f09af9138ce22c58
74876348e3457273e60317a9f16d881af6a665880d7d82934590482169dd1f86
780c6bbb6af26bfd0e7fe7d36eab7dd6cfe905656061f72763a54719834afef0
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425
7a7ccde200c03e143c3b59d166adc4aca2566d057611dc7efd2e28c4c9ffe905
7b31b645b818d1288fd69e0e275f1fe9dd6d85832a729dbd6731010c5c594414
7da8ed02f662c043e8ffd867b6cc772564a08c7d2fe38b8ef06500e968ced3ad
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
8064a688c1f37a0d7827fb5cac7592182ac98212f367948c366f409eff8c808c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
83f128ce08ba40031ee836cdfd98c8a664f320a79f1d64bc19c5cc9be22407c2
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84902b349d13c9809321456c05f34b5353cc7a40ef081ee4c0619cf44bb1d2e9
84d1fbc142889028eaf72ce825e87d55a543a2f71eaf7f43f10b60ee93a40de6
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
87706e2ede4d13be9c333401097c8a2254f04f043c26b3b4f0a844900e5a237c
8786744e07b6de2109b10b047a7997c5d0aaf29444ba2fc96bc0e97a3b474c0e
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
893759e323386cb8b7b5304e7b0813d64461163aff5d2f9e655b002ad50fa861
8aa81178cea7fa49c90d742dffb4a2f405edd7547d4fb09ca277c8daae3fc051
8bf8dc4fbd88d29136c428962e6828770e537cb1c2c4b50702602fdd236ba490
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f0e0e0a345c71362655aec8ec60b105bc69e4e846351623ba7fa7b60884c4d0
8f4b617a984bb7bec5fea820558b71b5099c61ce8c7875a9df9d97445e70206e
8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334
91641b3f5ab57b83d56ba23ba3f9d61835b63bf76c0e68e16c337caaba211111
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
92ebc538989ef11b951bdd2d72ad137ea78ca9079924507ce551cdb664df6ccc
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468
94f21bce369a8f9527205fdbdd4d7a310695cd522d20af1c189768865b41737c
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
95a3be0e9a1b05152296cf246841e61e97f3b57dd7ac3a0099b3ce5f8562db85
96773b4af0ee4898823a0c7dca1aae86754dcd67dcc96c68473644bed6907ca7
9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2
97b63b55b44997ccdbbff6fe86f1160700ea3c9dfd275f620e7ffab486291120
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98a2ea71e157b2b7d9d07531b73ebc97fcd4fc5f493300807c50ed896b0b3def
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
99fe472b69f07a75391845fd2b287546896f9165d7ad2f6d95445530a78f0896
9a7550f51dfeaced9f29842f1ae4941556c4fcf3751a738bdfc6dbc707c7d717
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad1bdac24ea6e213f86e8b70336ef3ca5304faa3f217ee2793a61b0d5fa58cd
9b49922aa9bb64b69d5f97ca5f77da84d6d648072a9d34a5d3387e6a6f1c765c
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9f312919ab724d69629ba0e3df69fc18e83b3ed4b101ae0a49970aad9d3ba22e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10a3b89118b26fa8472f1472e5291e268e2b005108db1b42684ef609068c833
a118b2a282917efb92f3736b8b424ad058ab9f467fcff51bdedbc4745e08d802
a1ca6cc594acb4ad8fbfee85e73af090c7509073d097620e181eab3a2eb05659
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1e2f8324ff598954b87892626060523b886af0898c423dd7fb9ae0c639d9841
a2db9dbe9e508943befef93ba539d3675a5e2c5701ce0671d5f2baab3070a116
a2f2770331da97454b49f5da15de4b42f8d7f3e08f8cb69552ab7900b6a786a8
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a6cc6209a1f2630a25262b82d91b3740f48a9cb0cd357b3a2a472c3503853c0a
a730ccb9e58b78c4170bc5f503d4e2583e16b5f4a29ed503ed35d251556abc12
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
ac1d608c9fff77e9bf2dffc850f84cfe564047597a9eb238bf68b0ac2f771276
ac1e612ccd25b8388df18d0663ffe86d88745974258f8eb0df8abbbe187505db
ac97df2fbfe603d9f6e22459a4ecc203e2786f8bb2b38aeeb727841e68109b08
acc22528760db724da4c4c8b48a939ff1afe0d2fdf16a0f554f0db01e99dea0d
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
accaceb4846ad583d1dc334d4bf843ce576b0f12359988cd0f7d316aa37813d2
ad7ae8af2e7b8439c0296da88adc1682b2047a37a8440a7c3e54bc2ac846b677
ae8207f30886ef630b0e5fbd4b7c11bdcd123e0c1748374f02e99b692d9477f5
ae86f02c6c37e80dfca889f2395ad795fc8660396b7a6c7b6b2ce5ef43e8d36f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af23b8f21cea418d2f5e814675580bb5ab5b5215dad3aa741ee42f8725c9b70c
af4566bb9dc17bbdac65cb62445451255ccec18c0698ac5d04c825ccb1b12e24
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b08adc41c5d058ee4e0b817a587272f1a12a689bcd50c357d5c023fef730ac06
b0cafd16bf0a7c3f7217d764a4d01f1394bc19052eb6b2cef6ff6800ef7e9459
b0d95366a577ac2dc950d1796835d1e1cd54313816f019d540ba13d6caadb022
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2be9bbc888c49d955c1c76dbee70c9d258ffcf421f9999ee98707a3766ca748
b2fc3dab81b24b735012f0566b08da2cc0cd861763d5d54a8dc8b83f8c20c404
b326e360e93cde30ad148ecacd6132a107a60cffc7c7f6fee309f2f1f6303045
b3cb63a459e305a56ffb0e4363c5a396a935338fc4e213e642a12d25b7836974
b4043947b3bdcbb076641350ad99bc53f5d150531eb73c8048e9102e8c4b0b70
b6b7fdb86156778e845356bd7e5a5115fa013e525f6ddb6e604b8f31de1f5b7a
b96832ee49d210ef7b2adf148c33b05b9cf79278df177af263e13731769fa352
b9f892139e697bb9ea1db18fdec0a6ec24e17e388e833963adfcc783bb110d4f
ba1328e3dd341ce08d8980d82c48ea27789306494ae8f8d702e993e00ab53efb
ba7988099dfc03e0f473fbc8e2dbc70866d8f534fdc5643b7dfc877d424d56e4
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bbeaa7b9b9943967557992f03a470ab9687e6324a86b1110e0d5c9ff2313342c
bcb6524ecba4503be02dc24a56c40590469191ee7d010f207647debeb64bc2da
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd1a812d8ce37fb62d93767013b748bddc4f746ec979e7b8fa68a811d31e76ea
bd4072a30dd399e226302162ee7824a4cd1a5f55ba10819dbe14f68711646c4b
bf6c7a931468e1f33cfd7b4330320d233f647740f5c373ef0cec2820e59ca0d8
bfcd371232f5a114b797eb525ee5beadb34766c665df10c0bc028459c53b539b
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c05c035b6439fd6a41c684eddfc54e460c2f390f0b73ab792392486c02fd848b
c1a55de9c3ac681c3ecb9d60b582cd2939eb807a0c2d3b71f3b161011d69e850
c1da63ae01f0c49c3ddaad4da5cf810d188498cedd8b2f4f4051dee58c838ea3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c385fefcb7b0d37f7a4fb8ecb910ebda9a1e682a363dee364de0781ccb422f11
c38963e1ff1c3d8fc25d54a3f85453b219817df6e8d9dabdf65a5c3f6f29e769
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c53e59342075867fdbf18827debb68d178d12711fb7960ad7bad2b2bd9a4e05a
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c74a3d5627a4499efc5379666949261385df07c358d6405529065ef352f46eb7
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caaed1d491d3bdaff3b1bce74b8d90416583f27468d91c7a9a9117fab15ec45c
cb7323431468fe62348f734ab7c502ca1132272f1bd7487b5ea2d967b22bdccd
cbf55c315b3b04acb354346ccc11706da77ef620891b9cfda1de4970954c88fc
cc0c1be5c480b126b4c776ad4c2b29bee9663e1da188a965f2c0beea327dc558
ccf2a8b42a1fb107512aed1d20ca6128e3e30462165f7ac998c09fdd2782d123
cd578ce3134a5ee11a46a6c33e523521450542920959bd514428a9fbffd3744e
cdf5d667b636a1f1cd7d3e8f7e907547146a9aebdfdff34912e4221f1821635a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e033699ca8e03daa29d6bcb4c8b5fe1ee98c1dd10765c463e68567702de8a6
d0ef3c7799e3c9c428e77633c733c2ba9eee2abb80a35284bdeaeb47650b7afd
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
d29d17f6dbfebe7a1e08285f002483bc0a530a529b21bb7010a34a78a2d41dc8
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d4d1f101ee5e3c8c23779dedb2b965f5eeac2191eaf06672c0a1f964d3e04061
d4df964562e1f968dd8b0100b70e77692f8e5267cf04b7b50655922079efa87c
d52586858e5eee0f81bc3681890ab601c27cfa062cd8823c57269903d6abf45c
d589128c9dc738c5683bf988b437331d5d2b8dc2c2671cab1c5775024343124b
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d806630f8f34fcb8861f7b3f6b21f0ec7a096ed849d66df56c99a26aa9acc85e
d9ae60d4569f669d97e7e9fb5e6b8b4814fac71564beffbca38716020f0d821a
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7
dc1079e1a81dfa1df4e868c04a422a0b77ed63e8e7ce05707e43ff3fb9c81db1
dc4e2354abc0593eae01a97f01c2db7db1aaf1f890080dc54890d09092b0d56b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def6a9d822627b0ea4a61278103db2436736304a64d6c3efb2557984528f8f25
df20d6a696c00699cbf5d87094feb2b052ef949d3c1da0d261809e04b782394c
dfe5dd4883131c520d459a2b47d845c4779add574cf388a1aa8d9e16b7f7ab8e
e1ef8cf9b812fef11186e3427458c238a5559295740d710aea8916ff7b6c3a98
e24b15b9d2a1112a3c686d9029d649e2ceb76737af94b17ff692143775ec30fd
e2a78319ad9975be4685a4f5e9ba871b2270401c105654b213db3db32a287f0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb6496bdc7cfb00d98bfdc7957e368fe0c701fc8012f2b612d1ee73f0132f3
e4062f4b493526289edb6e6d9f37a29636d36bf1c11e444635daf520ed3fb68d
e46220ddbd3ae53145397f9422a5ab3c877bee95563fee635f883f559644b17c
e478e1fa7ba9f662392f0c065d22e9c2114c4075cb73d70823e84088cec90a64
e57621d7cddfd90952a2d7e468d0f95d4bd08978dd4845e52fa3b0e7a4ad05f6
e59ad9699b8261ca5a664fcb484bf032a39f95831527bf262bb707c851c6a022
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e79570e30c474e4175ac4de645fb0c48f730e9964e53635471bad737c5ab54a1
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a
eda2dbbaec1ac622dfa7cc216bf895009456b823f65e01515c12a8ec3cda1824
ee530192da166d11e1d801b163236c36d40b99a1807e003c41d5107e5d73e5f1
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
f1745abdb46594cb3e9d3fdd4c524db52fed168022ec6344b48c9b5a2a9cd13d
f2301ee6a63d8594046b5301fbe9a136fb5f7459db8016c21e62ac4cb6f3b783
f240ca8aec3183c8868781f35215178c466b30aaf818e8492439dd1bb6058e06
f35a7a3eb28e1da39e87276b8f75d6203b808e26b63218ffb0be3fd62e0de605
f36587ed878f51c314bb01bedbf234ded1f269f8a38e44f7c8c507e0ddf71d4d
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f5097ce6f523153ef7a923cceeefe20c2ace7189caf5cc7e2bb31b42fa27495e
f659371cfc7235fcbebd8e51941ab99c22c3dc88d7a4b263208e1e6a41a7ba0e
f675454b1eb998f08e6400a9a41ac7ae2eab274115dbe586c784d9c39ee07594
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9a5f24c4d1eb64942b68f1e4fbadf78a8a1a3d15c49d32f3507fd321b8f53c0
fa47780143a54c056a03fed58a8b7eb0e99c340b9b6b6a3409f360912e6a06d0
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc4f07e9617f39f9e15807db90fb898a82bf309b1429de50209aad9c0a1e406f
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f
fd58f313532303eb27bfd39c29d3cda5b94db119cf9e0aedd9f4d34e172034da
fe663eec60a09befbe1ead3fbd8efea2cb0f4eceac379cf812c5e8f39bfe721b
ff0f5d9f1ddefb32d6b533b91ea88ba9e770969c9e5161334fe62ce3ae2e8970