chicago.suntimes.com Open in urlscan Pro
192.0.78.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://suntimes.com/
Effective URL:
https://chicago.suntimes.com/
Submission: On March 17 via automatic, source alexatop100k (March 17th 2019, 10:38:05 pm UTC)

Summary HTTP 166 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 43 IPs in 4 countries across 32 domains to perform 166 HTTP transactions. The main IP is 192.0.78.12, located in San Francisco, United States and belongs to AUTOMATTIC - Automattic, Inc, US. The main domain is chicago.suntimes.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 26th 2019. Valid for: 3 months.

This is the only time chicago.suntimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.0.79.33 192.0.79.33	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1 1	192.0.78.13 192.0.78.13	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
2	192.0.78.12 192.0.78.12	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	151.101.1.198 151.101.1.198	54113 (FASTLY) (FASTLY - Fastly)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	192.0.78.18 192.0.78.18	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
15	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
11	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	13.32.223.127 13.32.223.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2	2600:9000:200... 2600:9000:200d:f800:18:1fcd:348:2461	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::6818:6096	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
15	192.0.72.22 192.0.72.22	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2600:9000:200... 2600:9000:200d:e200:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
12	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
2	192.229.233.123 192.229.233.123	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY - Fastly)
5	2606:2800:233... 2606:2800:233:9d9:186a:1821:7f8:93e	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2606:2800:133... 2606:2800:133:9a:24ed:9b6:1020:2655	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4	178.162.133.151 178.162.133.151	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2a04:4e42:1d:... 2a04:4e42:1d::729	54113 (FASTLY) (FASTLY - Fastly)
1 1	185.94.180.127 185.94.180.127	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2.18.232.234 2.18.232.234	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	2600:9000:200... 2600:9000:200d:d400:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
25	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	159.180.84.2 159.180.84.2	33047 (INSTART) (INSTART - Instart Logic)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
3	52.19.153.98 52.19.153.98	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
10	54.144.48.113 54.144.48.113	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
2	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
5	34.236.4.254 34.236.4.254	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
3	18.214.27.130 18.214.27.130	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
166	43

1 192.0.79.33 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

suntimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.13 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

chicago.suntimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.78.12 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

chicago.suntimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.198 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

mtrx.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.18 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

r-login.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

s1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.223.127 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-127.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

suntimes-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200d:f800:18:1fcd:348:2461 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6818:6096 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.72.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

suntimesmedia.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:e200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

0.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.123 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cloud.typenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (European Union)

ASN54113 (FASTLY - Fastly, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:233:9d9:186a:1821:7f8:93e (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:9a:24ed:9b6:1020:2655 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.162.133.151 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-xcp.go.sonobi.com

keymaker.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1d::729 (European Union)

ASN54113 (FASTLY - Fastly, US)

assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.127 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

js.spotx.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.234 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-234.deploy.static.akamaitechnologies.com

cdn.spotxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:d400:1:a3fa:7cc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.180.84.2 (United States)

ASN33047 (INSTART - Instart Logic, Inc, US)

cdn.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.19.153.98 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-153-98.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.144.48.113 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-144-48-113.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.236.4.254 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-4-254.compute-1.amazonaws.com

jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.214.27.130 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-214-27-130.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	390 KB
19	wp.com s1.wp.com s2.wp.com s0.wp.com stats.wp.com pixel.wp.com	479 KB
16	wordpress.com r-login.wordpress.com suntimesmedia.files.wordpress.com	359 KB
13	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net	109 KB
12	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	39 KB
11	googletagservices.com www.googletagservices.com	162 KB
7	sonobi.com mtrx.go.sonobi.com apex.go.sonobi.com keymaker.go.sonobi.com	21 KB
5	jwpltx.com jwpltx.com	515 B
5	spotxchange.com 1 redirects sync.search.spotxchange.com search.spotxchange.com	16 KB
5	jwpcdn.com ssl.p.jwpcdn.com	134 KB
4	suntimes.com 2 redirects suntimes.com chicago.suntimes.com	43 KB
3	chartbeat.net ping.chartbeat.net	504 B
3	postrelease.com jadserve.postrelease.com	2 KB
3	jwpsrv.com assets-jpcust.jwpsrv.com g.jwpsrv.com	90 KB
3	gravatar.com 0.gravatar.com	9 KB
3	google.com 1 redirects www.google.com	307 B
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	31 KB
3	openx.net 1 redirects suntimes-d.openx.net eu-u.openx.net	57 KB
2	digitru.st cdn.digitru.st	10 KB
2	jwplayer.com 1 redirects entitlements.jwplayer.com cdn.jwplayer.com	622 B
2	facebook.com www.facebook.com	251 B
2	facebook.net connect.facebook.net	60 KB
2	typenetwork.com cloud.typenetwork.com	80 KB
2	google.de www.google.de adservice.google.de	284 B
2	sail-horizon.com ak.sail-horizon.com	82 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	spotxcdn.com cdn.spotxcdn.com	57 KB
1	spotx.tv 1 redirects js.spotx.tv	661 B
1	ntv.io s.ntv.io	77 KB
1	jwplatform.com content.jwplatform.com	32 KB
1	npttech.com www.npttech.com	3 KB
1	googletagmanager.com www.googletagmanager.com	19 KB
166	32

	Domain	Requested by
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net chicago.suntimes.com
15	suntimesmedia.files.wordpress.com	chicago.suntimes.com
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net chicago.suntimes.com
11	www.googletagservices.com	chicago.suntimes.com securepubads.g.doubleclick.net
10	www.i.matheranalytics.com	chicago.suntimes.com
9	s1.wp.com	chicago.suntimes.com
5	jwpltx.com	chicago.suntimes.com
5	ssl.p.jwpcdn.com	content.jwplatform.com
4	keymaker.go.sonobi.com	mtrx.go.sonobi.com
4	s2.wp.com	chicago.suntimes.com
3	ping.chartbeat.net
3	search.spotxchange.com	cdn.spotxcdn.com chicago.suntimes.com content.jwplatform.com
3	pixel.wp.com	chicago.suntimes.com
3	jadserve.postrelease.com	s.ntv.io chicago.suntimes.com
3	0.gravatar.com	chicago.suntimes.com s1.wp.com
3	www.google.com	1 redirects chicago.suntimes.com
3	chicago.suntimes.com	1 redirects s1.wp.com
2	pagead2.googlesyndication.com
2	eu-u.openx.net	1 redirects suntimes-d.openx.net
2	sync.search.spotxchange.com	1 redirects chicago.suntimes.com
2	cdn.digitru.st	cdn.spotxcdn.com cdn.digitru.st
2	assets-jpcust.jwpsrv.com	chicago.suntimes.com
2	www.facebook.com	chicago.suntimes.com connect.facebook.net
2	apex.go.sonobi.com	mtrx.go.sonobi.com
2	js.matheranalytics.com	1 redirects chicago.suntimes.com
2	connect.facebook.net	chicago.suntimes.com connect.facebook.net
2	cloud.typenetwork.com	chicago.suntimes.com
2	s0.wp.com	chicago.suntimes.com
2	static.chartbeat.com	chicago.suntimes.com s1.wp.com
2	ak.sail-horizon.com	chicago.suntimes.com www.googletagmanager.com
2	www.google-analytics.com	chicago.suntimes.com
1	g.jwpsrv.com	ssl.p.jwpcdn.com
1	cdn.jwplayer.com	1 redirects
1	cdn.spotxcdn.com	chicago.suntimes.com
1	js.spotx.tv	1 redirects
1	entitlements.jwplayer.com	content.jwplatform.com
1	mab.chartbeat.com	static.chartbeat.com
1	stats.wp.com	chicago.suntimes.com
1	s.ntv.io	chicago.suntimes.com
1	adservice.google.de	www.googletagservices.com
1	content.jwplatform.com	chicago.suntimes.com
1	www.google.de	chicago.suntimes.com
1	stats.g.doubleclick.net	1 redirects
1	www.npttech.com	chicago.suntimes.com
1	www.googletagmanager.com	chicago.suntimes.com
1	suntimes-d.openx.net	chicago.suntimes.com
1	r-login.wordpress.com	chicago.suntimes.com
1	mtrx.go.sonobi.com	chicago.suntimes.com
1	suntimes.com	1 redirects
166	49

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
legacy.suntimes.com
marketplace.suntimes.com
suntimes.com
31bullets.suntimes.com
graphics.suntimes.com
games.chicago.suntimes.com
elections.suntimes.com
suntimeshighschoolsports.com
goo.gl
career-advice.local-jobs.monster.com
suntiservices.dticloud.com
home-c4.incontact.com
advertising.suntimes.com
nl.newsbank.com
suntimesreprints.com
chicagosuntimes.mycapture.com
secure.iwantmytvmagazine.com
chicagosuntimesnie.newspaperdirect.com
chicago-sun-times.myshopify.com
www.instagram.com
www.youtube.com
play.google.com
itunes.apple.com
link.suntimes.com
chicagosuntimes.pressreader.com
vip.wordpress.com

Subject Issuer	Validity	Valid
chicago.suntimes.com Let's Encrypt Authority X3	`2019-01-26` - `2019-04-26`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.wordpress.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
ak.sail-horizon.com Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2018-04-02` - `2019-04-18`	a year	crt.sh
sni101653.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-02-22` - `2019-08-31`	6 months	crt.sh
www.google.de Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
jwplayer.com Amazon	`2019-01-23` - `2020-02-23`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.gravatar.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2018-06-12` - `2019-12-11`	a year	crt.sh
*.typenetwork.com COMODO RSA Domain Validation Secure Server CA	`2018-06-04` - `2019-07-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-01-21` - `2019-04-21`	3 months	crt.sh
js.matheranalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-04-07` - `2019-04-07`	2 years	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-03-12` - `2019-09-12`	6 months	crt.sh
*.longtailvideo.com DigiCert SHA2 Secure Server CA	`2017-10-21` - `2020-10-28`	3 years	crt.sh
s2.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-08-31` - `2020-04-23`	2 years	crt.sh
a3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-03-15` - `2019-10-13`	7 months	crt.sh
cdn.spotxcdn.com GeoTrust RSA CA 2018	`2018-05-01` - `2019-05-01`	a year	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
cdn.digitru.st DigiCert SHA2 Secure Server CA	`2018-05-17` - `2019-05-22`	a year	crt.sh
sync.search.spotxchange.com GeoTrust RSA CA 2018	`2018-02-20` - `2019-05-25`	a year	crt.sh
*.postrelease.com Amazon	`2018-04-25` - `2019-05-25`	a year	crt.sh
www.i.matheranalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-12-10` - `2020-02-08`	2 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2018-02-27` - `2019-03-25`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
jwpltx.com Amazon	`2018-07-24` - `2019-08-24`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://chicago.suntimes.com/
Frame ID: 46C4743B0CAEEDE892E75C4961878FFC
Requests: 111 HTTP requests in this frame

Frame: https://g.jwpsrv.com/g/gcid-0.1.0.html?aid=BpN2nBvQEeiNRApVuA4vVw&id=ATGSYzvL&emi=1ehxrsd44s0u&pli=puqv2enyjxvx&pv=8.7.6&tv=3.7.0
Frame ID: 96202CFDF4BA24D1079E1E743FD32C8A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js
Frame ID: 3F498EC5C790FC73AB49E069B2CD36FA
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js
Frame ID: 8FB6511C8C6254221414A99F4894D65D
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/14146934182773512403
Frame ID: 84D530B601DE2FBC3FD1F823EA5A6C61
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/14146934182773512403
Frame ID: 20B44C3194A77A7A80B460BEE873C285
Requests: 7 HTTP requests in this frame

Frame: https://cdn.digitru.st/prod/1.5.27/dt.html
Frame ID: 94FE7CF8FAFDF172ABEA037B17ECE2B0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C3CCA48D4FFCC0210B6EF9A8FABE4AD4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js
Frame ID: B398059B095B173BC047887BC63CCE14
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js
Frame ID: CC01DAC0D5A336C2C3055307035D3979
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js
Frame ID: 08EB54D73F34273517B77ECC11883AA3
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/14146934182773512403
Frame ID: 11BD4C8015CCE96E9FA05E98449FBD6E
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=1ce0127a-7664-431a-90aa-5f8a0105f4a8
Frame ID: 2C66302B4B680679CFC396F6CCEB59FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://suntimes.com/ HTTP 301
http://chicago.suntimes.com/ HTTP 301
https://chicago.suntimes.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+s\d+\.wp\.com/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+s\d+\.wp\.com/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^_sf_(?:endpt|async_config)$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^Gravatar$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^SWFObject$/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

166
Requests

95 %
HTTPS

43 %
IPv6

32
Domains

49
Subdomains

43
IPs

4
Countries

2378 kB
Transfer

6160 kB
Size

17
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thechicagosuntimes

Search URL Search Domain Scan URL

URL: https://twitter.com/suntimes

Search URL Search Domain Scan URL

URL: http://legacy.suntimes.com/obituaries/chicagosuntimes/
Title: Death Notices

Search URL Search Domain Scan URL

URL: http://marketplace.suntimes.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://suntimes.com/fran-show
Title: Fran Show

Search URL Search Domain Scan URL

URL: https://31bullets.suntimes.com/
Title: 31 Bullets

Search URL Search Domain Scan URL

URL: https://graphics.suntimes.com/homicides
Title: Homicides

Search URL Search Domain Scan URL

URL: http://games.chicago.suntimes.com/
Title: Games

Search URL Search Domain Scan URL

URL: https://elections.suntimes.com/results/
Title: Primary Results

Search URL Search Domain Scan URL

URL: http://suntimeshighschoolsports.com/
Title: High School Sports

Search URL Search Domain Scan URL

URL: https://goo.gl/forms/oH62ew7ljVRYibT93
Title: Advertising

Search URL Search Domain Scan URL

URL: http://career-advice.local-jobs.monster.com/?wt.mc_n=hjnpcaradvcovlet&ch=NEWSCHISUN
Title: Find jobs at Monster.com

Search URL Search Domain Scan URL

URL: http://suntiservices.dticloud.com/cgi-bin/cmo_cmo.sh/custservice/web/login.html?siteid=CST
Title: Manage Home Delivery

Search URL Search Domain Scan URL

URL: https://home-c4.incontact.com/inContact/ChatClient/ChatClientPatron.aspx?poc=c1874fa6-0ba5-4e96-ae5c-7c0cc664c042&bu=4592899
Title: Delivery Issues

Search URL Search Domain Scan URL

URL: http://advertising.suntimes.com/
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: http://nl.newsbank.com/sites/cstb/
Title: Search Archives

Search URL Search Domain Scan URL

URL: http://suntimesreprints.com/
Title: Licensing

Search URL Search Domain Scan URL

URL: http://chicagosuntimes.mycapture.com/mycapture/index.asp
Title: Order Photos

Search URL Search Domain Scan URL

URL: http://suntimes.com/subscribe/
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://suntimes.com/newsletters
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://secure.iwantmytvmagazine.com/order/zipcode/1
Title: TV Weekly

Search URL Search Domain Scan URL

URL: http://suntimes.com/backissues
Title: Order Back Issues

Search URL Search Domain Scan URL

URL: http://chicagosuntimesnie.newspaperdirect.com/epaper/viewer.aspx
Title: NIE

Search URL Search Domain Scan URL

URL: https://chicago-sun-times.myshopify.com/
Title: Sun-Times Shop

Search URL Search Domain Scan URL

URL: https://www.instagram.com/chicagosuntimes/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvU3ALK4osa_RV4znIToB2Q

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aggrego.Chicago.il&hl=en_US
Title: <img src="https://s2.wp.com/wp-content/themes/vip/chicagosuntimes/assets/images/google-play-badge.png">

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/chicago-sun-times-news/id930568136?mt=8
Title: <img src="https://s2.wp.com/wp-content/themes/vip/chicagosuntimes/assets/images/appstore.svg">

Search URL Search Domain Scan URL

URL: https://advertising.suntimes.com/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: http://link.suntimes.com/join/5py/newslettersignup
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://legacy.suntimes.com/obituaries/chicagosuntimes/
Title: Death Notices

Search URL Search Domain Scan URL

URL: http://chicagosuntimes.pressreader.com/
Title: Today’s E-paper

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=chicago.suntimes.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://suntimes.com/ HTTP 301
http://chicago.suntimes.com/ HTTP 301
https://chicago.suntimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-52083976-1&cid=162745238.1552862266&jid=2084935228&gjid=2118244272&_gid=845206994.1552862266&_u=IGBAgEAD~&z=1023922046 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52083976-1&cid=162745238.1552862266&jid=2084935228&_v=j73&z=1023922046 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52083976-1&cid=162745238.1552862266&jid=2084935228&_v=j73&z=1023922046&slf_rd=1&random=854059359

Request Chain 37

https://js.matheranalytics.com/s/ma19714/535046800/ml.js?cb=1498 HTTP 301
https://js.matheranalytics.com/static/ltm/ma19714/535046800/6/ml.br.js

Request Chain 52

https://js.spotx.tv/directsdk/v1/232384.js HTTP 307
https://cdn.spotxcdn.com/integration/directsdk/v1/directsdk.js

Request Chain 53

https://cdn.jwplayer.com/thumbs/ATGSYzvL-720.jpg HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/r05jgt2q-720.jpg

Request Chain 61

https://sync.search.spotxchange.com/partner?source=dados HTTP 302
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=4a21acbe-4905-11e9-b72c-1bbe6fc51d06

Request Chain 153

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=1ce0127a-7664-431a-90aa-5f8a0105f4a8 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=1ce0127a-7664-431a-90aa-5f8a0105f4a8

166 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
chicago.suntimes.com/
Redirect Chain

https://suntimes.com/
http://chicago.suntimes.com/
https://chicago.suntimes.com/

267 KB
41 KB

175ms
140ms

Document
text/html

192.0.78.12
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.12 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

1fe06a4e8619818e12f11e6d850526a46fd2b61af10b05abe7e339c486680757

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:method: GET
:authority: chicago.suntimes.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
date: Sun, 17 Mar 2019 22:37:46 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=86400
vary: Accept-Encoding Cookie
last-modified: Sun, 17 Mar 2019 22:37:14 GMT
cache-control: max-age=268, must-revalidate
x-nananana: Batcache
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
link: <https://wp.me/7fJAs>; rel=shortlink
content-encoding: gzip
x-ac: 1.fra _dfw

Redirect headers

Server: nginx
Date: Sun, 17 Mar 2019 22:37:45 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://chicago.suntimes.com/
X-ac: 1.fra _dfw

GET
H/1.1 200
OK morpheus.chicagosuntimes.5552.js Show response
mtrx.go.sonobi.com/ 47 KB
17 KB 81ms
17ms Script
application/javascript 151.101.1.198
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://mtrx.go.sonobi.com/morpheus.chicagosuntimes.5552.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.198 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59151e27c8c8df5cc15992c2609fbdfc259c01c46568bff0c44d45f62559e1a

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:46 GMT
Content-Encoding: gzip
X-Cache-Hits: 1
Age: 2322
x-amz-meta-configid: 2067
X-Cache: HIT
x-amz-meta-surrogate-key: f41335e28f
Content-Length: 16486
Connection: keep-alive
x-amz-request-id: B129D9844635A636
x-amz-id-2: SQYkkdYiNO834+WsnlD8hofEbGxWXkVp04mPOyi2tx55H5FNyXVQpd18ByZbmzWAZMm/2aKnhk0=
X-Served-By: cache-fra19141-FRA
Last-Modified: Wed, 15 Aug 2018 18:28:45 GMT
Server: AmazonS3
X-Timer: S1552862266.169214,VS0,VE0
x-amz-meta-versionnumber: 3.29.2
ETag: "2931f4a95768208fb583f9ee619fec5c"
Vary: Accept-Encoding
x-amz-version-id: KRSSnEVmNNhN0nmsj.yGvKv3i6pBCTak
Via: 1.1 varnish
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Type: application/javascript
x-amz-meta-buildnumber: 796

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 3052
date: Sun, 17 Mar 2019 21:46:54 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Sun, 17 Mar 2019 23:46:54 GMT

GET
H2 200 remote-login.php Show response
r-login.wordpress.com/ 0
66 B 44ms
10ms Script
text/javascript 192.0.78.18
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://r-login.wordpress.com/remote-login.php?action=js&host=chicago.suntimes.com&id=107184512&t=1552862234&back=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.78.18 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sun, 17 Mar 2019 22:37:46 GMT
server: nginx
content-length: 0
vary: Cookie
content-type: text/javascript

GET
H2 200 /
s1.wp.com/_static/ 482 KB
85 KB 48ms
13ms Stylesheet
text/css 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/_static/??-eJydUltOwzAQvBCORdMW8YE4i+1snaV+ybtulNvjJG0RECKVn2h2NDP2bCyHJEwMDIGlLyK5YjGQHJKJXpBHB+OPqTFET3LdhuGEAXm8g7sYg3GlA5KVkB0SS+2iOQuHOqs8SuLRQeMxbMWbmKHyPimeFB46VODAV9mWzafjzTXBXpnzZoulrtYpA5GoX4/FC+7rQb99Cy0vmKTp0SgbqQTGiVNEwEvjC4QuZnmKJXSKMYbVqg9mBRZqAIp+fXEPpQ2gqj7P1BULrEn/LTyrtry3ZZNCx30uom12y+nYWeCGiiaTUV9DUIbI84XuYOsXWoiivq951d8GcXIK85Y1Q32ZtkI7X+dr/KtNv5fWRa3cJHj3b8+Hw27/enxp249Pk/ZF2Q==?cssminify=yes
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 4593da55354291d75b953bd98a3d2ba5033e56ad67b8b264bc03c9fc0606435b

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2019 17:13:19 GMT
server: nginx
etag: W/"5c893a2f-7863b"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sun, 15 Mar 2020 19:08:37 GMT

GET
H2 200 / Show response
s1.wp.com/_static/ 155 KB
49 KB 45ms
13ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/_static/??-eJyFzkEKAjEMBdAL2ak6duFCPEutcUidpLVJHfT0dkAXwqAQ+Iv/4MdO2SCHsZ5BbGx3q1Ae7+iirOwvYAiH4hU6Qv7gkFiBdbY5iRKI+AEWWkonHMFUgdIAa5u5pAX3/RLyHWH6yyJo9uFqCgg+5/UjHTbOrbe7fd+7+AI4w1vP
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: da535028787edcb1f2c0d4a2c778fbdd166974505e578ad2237a4e7eae8488b1

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
last-modified: Fri, 15 Feb 2019 16:51:45 GMT
server: nginx
etag: W/"5c66ee21-26d18"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 15 Feb 2020 16:51:50 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 32 KB
11 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?ver=5.1.1

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3a80b900c538dce6ded080e90ee6a3e25c9264181192f962dc62959412020681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "110 / 896 of 1000 / last-modified: 1552592184"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10800
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:46 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 112 KB
41 KB 96ms
12ms Script
text/javascript 13.32.223.127
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.1.1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.223.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-223-127.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 844c37a72e87bef80e24829f54a4b824c29424cc89e2de915eb8b5f18342bcb2

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:28:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 17:51:32 GMT
server: Apache
age: 531
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=600; must-revalidate
accept-ranges: bytes
content-length: 41520
via: 1.1 4212187803e21d93459a7f54ccbb680a.cloudfront.net (CloudFront)
x-amz-cf-id: KFPwMYOCIqWrlRj42otmDbuQu264vex_izTITapWwPru8Fjl0LIYJQ==

GET
H2 200 / Show response
s2.wp.com/_static/ 40 KB
10 KB 57ms
25ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.wp.com/_static/??-eJylz00SgjAMhuELWTIi+LNwPEumVFqEJNOkeH0Bt65wm5n3mS/wFueZLJCBxTAFhTkJyFj6RAqKabSYiztVNQwKhn016AF+Vz4mjz1rIUvrDVWD6drNgTrOIAmJnWTudilezX2JZ966zmkR4Wy7uLCsMmcZ/SvRX39hMd6cBXlM92Pb3JpL3V7Pwwf97oSW
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 2ba304a2957a41ee7faa3eb851a4fef0df915f757420c3a9093295b31fabc625

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2019 17:43:36 GMT
server: nginx
etag: W/"5c5b1cc8-a139"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Wed, 26 Feb 2020 17:28:24 GMT

GET
H2 200 jstag Show response
suntimes-d.openx.net/w/1.0/ 165 KB
56 KB 80ms
33ms Script
text/javascript 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://suntimes-d.openx.net/w/1.0/jstag?nc=61924087-suntimes
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash: 63d15804964b7f4dcf146cc346845e0243e0aa00f1d95f2833792937cba211fd

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
server: OXGW/16.121.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
content-length: 57525
expires: Sun, 17 Mar 2019 23:37:46 GMT

GET
H2 200 / Show response
s1.wp.com/_static/ 15 KB
5 KB 43ms
13ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/_static/??/wp-content/themes/vip/plugins/sailthru-3.2/js/widget.subscribe.js,/wp-includes/js/spin.js,/wp-includes/js/jquery/jquery.spin.js?m=1525740012j
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: dbd4dd75eeb8646ebb99897f3538de2d7d6ba7e4fe128c6b05273194cd5e3ef0

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
last-modified: Tue, 08 May 2018 00:41:07 GMT
server: nginx
etag: W/"5af0f223-3aeb"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Sat, 25 Jan 2020 16:02:41 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 18 KB
8 KB 56ms
7ms Script
application/x-javascript 2600:9000:200d:f800:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:f800:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b48ef5a7bc3d64c9e962bd440b6071266a0b7fa786f5c9556e283d025ead506b

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 13:14:53 GMT
content-encoding: gzip
last-modified: Thu, 25 Oct 2018 02:07:51 GMT
server: nginx
age: 33773
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-id: qL0AkPl5uz9X-nXY4pBFmsLITRSoJWpHCZyUlKsOhQrMJaOZXrnnxw==
via: 1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
expires: Mon, 18 Mar 2019 13:14:53 GMT

GET
H2 200 cst-masthead.png
s2.wp.com/wp-content/themes/vip/chicagosuntimes/ 20 KB
20 KB 14ms
12ms Image
image/png 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.wp.com/wp-content/themes/vip/chicagosuntimes/cst-masthead.png
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 3953f8b2e4900d568c54605b38b3a91f7e2304755b01cb4353516c071d6423d0

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
x-ac: 4.fra _dfw
last-modified: Wed, 16 Jan 2019 19:09:11 GMT
server: nginx
etag: "5c3f8157-50ea"
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20714
expires: Thu, 16 Jan 2020 19:11:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 52 KB
19 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VPTL3X

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

95a6bc60e98c7aaa18f772d6cd0f8c1c97e2f8da6484c34740f4f2e5332df6f8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: br
last-modified: Fri, 15 Mar 2019 00:54:05 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 19494
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:46 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 8 KB
3 KB 85ms
11ms Script
application/javascript 2606:4700:30::6818:6096
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6096 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5535d12071a480400af9fd891c5e980ea36e54a42f67c4df0bfa688621d1c0

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5039E5BEDDAD852F
cf-ray: 4b92740c4c3763c1-FRA
status: 200
x-amz-id-2: XYefsU+KJgYTdLUQJnPt0ryxXemas4Leo01BvRoOGCYISoJkoI/GY1gVKpxo2w6HnJNp15pGRc0=
last-modified: Thu, 17 Jan 2019 08:45:03 GMT
server: cloudflare
etag: W/"7e36d059b89e6d35d90009094934717f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LEic8AFT.49sTuWKFWiKrRpk84yn0Q2c
cache-control: public, max-age=28800
content-type: application/javascript
expires: Mon, 18 Mar 2019 06:37:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 32 KB
11 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3a80b900c538dce6ded080e90ee6a3e25c9264181192f962dc62959412020681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "110 / 464 of 1000 / last-modified: 1552592184"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10800
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:46 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j73&a=1519018434&t=pageview&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2F&ul=en-us&de=UTF-8&dt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAD~&jid=2084935228&gjid=2118244272&cid=162745238.1552862266&tid=UA-52083976-1&_gid=845206994.1552862266&z=1542116832

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2019 00:45:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 769913
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-52083976-1&cid=162745238.1552862266&jid=2084935228&gjid=2118244272&_gid=845206994.1552862266&_u=IGBAgEAD~&z=1023922046
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52083976-1&cid=162745238.1552862266&jid=2084935228&_v=j73&z=1023922046
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52083976-1&cid=162745238.1552862266&jid=2084935228&_v=j73&z=1023922046&slf_rd=1&random=854059359

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52083976-1&cid=162745238.1552862266&jid=2084935228&_v=j73&z=1023922046&slf_rd=1&random=854059359

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2019 22:37:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2019 22:37:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52083976-1&cid=162745238.1552862266&jid=2084935228&_v=j73&z=1023922046&slf_rd=1&random=854059359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
s1.wp.com/wp-includes/js/ 12 KB
4 KB 14ms
13ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1550249335h&ver=5.1.1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
server: nginx
etag: W/"5c66ee22-2f02"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Thu, 12 Mar 2020 09:54:25 GMT

GET
H2 200 southsideirish-031819-21-e1552856877958.jpg
suntimesmedia.files.wordpress.com/2019/03/ 106 KB
106 KB 67ms
20ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/southsideirish-031819-21-e1552856877958.jpg?w=763
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b732b5e51ea28a3766f56963423d489577fc43b0499accf2bcd77318d36e70d

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:46 GMT
last-modified: Sun, 17 Mar 2019 21:07:57 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 108316
expires: Fri, 19 Apr 2019 08:47:50 GMT

GET
H2 200 hqRhLnqw.js Show response
content.jwplatform.com/libraries/ 99 KB
32 KB 248ms
175ms Script
text/javascript 2600:9000:200d:e200:1:a3fa:7cc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/hqRhLnqw.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:e200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: 80b4a3b0625b8da34fcff5d37c79da8097678133cec053bfdec764cfc23c445f

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
server: openresty
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=150, max-stale=180
content-length: 32593
via: 1.1 1415e6a9d308119037d1fa89386da72a.cloudfront.net (CloudFront)
x-amz-cf-id: F28_1lcGlYJr7wErdJCQ71m3BA5wZXbrgU2-eovvgw_Uyl4fg8h2YQ==
expires: Sun, 17 Mar 2019 22:40:16 GMT

GET
H2 200 pubads_impl_319.js Show response
securepubads.g.doubleclick.net/gpt/ 160 KB
57 KB 42ms
42ms Script
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?ver=5.1.1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

sffe /

Resource Hash

cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 58724
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:46 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
175 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=chicago.suntimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?ver=5.1.1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 vip-powered-dark-long.png
s0.wp.com/wp-content/themes/vip/plugins/vip-do-not-include-on-wpcom/vip-powered-wpcom/images/ 8 KB
8 KB 13ms
12ms Image
image/png 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/wp-content/themes/vip/plugins/vip-do-not-include-on-wpcom/vip-powered-wpcom/images/vip-powered-dark-long.png
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f758aa731cb86c4be4f32ccb624388eac32974a41c0cd064bae98350af6581bc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
x-ac: 4.fra _dfw
last-modified: Sat, 31 Dec 2016 05:38:25 GMT
server: nginx
etag: "58674451-2153"
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8531
expires: Fri, 22 Nov 2019 08:30:33 GMT

GET
H2 200 ads.js Show response
s2.wp.com/wp-content/themes/vip/chicagosuntimes/assets/js/ 121 B
190 B 8ms
7ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.wp.com/wp-content/themes/vip/chicagosuntimes/assets/js/ads.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: dea0a65c803406d9e1e52b87dfc8c0e22ea8d17121677899c9b0819c20d39a32

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
server: nginx
etag: W/"5baa4afa-79"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Fri, 22 Nov 2019 08:31:47 GMT

GET
H2 200 gprofiles.js Show response
0.gravatar.com/js/ 20 KB
7 KB 19ms
12ms Script
application/x-javascript 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/js/gprofiles.js?ver=201911y
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
last-modified: Thu, 23 Aug 2018 15:01:14 GMT
server: nginx
etag: W/"5b7ecc3a-50bc"
content-type: application/x-javascript
status: 200
cache-control: max-age=604800
expires: Sun, 24 Mar 2019 22:37:46 GMT

GET
H2 200 wpgroho.js Show response
s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/ 582 B
365 B 12ms
12ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1380573781h
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
server: nginx
etag: W/"58674607-2f0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Fri, 22 Nov 2019 08:30:13 GMT

GET
H2 200 jetpack-carousel.css
s0.wp.com/wp-content/mu-plugins/carousel/ 22 KB
4 KB 15ms
8ms Stylesheet
text/css 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/carousel/jetpack-carousel.css?m=1524699534h&cssminify=yes
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: ff3ae511ad442902d07cda794ab776342099fc909a06e630b758bd9a99109b50

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
server: nginx
etag: W/"5ae111c8-6483"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Fri, 22 Nov 2019 08:30:13 GMT

GET
H2 200 tiled-gallery.css
s2.wp.com/wp-content/mu-plugins/tiled-gallery/ 1 KB
564 B 9ms
7ms Stylesheet
text/css 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.wp.com/wp-content/mu-plugins/tiled-gallery/tiled-gallery.css?m=1443731146h&cssminify=yes
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: b156b5d24f65e76cfff6123c837215362fd186996f49ebf793b0297fc37acfc1

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
server: nginx
etag: W/"57391276-950"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Fri, 22 Nov 2019 08:30:13 GMT

GET
H2 200 / Show response
s1.wp.com/_static/ 219 KB
57 KB 7ms
7ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/_static/??-eJylkFEOgjAMQC8kTCIa/TCeZW6FFVk7WYfi6QU/jJHEaPxr2peXl6pLyAyTAIlqorLQo4FwzZu4UC8nn7LQphopqhZPENU5QQKnybbQfYCRKiSU4Tm8s+LAj7oegzIOja45JhKcdjpGkDhV9UCWO1VxIqsFmXKP9I/Js4WO8DZL/0VinO7kCFqyilnmb/jK9YAyxx6CruGfnDD4vC9Gw8Hvi3W5WxXlZrts7nBPtmI=
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 2a3ee4b55b9288d8121054e54507071077c8d68671aa0183aebde9d6ee6c69b7

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
last-modified: Mon, 04 Feb 2019 21:11:26 GMT
server: nginx
etag: W/"5c58aa7e-36b99"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Tue, 04 Feb 2020 21:11:39 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 264 KB
77 KB 78ms
20ms Script
application/x-javascript 2.18.234.163
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b2460fb5aeffb7ec20dee81a7b45dd8cd818cfefa92fd5d88be6a8d984b3e101

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:46 GMT
Content-Encoding: gzip
x-amz-request-id: 3B9E75D6814E6775
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: GKzQRPJZAc+Pzuq6rPDeYIVPc9Yx1doU4qD3NWVqN+nsUiFaAAO/9uyo0lmSc0pNLPrPKYOvIhA=
Last-Modified: Fri, 08 Mar 2019 19:58:22 GMT
Server: AmazonS3
ETag: "7468428a69cdc2b2675256d2d421d935"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 / Show response
s1.wp.com/_static/ 375 KB
113 KB 8ms
7ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/_static/??-eJylkdFuwyAMRX9oBK3tqr1M+xaHeIkpAYRNovTr61ZqlanTpnZPgPE98r22czYuRcEodqwmh9pTZLsxE2Xr2ephIEJYhBw3nl/sSiADjnjpsW4gB33iGoXONWBG4QsBY5eKDdzUOCGFIaUDNyPFf9HguDAd8UfQygd0+m9aKHYEFix6M2nCUqhT7K32IEEKuMNzafg5B1iwGK45pyJPQUbQkVxrWEBuY1B0oZ5daQPPX6n16O7wV1eT+k/rWM/vXJDvXK2icFBSZQzWo2RNwFwLv2hkJtHUTBtU0FLpTCa0EXUHukmK/cPa/LeOAnamhxCwLN9fqvocP17fdu/b7W6/2fsT+i4jGQ==
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 5e35f0c4e70ab840d0b73ca8c6177ddeb6f9862ac7e33d0ee916ebdb2415a5f2

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 12:57:40 GMT
server: nginx
etag: W/"5c49b644-5db7a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.fra _dfw
expires: Fri, 24 Jan 2020 13:10:52 GMT

GET
H2 200 w.js Show response
stats.wp.com/ 13 KB
4 KB 28ms
7ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?59
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: df2f1b708c0dcd1b45b7924c9ee58a8374301fab275d46ea6b846ebddc0f67df

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
content-encoding: gzip
server: nginx
etag: W/"5c363707-4dba"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Thu, 09 Jan 2020 18:09:00 GMT

GET
H2 200 fontawesome-webfont.woff2
s1.wp.com/wp-content/themes/vip/chicagosuntimes/assets/fonts/ 75 KB
76 KB 62ms
17ms Font
application/font-woff2 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/wp-content/themes/vip/chicagosuntimes/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://s1.wp.com/_static/??-eJydUltOwzAQvBCORdMW8YE4i+1snaV+ybtulNvjJG0RECKVn2h2NDP2bCyHJEwMDIGlLyK5YjGQHJKJXpBHB+OPqTFET3LdhuGEAXm8g7sYg3GlA5KVkB0SS+2iOQuHOqs8SuLRQeMxbMWbmKHyPimeFB46VODAV9mWzafjzTXBXpnzZoulrtYpA5GoX4/FC+7rQb99Cy0vmKTp0SgbqQTGiVNEwEvjC4QuZnmKJXSKMYbVqg9mBRZqAIp+fXEPpQ2gqj7P1BULrEn/LTyrtry3ZZNCx30uom12y+nYWeCGiiaTUV9DUIbI84XuYOsXWoiivq951d8GcXIK85Y1Q32ZtkI7X+dr/KtNv5fWRa3cJHj3b8+Hw27/enxp249Pk/ZF2Q==?cssminify=yes
Origin: https://chicago.suntimes.com

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
x-ac: 4.fra _dfw
last-modified: Thu, 12 Apr 2018 19:25:32 GMT
server: nginx
access-control-allow-origin: *
etag: "5acfb2ac-12d68"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 77160
expires: Fri, 22 Nov 2019 08:30:34 GMT

GET
H2 200 /
cloud.typenetwork.com/projectLicenseWeb/11410/fontfile/woff2/ 40 KB
40 KB 80ms
13ms Font
application/font-woff2 192.229.233.123
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.typenetwork.com/projectLicenseWeb/11410/fontfile/woff2/?1edb66d7fc0370bf570607b9c85ccb4800dd9817

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.123 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

a037f203d8a9d4b2e988882b0aa28607e207ed6e34e5e5112c58fb09c66504a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://s1.wp.com/_static/??-eJydUltOwzAQvBCORdMW8YE4i+1snaV+ybtulNvjJG0RECKVn2h2NDP2bCyHJEwMDIGlLyK5YjGQHJKJXpBHB+OPqTFET3LdhuGEAXm8g7sYg3GlA5KVkB0SS+2iOQuHOqs8SuLRQeMxbMWbmKHyPimeFB46VODAV9mWzafjzTXBXpnzZoulrtYpA5GoX4/FC+7rQb99Cy0vmKTp0SgbqQTGiVNEwEvjC4QuZnmKJXSKMYbVqg9mBRZqAIp+fXEPpQ2gqj7P1BULrEn/LTyrtry3ZZNCx30uom12y+nYWeCGiiaTUV9DUIbI84XuYOsXWoiivq951d8GcXIK85Y1Q32ZtkI7X+dr/KtNv5fWRa3cJHj3b8+Hw27/enxp249Pk/ZF2Q==?cssminify=yes
Origin: https://chicago.suntimes.com

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
last-modified: Sun, 17 Mar 2019 16:11:41 GMT
server: ECS (fcn/41A4)
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
etag: "b2b275b7049696fa059c526a55accf28"
allow: GET, HEAD, OPTIONS
x-cache: HIT
content-type: application/font-woff2
status: 200
cache-control: public, max-age=86400
content-disposition: attachment; filename="Benton_Sans-Medium_unobfuscated_6jLDfyG_g5erfYm.woff2"
accept-ranges: bytes
content-length: 41232

GET
H2 200 weathericons-regular-webfont.woff
s1.wp.com/wp-content/themes/vip/chicagosuntimes/assets/css/vendor/weather/fonts/ 39 KB
40 KB 68ms
25ms Font
application/font-woff 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.wp.com/wp-content/themes/vip/chicagosuntimes/assets/css/vendor/weather/fonts/weathericons-regular-webfont.woff
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 94df7590b4dad14ca1d32dc0713d4fd8290def36b9019313898bf10546e09f4f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://s1.wp.com/_static/??-eJydUltOwzAQvBCORdMW8YE4i+1snaV+ybtulNvjJG0RECKVn2h2NDP2bCyHJEwMDIGlLyK5YjGQHJKJXpBHB+OPqTFET3LdhuGEAXm8g7sYg3GlA5KVkB0SS+2iOQuHOqs8SuLRQeMxbMWbmKHyPimeFB46VODAV9mWzafjzTXBXpnzZoulrtYpA5GoX4/FC+7rQb99Cy0vmKTp0SgbqQTGiVNEwEvjC4QuZnmKJXSKMYbVqg9mBRZqAIp+fXEPpQ2gqj7P1BULrEn/LTyrtry3ZZNCx30uom12y+nYWeCGiiaTUV9DUIbI84XuYOsXWoiivq951d8GcXIK85Y1Q32ZtkI7X+dr/KtNv5fWRa3cJHj3b8+Hw27/enxp249Pk/ZF2Q==?cssminify=yes
Origin: https://chicago.suntimes.com

Response headers

x-nc: HIT fra 32
date: Sun, 17 Mar 2019 22:37:46 GMT
x-ac: 4.fra _dfw
last-modified: Sat, 31 Dec 2016 05:35:05 GMT
server: nginx
access-control-allow-origin: *
etag: "58674389-9dd8"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 40408
expires: Fri, 22 Nov 2019 08:30:34 GMT

GET
H2 200 /
cloud.typenetwork.com/projectLicenseWeb/11411/fontfile/woff2/ 39 KB
39 KB 72ms
7ms Font
application/font-woff2 192.229.233.123
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.typenetwork.com/projectLicenseWeb/11411/fontfile/woff2/?1edb66d7fc0370bf570607b9c85ccb4800dd9817

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.123 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E2) /

Resource Hash

c7e86146e06562a96c483080700fad98a586aefcf762385e1900cf77a14546e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://s1.wp.com/_static/??-eJydUltOwzAQvBCORdMW8YE4i+1snaV+ybtulNvjJG0RECKVn2h2NDP2bCyHJEwMDIGlLyK5YjGQHJKJXpBHB+OPqTFET3LdhuGEAXm8g7sYg3GlA5KVkB0SS+2iOQuHOqs8SuLRQeMxbMWbmKHyPimeFB46VODAV9mWzafjzTXBXpnzZoulrtYpA5GoX4/FC+7rQb99Cy0vmKTp0SgbqQTGiVNEwEvjC4QuZnmKJXSKMYbVqg9mBRZqAIp+fXEPpQ2gqj7P1BULrEn/LTyrtry3ZZNCx30uom12y+nYWeCGiiaTUV9DUIbI84XuYOsXWoiivq951d8GcXIK85Y1Q32ZtkI7X+dr/KtNv5fWRa3cJHj3b8+Hw27/enxp249Pk/ZF2Q==?cssminify=yes
Origin: https://chicago.suntimes.com

Response headers

date: Sun, 17 Mar 2019 22:37:46 GMT
last-modified: Sun, 17 Mar 2019 16:11:41 GMT
server: ECS (fcn/40E2)
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
etag: "b2b275b7049696fa059c526a55accf28"
allow: GET, HEAD, OPTIONS
x-cache: HIT
content-type: application/font-woff2
status: 200
cache-control: public, max-age=86400
content-disposition: attachment; filename="Benton_Sans-Black_unobfuscated_vRMKyQ7_sX9drsR.woff2"
accept-ranges: bytes
content-length: 40020

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 52 KB
15 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15216
x-xss-protection: 0
pragma: private
x-fb-debug: iOqnL/g6no4V6yyiWl48y+nFKueWe3vSoVh70fh74G0OfxpXv1tAPRsDD65cD7GuFki3YzwWmf50Hhq/gu7VjQ==
date: Sun, 17 Mar 2019 22:37:46 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma19714/535046800/6/
Redirect Chain

https://js.matheranalytics.com/s/ma19714/535046800/ml.js?cb=1498
https://js.matheranalytics.com/static/ltm/ma19714/535046800/6/ml.br.js

121 KB
35 KB

13ms
13ms

Script
application/x-javascript

107.178.250.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma19714/535046800/6/ml.br.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.250.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 943f5d39bfef4095abf1044eb45e207bd3d19c092bfbc047a02a70bf78e4bcd1

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 15 Mar 2019 02:25:22 GMT
content-encoding: br
last-modified: Wed, 02 May 2018 01:52:32 GMT
server: nginx
age: 245545
etag: "a82a150637a3fd5d0691ecb30e464757"
vary: Accept-Encoding
x-cache: HIT Mon, 03 Dec 2018 15:56:10 GMT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=269200
alt-svc: clear
content-length: 35997
via: 1.1 google

Redirect headers

date: Sun, 17 Mar 2019 22:37:46 GMT
via: 1.1 google
server: nginx
location: https://js.matheranalytics.com/static/ltm/ma19714/535046800/6/ml.br.js
vary: Accept-Encoding
status: 301
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 7-gc-euw1-10901

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 112 KB
41 KB 9ms
7ms Script
text/javascript 13.32.223.127
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VPTL3X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.223.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-223-127.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 844c37a72e87bef80e24829f54a4b824c29424cc89e2de915eb8b5f18342bcb2

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:28:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 17:51:32 GMT
server: Apache
age: 531
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=600; must-revalidate
accept-ranges: bytes
content-length: 41520
via: 1.1 4212187803e21d93459a7f54ccbb680a.cloudfront.net (CloudFront)
x-amz-cf-id: jq48IkDjtS7rxhVIQd2T1MDGYoN6Hd5nDDYdhlJw2xF-eGei8Ytj5g==

GET
H2 200 146698685967099 Show response
connect.facebook.net/signals/config/ 186 KB
45 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/146698685967099?v=2.8.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3aea01d21314f4383950e0b67fd0367feb213d4c8174f005a774ad8b31e8689d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 45966
x-xss-protection: 0
pragma: public
x-fb-debug: NiDt4p7bgN5O5B1UNXex61LQBK6HedaZVe7TE11hX7jr9SsygKRGNP5LqyPSMT0tv2AWE93k62Pe6/bzqRflUQ==
date: Sun, 17 Mar 2019 22:37:47 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 171 B
477 B 175ms
120ms XHR
application/json 2a04:4e42::714
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=chicago.suntimes.com&domain=chicago.suntimes.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: ec85daec905c0c74609903f50693b2851b87af14053b2afa6b108c9ec53f89ea

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-cacheable: YES
x-backend: default
age: 0
x-cache: MISS, MISS
status: 200
x-cache-hits: 0
x-restarts: 0
content-length: 131
x-served-by: cache-fra19122-FRA
access-control-allow-origin: *
x-timer: S1552862267.115679,VS0,VE111
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 15 Mar 2019 22:37:47 GMT

GET
H2 200 vast.js Show response
ssl.p.jwpcdn.com/player/plugins/vast/v/8.5.5/ 86 KB
25 KB 46ms
8ms Script
text/plain 2606:2800:233:9d9:186a:1821:7f8:93e
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/vast/v/8.5.5/vast.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hqRhLnqw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F4E) /
Resource Hash: 244d721c38ca791849946459389242f68e88e25d25668b0a6511ceb1cbb13065

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
last-modified: Mon, 07 Jan 2019 22:24:25 GMT
server: ECAcc (frc/8F4E)
access-control-allow-origin: *
etag: "4c467ada62ec409c4672bdf1dc6b62d0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
status: 200
cache-control: max-age=31536000, immutable
content-length: 25850

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.7.6/ 48 KB
15 KB 58ms
20ms Script
text/plain 2606:2800:233:9d9:186a:1821:7f8:93e
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.7.6/jwpsrv.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hqRhLnqw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FAB) /
Resource Hash: cf830a73d4361d861f477d9d2cdab9bbd5a4acf8b2fca26c0099fd9d2914d36b

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2019 14:00:55 GMT
server: ECAcc (frc/8FAB)
access-control-allow-origin: *
etag: "da83f44e04f157dc010106d5959f17ed+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
status: 200
cache-control: max-age=900, immutable
content-length: 15127

GET
H2 200 gapro.js Show response
ssl.p.jwpcdn.com/player/plugins/gapro/v/2.1.4/ 3 KB
1 KB 60ms
22ms Script
text/plain 2606:2800:233:9d9:186a:1821:7f8:93e
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/gapro/v/2.1.4/gapro.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hqRhLnqw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F1B) /
Resource Hash: c731e9c3c9a4c2ca4638fdaacacdf19ee9ab70ef6e88751ee5c0396d91de31db

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
last-modified: Tue, 04 Dec 2018 22:38:05 GMT
server: ECAcc (frc/8F1B)
access-control-allow-origin: *
etag: "4b030d84f68290552d71323044e097bc+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
status: 200
cache-control: max-age=31536000, immutable
content-length: 1234

GET
H2 200 jwplayer.core.controls.html5.js Show response
ssl.p.jwpcdn.com/player/v/8.7.6/ 276 KB
71 KB 58ms
21ms Script
application/javascript 2606:2800:233:9d9:186a:1821:7f8:93e
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.7.6/jwplayer.core.controls.html5.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hqRhLnqw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F14) /
Resource Hash: a1002cd068947c33e0144e75071f557add407a4b8fd8b2cfa7c9d7ec1382ce14

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
last-modified: Thu, 14 Feb 2019 23:57:51 GMT
server: ECAcc (frc/8F14)
access-control-allow-origin: *
etag: "bb48ec0d830c685ea7f7f61a01e3de0b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31536000, immutable
content-length: 72537

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.7.6/ 97 KB
21 KB 50ms
12ms Script
application/javascript 2606:2800:233:9d9:186a:1821:7f8:93e
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.7.6/related.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hqRhLnqw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9d9:186a:1821:7f8:93e , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FF8) /
Resource Hash: 5694d39bd2bf481cb522236718e2499ff5fe9bf351c279d2240b49c3335332a8

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
last-modified: Thu, 14 Feb 2019 23:57:55 GMT
server: ECAcc (frc/8FF8)
access-control-allow-origin: *
etag: "aa3b4a65d32d694393c9db00f0370ce9+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31536000, immutable
content-length: 21866

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 471 B
738 B 183ms
131ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-sbb-1%22%3A%22970x90%22%2C%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-super-leaderboard-3%22%3A%22970x90%2C728x90%22%2C%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-super-leaderboard-4%22%3A%22970x90%2C728x90%22%2C%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-super-leaderboard-5%22%3A%22970x90%2C728x90%22%2C%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-super-leaderboard-2%22%3A%22970x250%2C970x90%2C728x90%22%7D&vp=desktop&pv=eab69325-54eb-4b3f-950d-088bda62fc71&ref=https%3A%2F%2Fchicago.suntimes.com%2F&lib_name=3pdm&lib_v=3.29.2

Requested by

Host: mtrx.go.sonobi.com
URL: https://mtrx.go.sonobi.com/morpheus.chicagosuntimes.5552.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

b0f51f39c6f9c9218414c6df9fbf19ba82a30e01db819e3fc31eb4b26f28b627

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2019 22:37:47 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://chicago.suntimes.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 142
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=146698685967099&ev=PageView&dl=https%3A%2F%2Fchicago.suntimes.com%2F&rl=&if=false&ts=1552862267295&sw=1600&sh=1200&v=2.8.42&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1552862267294.517363294&it=1552862267054&coo=false&rqm=GET
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
DATA 200
OK truncated
/ 253 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92

Request headers

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 BpN2nBvQEeiNRApVuA4vVw.json Show response
entitlements.jwplayer.com/ 20 B
210 B 54ms
9ms XHR
application/json 2606:2800:133:9a:24ed:9b6:1020:2655
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/BpN2nBvQEeiNRApVuA4vVw.json
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hqRhLnqw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:9a:24ed:9b6:1020:2655 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FAC) /
Resource Hash: 28fed41dac64047024297e339d968eba283835098b5649c3eaa29ee3153424bd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
last-modified: Sun, 17 Mar 2019 21:22:35 GMT
server: ECAcc (frc/8FAC)
status: 200
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=11880
accept-ranges: bytes
content-length: 46

POST
H/1.1 200
OK keymaker Show response
keymaker.go.sonobi.com/ 0
687 B 77ms
13ms XHR
text/plain 178.162.133.151
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://keymaker.go.sonobi.com/keymaker?pageviewid=8a2bc52364c2f1&corscred=1&ver=3.29.2

Requested by

Host: mtrx.go.sonobi.com
URL: https://mtrx.go.sonobi.com/morpheus.chicagosuntimes.5552.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.151 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-xcp.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2019 22:37:47 GMT
Server: sonobi-go
Cache-Control: no-cache, no-store, private
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Keymaker-Error: false
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 XxRkUJyO.png
assets-jpcust.jwpsrv.com/watermarks/ 1 KB
1 KB 250ms
162ms Image
image/png 2a04:4e42:1d::729
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/watermarks/XxRkUJyO.png
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1d::729 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: a621473d8a62864f9f1000349d2472c57cee4a33ebde6baf96187e48b4a477bf

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: irMFtNzqbYmUS4ktbyJTQaghT6tVkQ7N
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
date: Sun, 17 Mar 2019 22:37:47 GMT
content-length: 1202
via: 1.1 varnish
x-served-by: cache-cdg20745-CDG
last-modified: Wed, 05 Sep 2018 22:17:42 GMT
server: nginx
x-timer: S1552862268.517941,VS0,VE132
etag: "a9a4308934bb7e352a1d9045609ea454"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1

GET
H/1.1

200
OK

directsdk.js Show response
cdn.spotxcdn.com/integration/directsdk/v1/
Redirect Chain

https://js.spotx.tv/directsdk/v1/232384.js
https://cdn.spotxcdn.com/integration/directsdk/v1/directsdk.js

142 KB
57 KB

59ms
7ms

Script
text/javascript

2.18.232.234
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.234 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-234.deploy.static.akamaitechnologies.com
Software: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips /
Resource Hash: c6bc05c420f4f6814defcc0ad232f46482fcfc9e6f6af0ac740306e352b2ab73

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2019 20:13:24 UTC
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.1e-fips
ETag: 68f8440b6f619a4c350cd4347af86473
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=282
X-SpotX-Build-Version: 1.27.1-20190312.1909
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers
Content-Length: 57723

Redirect headers

Pragma: no-cache
Date: Sun, 17 Mar 2019 22:37:47 GMT
Last-Modified: Sun, 17 Mar 2019 22:37:47 GMT
Server: nginx
Location: https://cdn.spotxcdn.com/integration/directsdk/v1/directsdk.js
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://chicago.suntimes.com
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

r05jgt2q-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/thumbs/ATGSYzvL-720.jpg
https://assets-jpcust.jwpsrv.com/thumbnails/r05jgt2q-720.jpg

89 KB
89 KB

225ms
223ms

Image
image/jpeg

2a04:4e42:1d::729
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/r05jgt2q-720.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1d::729 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: b03039dcedd7e1bd98129d798cd4c2418857c488c64bb15e734197774c31d99e

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: RJs8bzsSTpr3nNoxevjzPGhRDP8GaAMC
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
date: Sun, 17 Mar 2019 22:37:47 GMT
content-length: 90964
via: 1.1 varnish
x-served-by: cache-cdg20745-CDG
last-modified: Fri, 15 Mar 2019 14:08:31 GMT
server: nginx
x-timer: S1552862268.681082,VS0,VE195
etag: "2b9305c2ce4cb52ffd5e0c8075c14357"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1

Redirect headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
server: openresty
access-control-allow-origin: *
location: https://assets-jpcust.jwpsrv.com/thumbnails/r05jgt2q-720.jpg
access-control-allow-methods: GET
content-type: image/jpeg
status: 302
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 20
via: 1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
x-amz-cf-id: I2g-5CfTiExoiG2wuJv7z9qzxaPvFlbJ7u_Co-7xCxJD5L6vb3uDyw==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 95 KB
13 KB 215ms
215ms XHR
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3252909278456755&correlator=539296272326408&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062818%2C21062888%2C21063016%2C21063115%2C21063167&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu_parts=61924087%2Cchicago.suntimes.com%2Cchicago.suntimes.com.index&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=2x2%7C970x90%2C970x90%7C728x90%2C970x90%7C728x90%2C970x90%7C728x90%2C970x250%7C970x90%7C728x90&prev_scp=pos%3Dsbb%7Cpos%3DSuper%2520Leaderboard%25203%7Cpos%3DSuper%2520Leaderboard%25204%7Cpos%3DSuper%2520Leaderboard%25205%7Cpos%3DSuper%2520leaderboard%25202%2520970x90&eri=1&cookie_enabled=1&bc=15&abxe=1&lmt=1552862234&dt=1552862267513&dlt=1552862266099&idt=296&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C140%2C140%2C140%2C308&adys=-9%2C2311%2C3112%2C4181%2C16&adks=1703760611%2C3551350997%2C3551350996%2C3551350999%2C4193948495&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fchicago.suntimes.com%2F&dssz=55&icsg=549766828032&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C970x90%7C970x90%7C970x90%7C1585x342&msz=0x-1%7C970x90%7C970x90%7C970x90%7C1585x282&blev=1&bisch=1&ga_vid=162745238.1552862266&ga_sid=1552862268&ga_hid=1519018434&fws=2%2C4%2C4%2C4%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2be2d2634bc1a99823a886b08261b24f043c5ac532282597d09d7429cabc14e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 13009
x-xss-protection: 1; mode=block
google-lineitem-id: 4843774464,4995909780,4927276487,4927276949,4927276958
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138248679757,138264576038,138263632398,138263897875,138263632467
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_319.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 39ms
39ms Script
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25393
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 204 gcid-0.1.0.html
g.jwpsrv.com/g/ Frame 9620 0
0 50ms
28ms Document
text/html 2a04:4e42:1d::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://g.jwpsrv.com/g/gcid-0.1.0.html?aid=BpN2nBvQEeiNRApVuA4vVw&id=ATGSYzvL&emi=1ehxrsd44s0u&pli=puqv2enyjxvx&pv=8.7.6&tv=3.7.0
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.7.6/jwpsrv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1d::729 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash

Request headers

:method: GET
:authority: g.jwpsrv.com
:scheme: https
:path: /g/gcid-0.1.0.html?aid=BpN2nBvQEeiNRApVuA4vVw&id=ATGSYzvL&emi=1ehxrsd44s0u&pli=puqv2enyjxvx&pv=8.7.6&tv=3.7.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://chicago.suntimes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/

Response headers

status: 204
retry-after: 0
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Sun, 17 Mar 2019 22:37:47 GMT
via: 1.1 varnish
x-served-by: cache-cdg20745-CDG
x-cache: HIT
x-cache-hits: 0
x-timer: S1552862268.595742,VS0,VE0
access-control-allow-origin: *
server: nginx/1.8.0

POST
H/1.1 200
OK keymaker Show response
keymaker.go.sonobi.com/ 0
691 B 14ms
13ms XHR
text/plain 178.162.133.151
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://keymaker.go.sonobi.com/keymaker?pageviewid=8a2bc52364c2f1&corscred=1&ver=3.29.2

Requested by

Host: mtrx.go.sonobi.com
URL: https://mtrx.go.sonobi.com/morpheus.chicagosuntimes.5552.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.151 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-xcp.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2019 22:37:47 GMT
Server: sonobi-go
Cache-Control: no-cache, no-store, private
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Keymaker-Error: false
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 370 B
675 B 234ms
233ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-rr-cube-100%22%3A%22300x600%2C300x250%22%2C%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-rr-cube-157%22%3A%22300x600%2C300x250%22%2C%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-rr-cube-158%22%3A%22300x600%2C300x250%22%2C%22%2F61924087%2Fchicago.suntimes.com%2Fchicago.suntimes.com.index%7Cdiv-gpt-super-leaderboard-6%22%3A%22970x90%2C728x90%22%7D&vp=desktop&pv=eab69325-54eb-4b3f-950d-088bda62fc71&ref=https%3A%2F%2Fchicago.suntimes.com%2F&lib_name=3pdm&lib_v=3.29.2

Requested by

Host: mtrx.go.sonobi.com
URL: https://mtrx.go.sonobi.com/morpheus.chicagosuntimes.5552.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a7d608269f36dfbc22fd6c6e1aa670536ebcbafca67382835f77730bd08ddd28

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2019 22:37:47 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://chicago.suntimes.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 144
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 digitrust.min.js Show response
cdn.digitru.st/prod/1/ 39 KB
10 KB 79ms
7ms Script
application/javascript 159.180.84.2
Instart Logic

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1/digitrust.min.js
Requested by: Host: cdn.spotxcdn.com
URL: https://cdn.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software: DTOrigin /
Resource Hash: 04594973f7a96b77780460442191015c23a0b97f553d7f336fc6c05971bb56bf

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 16 Mar 2019 16:01:46 GMT
content-encoding: gzip
age: 110161
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
x-instart-cache-id: 20:11203632172572749571::1552752105
content-length: 10158
last-modified: Tue, 12 Mar 2019 22:51:45 GMT
server: DTOrigin
etag: "c17ea2e1bb3038687ddb8bf0f67a8645"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-instart-request-id: 5409161444906932094:SEN01-CPVNPPRY13:1552862267:0
accept-ranges: bytes
expires: Sun, 17 Mar 2019 16:01:46 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=dados
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=4a21acbe-4905-11e9-b72c-1bbe6fc51d06

0
561 B

15ms
14ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=4a21acbe-4905-11e9-b72c-1bbe6fc51d06
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Sun, 17 Mar 2019 22:37:48 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 1
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Sun, 17 Mar 2019 22:37:47 GMT
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: /partner?source=dados&__user_check__=1&sync_id=4a21acbe-4905-11e9-b72c-1bbe6fc51d06
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 71
Connection: keep-alive
Content-Length: 0

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
953 B 317ms
228ms Script
text/javascript 52.19.153.98
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 12aa60f41582f7f1e84e7118c627c27117b2221a31cd816709a85161675aca7c

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2019 22:37:48 GMT
content-encoding: gzip
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 555
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H/1.1 200
OK keymaker Show response
keymaker.go.sonobi.com/ 0
687 B 15ms
14ms XHR
text/plain 178.162.133.151
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://keymaker.go.sonobi.com/keymaker?pageviewid=21b7def060b8ef6&corscred=1&ver=3.29.2

Requested by

Host: mtrx.go.sonobi.com
URL: https://mtrx.go.sonobi.com/morpheus.chicagosuntimes.5552.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.151 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-xcp.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2019 22:37:47 GMT
Server: sonobi-go
Cache-Control: no-cache, no-store, private
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Keymaker-Error: false
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame 3F49 29 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10974
x-xss-protection: 1; mode=block
server: cafe
etag: 14292188968202440633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/ Frame 3F49 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F49 77 KB
28 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 2353605352174730762
tpc.googlesyndication.com/simgad/ Frame 3F49 92 KB
92 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2353605352174730762

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

eeb4b205fe98a7dead88c8c20b375805984c314bf811c2b69a50b7fbf0d7975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 15:26:37 GMT
x-content-type-options: nosniff
age: 25870
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 94428
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Mar 2019 19:39:29 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Mar 2020 15:26:37 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
27 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27825
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame 8FB6 29 KB
11 KB 7ms
4ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10974
x-xss-protection: 1; mode=block
server: cafe
etag: 14292188968202440633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/ Frame 8FB6 2 KB
1 KB 7ms
4ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FB6 77 KB
28 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 14146934182773512403
tpc.googlesyndication.com/simgad/ Frame 8FB6 22 KB
22 KB 10ms
6ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14146934182773512403

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c5da057fac8cb4f344984accecabdc3d675c961d07548fcc9984dc11a4c4b117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Mar 2019 21:27:54 GMT
x-content-type-options: nosniff
age: 781793
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 22752
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2019 03:33:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Mar 2020 21:27:54 GMT

GET
H2 200 14146934182773512403
tpc.googlesyndication.com/simgad/ Frame 84D5 22 KB
22 KB 7ms
5ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14146934182773512403

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c5da057fac8cb4f344984accecabdc3d675c961d07548fcc9984dc11a4c4b117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Mar 2019 21:27:54 GMT
x-content-type-options: nosniff
age: 781793
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 22752
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2019 03:33:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Mar 2020 21:27:54 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame 84D5 29 KB
11 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10974
x-xss-protection: 1; mode=block
server: cafe
etag: 14292188968202440633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/ Frame 84D5 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84D5 77 KB
28 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 14146934182773512403
tpc.googlesyndication.com/simgad/ Frame 20B4 22 KB
22 KB 8ms
8ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14146934182773512403

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c5da057fac8cb4f344984accecabdc3d675c961d07548fcc9984dc11a4c4b117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Mar 2019 21:27:54 GMT
x-content-type-options: nosniff
age: 781793
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 22752
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2019 03:33:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Mar 2020 21:27:54 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame 20B4 29 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10974
x-xss-protection: 1; mode=block
server: cafe
etag: 14292188968202440633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/ Frame 20B4 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20B4 77 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F49 0
262 B 20ms
18ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNagfRAnlUbMsscsn-IVZa0JTtCUXxluVni908z5zv0hYl69ghJLVssQ5i8B5WzeExONxCp5wGOgQXYDxeQlAVvkFMDFFgCfO7f8KDJEwyRoOdQbSyGoUExj79b2uu1Q0zGO5-8I6t6Cz4DYrltgtwQahIOzTy14Hy2ZwKKyOOvR1ygUf4_RD3W-2AcoaokLOtfBRbEHGHF6lIQq9LCYwN9k0PYGgexfXbbJWpph-EbrTScoEFFBww7cor5bwi6PV1hIzCqDEGTlRkl9t1VQjD6Wrug_T0RJL5aGG0A8O5sCn2JQZD8yM&sai=AMfl-YQJjDVRkkfun0P7WAN8-v62GeGxUV7MfvKF0xG2YyWpKVDMjpntX75gJqsK0v48Gw382mFY2lB0ZpUvO0BQAvTVIdoKoWBtaBstAXSJ&sig=Cg0ArKJSzGRqO3l6HK5yEAE&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8FB6 0
261 B 19ms
19ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTymnML8nlSIRbnDZBdGGrKQ8ZIJhFQOIZ4LS4FfZiy5bfibJdKtjOZ0lHccmhZbzw0j1DdbJcKdKO0oFL6BLX5dUiMVJl0PSwbjyYc6EuNOcxC_Mbm8eXoQ8to1R0uON3vuPwURLywwuSBj1BNlvLmd-rXrMOAD15xEFXQNd5t2T_KwaAD2yly3mJsSzLN7p_B-b1mpFUoXyN1FjzHUxb404byBKaRtWyAYcFidUP6eDqJK-4FJZ1mpNdLZERD72RFO7Ba-0D-8tBdSBzZHwBelgCJ2DtGPCSho19xwPKswOy_Shx9vE&sai=AMfl-YRnJCMSVDKHiVL94dZZDuQwxunpYNkckCdHaczwFDG_vPaImTbhTIk2QxgoaxZ-gu-8Ztwjn0nW1qitn4BeyIeErlWzwHPB5Eay9ovM&sig=Cg0ArKJSzJY80JGFjFLZEAE&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 84D5 0
260 B 19ms
19ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4cdoYJovTzGdw3gopRjCCqeyneTQViS4frJUVSPY6p4lMiVsQGyNZGFiTBQBScnez0GXLPIQnV3JGFVC7elLkgDJ3_ar1ruImtmjKyCwtNmHtZv5I9RYftlDJkO34ME9-VPZ-30Xq2aHhTOyk9tTTk6qGNHd34gqolcT1w0u85_XjtDHLf7FX0O-vmh6WQFJ7_qvSLpTMir_ubg0OWf3GPezP7tcTAEYMOSbMuXBdqjANr8BDMXln7vGw05xACyfcvqOLOaR3zgjDGUU524pimR5lGb1ZeJuUYK88c75TpTsxBnlr_zk&sai=AMfl-YQ0n9fN3pQU-zLynmqvdWChq-04zs_-boOdo7y62HVNJJpsXU_hfMH_K0fdGrW94l7fQSHQ84IFsRfIj6XldrqpO0fEtsWqlM7D9KmF&sig=Cg0ArKJSzEiGw9PyXWSXEAE&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20B4 0
252 B 17ms
17ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQrH1r8wjRCDqsJLw4kpyNKeu2LZ3l8s7DruxiXH6r9OAxIlXCKn1_VnNe1VhZQ5fwSnV8EBF-YxNeezFLECKz6VS-OQRGg3hFDb8LlZl8_E-g87CP3IW24ECNzc3URGgN_jkuIuWUXynEbr_TeZz5_OKZioLLhLb9lBfT3CwoPvKwXn1khZywOBRxY6iwJgUa19enlbpAfA9my1GQLkbD5FC1U3fTtKbm2rmI1rGC2svzT-_WVtaeOePbV3nO8Y7UIVK_h5TttTSnRVBVlnDZHIjdB-zI34W5MT_abJU5B7iDnqmQ508&sai=AMfl-YR4whrkbdjHBLXDWBzDNv69dAIJUWy3QYimXLT5vYvFfgsBxM94k1_6hIO_QynHAqG1IIgDi3352ppAQV0QyvXG67VSRBKAl56Y8hdp&sig=Cg0ArKJSzIyOu3fT5CnKEAE&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
H2 200 / Show response
chicago.suntimes.com/cbstats/ 4 KB
1 KB 136ms
135ms Fetch
application/json 192.0.78.12
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://chicago.suntimes.com/cbstats/

Requested by

Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJylkdFuwyAMRX9oBK3tqr1M+xaHeIkpAYRNovTr61ZqlanTpnZPgPE98r22czYuRcEodqwmh9pTZLsxE2Xr2ephIEJYhBw3nl/sSiADjnjpsW4gB33iGoXONWBG4QsBY5eKDdzUOCGFIaUDNyPFf9HguDAd8UfQygd0+m9aKHYEFix6M2nCUqhT7K32IEEKuMNzafg5B1iwGK45pyJPQUbQkVxrWEBuY1B0oZ5daQPPX6n16O7wV1eT+k/rWM/vXJDvXK2icFBSZQzWo2RNwFwLv2hkJtHUTBtU0FLpTCa0EXUHukmK/cPa/LeOAnamhxCwLN9fqvocP17fdu/b7W6/2fsT+i4jGQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.12 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

9722d5a080dfb62ee22e7aec41446a70a34378dca6d34dd56d19beabd024c73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /cbstats/
pragma: no-cache
cookie: _ga=GA1.2.162745238.1552862266; _gid=GA1.2.845206994.1552862266; _gat_BNA=1; sbi_debug=false; OX_sd=1; _cb_ls=1; sailthru_pageviews=2; _fbp=fb.1.1552862267294.517363294; ntvSession={}; __gads=ID=613d7a02bae78c2b:T=1552862267:S=ALNI_MbNiu1RZiiUzdWhTyzvm47byaCROg
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: chicago.suntimes.com
referer: https://chicago.suntimes.com/
:scheme: https
:method: GET
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nananana: Batcache
date: Sun, 17 Mar 2019 22:37:48 GMT
content-encoding: gzip
last-modified: Sun, 17 Mar 2019 22:33:42 GMT
server: nginx
vary: Accept-Encoding Cookie
strict-transport-security: max-age=86400
content-type: application/json; charset=UTF-8
status: 200
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
cache-control: max-age=55, must-revalidate
x-ac: 1.fra _dfw
link: <https://wp.me/P7fJAs-2DDW>; rel=shortlink

GET
H2 200 hovercard.min.css
0.gravatar.com/dist/css/ 7 KB
2 KB 13ms
12ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/dist/css/hovercard.min.css?ver=201911y
Requested by: Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyFzkEKAjEMBdAL2ak6duFCPEutcUidpLVJHfT0dkAXwqAQ+Iv/4MdO2SCHsZ5BbGx3q1Ae7+iirOwvYAiH4hU6Qv7gkFiBdbY5iRKI+AEWWkonHMFUgdIAa5u5pAX3/RLyHWH6yyJo9uFqCgg+5/UjHTbOrbe7fd+7+AI4w1vP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-1a2e"
content-type: text/css
status: 200
cache-control: max-age=604800
expires: Sun, 24 Mar 2019 22:37:47 GMT

GET
H2 200 services.min.css
0.gravatar.com/dist/css/ 3 KB
589 B 13ms
13ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/dist/css/services.min.css?ver=201911y
Requested by: Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyFzkEKAjEMBdAL2ak6duFCPEutcUidpLVJHfT0dkAXwqAQ+Iv/4MdO2SCHsZ5BbGx3q1Ae7+iirOwvYAiH4hU6Qv7gkFiBdbY5iRKI+AEWWkonHMFUgdIAa5u5pAX3/RLyHWH6yyJo9uFqCgg+5/UjHTbOrbe7fd+7+AI4w1vP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
status: 200
cache-control: max-age=604800
expires: Sun, 24 Mar 2019 22:37:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
12 KB 86ms
85ms XHR
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3252909278456755&correlator=539296272326408&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21062818%2C21062888%2C21063016%2C21063115%2C21063167&vrg=319&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu_parts=61924087%2Cchicago.suntimes.com%2Cchicago.suntimes.com.index&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C970x90%7C728x90%2C1x1&prev_scp=pos%3Drr%2520cube%25201%7Cpos%3Drr%2520cube%25206%7Cpos%3Drr%2520cube%25207%7Cpos%3DSuper%2520leaderboard%25206%7Cpos%3D1x1&eri=1&cookie=ID%3D613d7a02bae78c2b%3AT%3D1552862267%3AS%3DALNI_MbNiu1RZiiUzdWhTyzvm47byaCROg&cookie_enabled=1&bc=15&abxe=1&lmt=1552862234&dt=1552862268043&dlt=1552862266099&idt=296&frm=20&biw=1585&bih=1200&oid=3&adxs=1136%2C1136%2C1136%2C308%2C0&adys=412%2C2228%2C3666%2C5480%2C5958&adks=3166600435%2C3166601038%2C3166601041%2C3551350998%2C421820486&ucis=b%7Cc%7Cd%7Ce%7Cf&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fchicago.suntimes.com%2F&dssz=75&icsg=721822941184&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=314x600%7C314x600%7C314x600%7C1585x131%7C1585x5959&msz=314x600%7C314x600%7C314x600%7C1585x131%7C1585x1&blev=1&bisch=1&psts=CjYIgMTYhRJA56seeAHoAc3ijYKDBIACt8GGHYACr8KGHYACz_W_KIACx5TAKNECogw9TGb0IT8%2CCjgIlJGezhJAtbjCsgF4AegBpoDYiYMEgAK3wYYdgAKvwoYdgALP9b8ogALHlMAo0QKBUL0ci6g4Og%2CCjsIx4vBrRJAp6A1UAJ4AdABAOgBjrSeiYMEgAK3wYYdgAKvwoYdgALP9b8ogALHlMAo0QI6qaPCs1IHrQ%2CCjsIlY_BrRJAp6A1UAJ4AdABAOgBk86uiYMEgAK3wYYdgAKvwoYdgALP9b8ogALHlMAo0QLPUIh3Z3XzQA%2CCjsIno_BrRJAp6A1UAJ4AdABAOgB07SeiYMEgAK3wYYdgAKvwoYdgALP9b8ogALHlMAo0QLCBni-Oa2TOQ&ga_vid=162745238.1552862266&ga_sid=1552862268&ga_hid=1519018434&fws=4%2C4%2C4%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

191f38ebbca729e2429b7d6d2176d92790d68cdc9267ccc137e8f363892c7799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com

Response headers

date: Sun, 17 Mar 2019 22:37:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 12081
x-xss-protection: 1; mode=block
google-lineitem-id: 4927276952,4926669282,4926669279,4927276967,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138263632494,138263588195,138263632491,138263631909,-2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dibs-cst-022314-01_44598851-e1552758108487.jpg
suntimesmedia.files.wordpress.com/2016/02/ 55 KB
55 KB 9ms
8ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2016/02/dibs-cst-022314-01_44598851-e1552758108487.jpg?w=640&h=480&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: cd819666328c67c7d75b232a43debccd28c51b7a71902c5939de91d8522d997e

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Sat, 16 Mar 2019 17:41:48 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 56622
expires: Mon, 08 Apr 2019 22:43:53 GMT

GET
H2 200 img_0235.jpg
suntimesmedia.files.wordpress.com/2019/03/ 27 KB
27 KB 9ms
8ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/img_0235.jpg?w=303&h=198&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: da095aa76b97bf5ea98eb3edf1b637f92318d6b262c11d61428479526c9d5f90

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Fri, 15 Mar 2019 16:17:38 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 27568
expires: Sat, 13 Apr 2019 21:04:36 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 23ms
6ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.11040092239354982
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sun, 17 Mar 2019 22:37:48 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 23ms
7ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?blog=107184512&v=wpcom&tz=-5&user_id=0&subd=suntimesmedia&host=chicago.suntimes.com&ref=&fcp=1341&rand=0.0745384495264072
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sun, 17 Mar 2019 22:37:48 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 23ms
7ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1BNmNJfGhxNCVxUDExYmtib2E%2FSzdEJm0lUEtbdFU0fFk4cHZvcUFrZT90Tn4yQm1%2BR3NyNTdoTjJvUEJnfj1MUW8yaixPcHM3NFJ%2BLDdlVmFCVWNaTmRdQkwmNUdnSUt1N1olZUtwUERBeStsZHA4WE54L3Z4eF9QfFZzPy5CTWI3bjdSaVhNfG9OQzhkdF14OEkxRjZMX2l1bnJFXUZZP3g2Yml0UWdNNG9kVVZ%2BejBNViZdY1Nuc0l6fHlXSTUlPUpuLzVuY1pJTXQteF9Takg%3D&v=wpcom-no-pv&rand=0.974578256795652
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sun, 17 Mar 2019 22:37:48 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 dt.html
cdn.digitru.st/prod/1.5.27/ Frame 94FE 0
0 15ms
10ms Document
text/html 159.180.84.2
Instart Logic

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1.5.27/dt.html
Requested by: Host: cdn.digitru.st
URL: https://cdn.digitru.st/prod/1/digitrust.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software: DTOrigin /
Resource Hash

Request headers

:method: GET
:authority: cdn.digitru.st
:scheme: https
:path: /prod/1.5.27/dt.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://chicago.suntimes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/

Response headers

status: 200
content-type: text/html
content-length: 1295
cache-control: max-age=86400
last-modified: Tue, 12 Mar 2019 22:51:45 GMT
date: Sat, 16 Mar 2019 16:01:48 GMT
content-encoding: gzip
expires: Sun, 17 Mar 2019 16:01:48 GMT
accept-ranges: bytes
access-control-allow-origin: *
age: 110160
server: DTOrigin
etag: "aba9b97256730cf45ebcafc50cfc8285"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-instart-cache-id: 18:16728296241960358145::1552752107
x-instart-request-id: 12627766934152342905:SEN01-CPVNPPRY13:1552862268:0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 444ms
97ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDkyNzI3NjQ4NyIsImVidXkiOiIyNDcwNjEzODk3IiwiZWFkdiI6IjI2MTQ0ODQ3IiwiZWNpZCI6IjEzODI2MzYzMjM5OCIsImVlbnYiOiJqIiwiZXBpZCI6Ijg0OTM3Mjg3IiwiZXNpZCI6IjYwOTI0MjA3In0&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=31989ad8-893e-4d06-89c3-384875abcf33&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862268120&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x5983&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:48 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
DATA 200
OK truncated
/ Frame 8FB6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e6e2ec2e125693e30a839852c469bd8855b76976bf45518025c9114a714fc43

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 84D5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e73908f95ac446e81fd422262462db3b34bafe0adbe828bc91f9f46292f7394d

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 20B4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57e31e70a0f9e2d898173de952373c9fa414dc366739794fa992d6e60357465a

Request headers

Response headers

Content-Type: image/png

POST
H2 200 /
www.facebook.com/tr/ Frame C3CC 0
0 7ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 5151
pragma: no-cache
cache-control: no-cache
origin: https://chicago.suntimes.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://chicago.suntimes.com/
accept-encoding: gzip, deflate, br
cookie: fr=0Ua4pFY5ht5hm86Nh..Bcjsw7...1.0.Bcjsw7.
Origin: https://chicago.suntimes.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-credentials: true
content-length: 0
server: proxygen-bolt
date: Sun, 17 Mar 2019 22:37:48 GMT

GET
DATA 200
OK truncated
/ Frame 3F49 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40fa9f9c9ae60dac1ce95d10510626c1c79a738aa77d518ccef2ad700234b9bd

Request headers

Response headers

Content-Type: image/png

POST
H/1.1 200
OK keymaker Show response
keymaker.go.sonobi.com/ 0
691 B 14ms
14ms XHR
text/plain 178.162.133.151
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://keymaker.go.sonobi.com/keymaker?pageviewid=21b7def060b8ef6&corscred=1&ver=3.29.2

Requested by

Host: mtrx.go.sonobi.com
URL: https://mtrx.go.sonobi.com/morpheus.chicagosuntimes.5552.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.151 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-xcp.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2019 22:37:48 GMT
Server: sonobi-go
Cache-Control: no-cache, no-store, private
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Keymaker-Error: false
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
339 B 33ms
32ms Image
image/gif 52.19.153.98
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=14d4fedc-2dab-43d9-9666-a321688bc6a6&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=PMyOXAA&ntv_at=303,302&ntv_a=AAAAAAAAAAnVcQA&ord=1552862268305&ntv_dpl=1011,1031,1016,1002,1005,1006,1022,1007&ntv_it
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2019 22:37:48 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

OPTIONS
H/1.1 200
OK 232384 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
601 B 150ms
15ms XHR
text/plain 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/232384
Requested by: Host: cdn.spotxcdn.com
URL: https://cdn.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://chicago.suntimes.com
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type,x-openrtb-version

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2019 22:37:48 GMT
Last-Modified: Sun, 17 Mar 2019 22:37:48 GMT
Server: nginx
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://chicago.suntimes.com
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type,x-openrtb-version
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame B398 29 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10974
x-xss-protection: 1; mode=block
server: cafe
etag: 14292188968202440633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/ Frame B398 2 KB
0 8ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B398 77 KB
0 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
DATA 200
OK truncated
/ Frame B398 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4c17c831f8689889bee1e1e1ff420815a6740e9f28ab83eddaeeabc3d90efe2

Request headers

Response headers

Content-Type: image/png

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame CC01 29 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10974
x-xss-protection: 1; mode=block
server: cafe
etag: 14292188968202440633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/ Frame CC01 2 KB
0 8ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC01 77 KB
0 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
DATA 200
OK truncated
/ Frame CC01 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09e4714853c731b0a65d1e35b782487736070e05b19c43a3bde7ba492fd3457

Request headers

Response headers

Content-Type: image/png

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame 08EB 29 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10974
x-xss-protection: 1; mode=block
server: cafe
etag: 14292188968202440633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/ Frame 08EB 2 KB
0 8ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08EB 77 KB
0 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
DATA 200
OK truncated
/ Frame 08EB 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94d26e36f31f151ded3480613bed2293e9578d27a78395ea74b3b7be8bde7c9b

Request headers

Response headers

Content-Type: image/png

GET
H2 200 14146934182773512403
tpc.googlesyndication.com/simgad/ Frame 11BD 22 KB
0 8ms
8ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14146934182773512403

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c5da057fac8cb4f344984accecabdc3d675c961d07548fcc9984dc11a4c4b117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 08 Mar 2019 21:27:54 GMT
x-content-type-options: nosniff
age: 781793
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 22752
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2019 03:33:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Mar 2020 21:27:54 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/ Frame 11BD 29 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10974
x-xss-protection: 1; mode=block
server: cafe
etag: 14292188968202440633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/ Frame 11BD 2 KB
0 8ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190313/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 13 Mar 2019 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2019 13:11:53 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11BD 77 KB
0 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_319.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 17 Mar 2019 22:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1552585448432221"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29080
x-xss-protection: 1; mode=block
expires: Sun, 17 Mar 2019 22:37:47 GMT

GET
DATA 200
OK truncated
/ Frame 11BD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61026d4a0ed762f0d9025fe3d805cd8b6f9025e84e4fb74d1b3c9145700056a4

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B398 0
64 B 22ms
18ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTO6G5CSQzXvrLCyus5KG2bZdcbCesE_YYDsrYZ-qzBKzV_YaBaTGoIk_7_fMlmAST3RRv3dizqnpVb7oT-qM3yhK16iaoDHwm98nwLsFRxhecmmyTY3tX9Vne-WNTY7aYNjAQWsRcJqUIopiQNpaG8N5_p5sHUKd1lkq3P_aaEeK9gVzOuhbkLCZYnguAy7PSBXRGYUkdqmcazYQo_TJ55KeN6Y_gZKWAptOfkj0MQjoD6gffiHKBrKuq2_1tX8AExb-4D-Ga3d8mDdw9l6wCoz7AD4OSrWAYURcCLT--UvWXJUgU-7w&sai=AMfl-YS_fBnB3WPGgAARTgld3JNy5YEZxGgqQtHZF4HhhqpAjsUaqQgAzTYlUWySu5O0zIiGyKk91OmwzDLrl3kpMsU5mOIpy0x0NVKEtubu6xRBwHDDClb9H9M0zkA&sig=Cg0ArKJSzKh5vKaC1F9nEAE&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 12530246133928978155
tpc.googlesyndication.com/simgad/ Frame B398 61 KB
61 KB 16ms
12ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12530246133928978155

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2a0430571c5dbc8084eef2dadaa6eefa8bf4a1111ce7c988da0814584928f78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 06:52:14 GMT
x-content-type-options: nosniff
age: 747934
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 62365
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2019 03:33:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 06:52:14 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC01 0
64 B 21ms
18ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjrakZSQwHCyk-weSwfAn5R3IDZ5esE4IXoJETUlFKkwqcYJXU1SgG0O952a82nZLcHUgDSmm_Vqmxw6wfEcg-aDv92ESUC3OuxND89QqJGh09zNP3ZBkZYRf2xQbCeOWEyMqHx7qQSx_dN2dMog4uV3kUwdxXO_yCZAmEzKfME-HhJZVRfP4zb31B8ecXiTNFrGZE0lcOB5Jxudv7wNRBnmqmnm8uFfotGMTRR2ueRomzhpKPAeLiuZtZJaD0_wpNtnsqfF7ZKv5v8KdJatrT5tUT-8UxSOvJ01GzqImia8J950YdZvk&sai=AMfl-YRcrlDpVW9-7pkG73RsjvbNuBwXXsjdcamyjOe2Yv_RyUSCCgOt5L62yt6FvUepLojxdoempqCh9Apm_-jFkkUMv7CldIP_l0i0pCCexse0r15tLc4_ArS9XgA&sig=Cg0ArKJSzPTmtd9jPVztEAE&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 12530246133928978155
tpc.googlesyndication.com/simgad/ Frame CC01 61 KB
61 KB 14ms
12ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12530246133928978155

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2a0430571c5dbc8084eef2dadaa6eefa8bf4a1111ce7c988da0814584928f78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 06:52:14 GMT
x-content-type-options: nosniff
age: 747934
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 62365
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2019 03:33:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 06:52:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CC01 0
72 B 16ms
13ms Image
text/html 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ60yQBjq1qV395JpkI1hnqeHswUZPeP2g1093JWKJ1kRxtdy2CWY16ocEt7oVwaE7QPJj8mnTVrtfxYLe0fReM5-4O7g
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08EB 0
64 B 20ms
18ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRI-PNPIiUul4hxjSXo6xJLBdBcfQM3QzqTRDk79uSYtahcqLAvaRLeHv34T7wAckqanTlJI2TeFm0huGSTkpwyT3UGHYcF4OUR8llqUYlaxc2oor2EBEQs2DiGSdwS3Ly0vWaETJT2onkSDMXhnmC3IDbc6tL_r99EvbGbQkQbqh2KZ32p1TB9oEAWAaiX42rfNjSpQsadBLbCizLSSzKTgRjdPypWC7wvRM3yoHAgCdKSfG9J64kyKz7w0aNuSqaPJ-SxfycrutSvGbbRr5IF9O_5NjwRgMDZvTwVqK5YyNohBEPz6Y&sai=AMfl-YSyDORloSdalWiTFqZ4_TRFMDx-ehCOgb2eJy2b4LuP3HrwDv7I8rF3hDdOHTIS1ouPrp3aNaV5r4y21hFGoFsu1WphQGY9_CErvk85Kt2Gd8EqfMA_U68y9xA&sig=Cg0ArKJSzJqiTb4aIWI2EAE&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 12530246133928978155
tpc.googlesyndication.com/simgad/ Frame 08EB 61 KB
61 KB 10ms
9ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12530246133928978155

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2a0430571c5dbc8084eef2dadaa6eefa8bf4a1111ce7c988da0814584928f78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 06:52:14 GMT
x-content-type-options: nosniff
age: 747934
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 62365
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2019 03:33:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 06:52:14 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 11BD 0
64 B 22ms
20ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUcf1u6Mcfo93KKJLdH7Lzvt-QRSP3kLE8UpBuhtPn9MPr3m9KpuSQcfYpKaRU4zDekqHjI7v9Fsarr7j2obBGNWvOojeQ_r3I6UyxkkvvZLn1aV0lVaIBRPDQB5TlI3WPxeW5LK15UoSL5ST2CVVx8uRQJV6b79rnZkJ6Ev-GxWrdCRrGFVsdjdko5lEC1qEH8GvVNK2-E10cySq88WAhPhGT1eWp24MOP8PUVu1INJ9ejWgq8HMlt5rf3yTcV3AwFncBHOqMYu45V6SEr6pB7tHPBty4pEaMGtuUnVt7_O9hQmHrYkU&sai=AMfl-YTb0l5deN3YkrF-OJppLuBCI3B0apu2vjUavgcwXSv1xs_gjq6M22DQOZz-y8QUHhzXqquKdciWGhhSeHJQFwMtl-mmAna7__csbViOYqzX3w78-DMfnAg_Ajo&sig=Cg0ArKJSzEoMJqlwKPjhEAE&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 22:37:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 204 l
www.google.com/ads/measurement/ Frame 11BD 0
55 B 16ms
15ms Image
text/html 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTNzd1WT5vTX7_LDovt9m1f8ul802GpHqLxjMnOMFjnPUjhYs4ESJStWNabi3mlzu0_cTuEV9176g5XSOQ8c296sSLxg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

POST
H/1.1 200
OK 232384 Show response
search.spotxchange.com/openrtb/2.3/dados/ 1 KB
3 KB 164ms
88ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/232384
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c238bf8674b56ac1657f4b19a76c2099755a21f6cda487a77878cc3893ef42f

Request headers

Origin: https://chicago.suntimes.com
Referer: https://chicago.suntimes.com/
x-openrtb-version: 2.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 17 Mar 2019 22:37:48 GMT
X-SpotX-Timing-Transform: 0.001377
X-SpotX-Timing-SpotMarket: 0.065615
X-SpotX-Timing-Page-Mux: 0.000228
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
X-SpotX-Timing-Page-Require: 0.000500
X-fe: 101
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.002566
X-SpotX-Timing-Page: 0.070985
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000239
Last-Modified: Sun, 17 Mar 2019 22:37:48 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.029140
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://chicago.suntimes.com
X-SpotX-Timing-Page-Misc: 0.000448
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.036475
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 james-gibson.jpg
suntimesmedia.files.wordpress.com/2019/03/ 15 KB
15 KB 17ms
13ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/james-gibson.jpg?w=320&h=240&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c5dbaf7413783b7493f3e1c6fd80578463a271a87b512ffb81d1e79a9ce191c

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Sun, 17 Mar 2019 18:48:42 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 15508
expires: Mon, 15 Apr 2019 00:08:08 GMT

GET
H2 200 garcia_lightfoot.jpg
suntimesmedia.files.wordpress.com/2019/03/ 64 KB
64 KB 17ms
13ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/garcia_lightfoot.jpg?w=425&h=320&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: bae063124817c5b86f1b1be1a202b2984dea66414773cffe6f93ad1e3655ce4b

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Sun, 17 Mar 2019 15:45:46 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 65222
expires: Fri, 12 Apr 2019 18:05:15 GMT

GET
H2 200 mhoneal.jpg
suntimesmedia.files.wordpress.com/2018/11/ 19 KB
20 KB 16ms
13ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2018/11/mhoneal.jpg?w=303&h=198&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: bafd08ba5b0d7223838f66c685211bd31839d91b2b2add78e177016c6d5d26f2

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Tue, 20 Nov 2018 16:37:45 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 19888
expires: Mon, 15 Apr 2019 11:56:11 GMT

GET
H2 200 1129912259-e1552400182725.jpg
suntimesmedia.files.wordpress.com/2019/03/ 17 KB
17 KB 147ms
145ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/1129912259-e1552400182725.jpg?w=303&h=198&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 221ec2de131f872bdcffe167018d9fdd5b8f8a866c4d025b122ab014c5d30cd7

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: MISS fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Tue, 12 Mar 2019 14:16:22 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 17148
expires: Fri, 26 Apr 2019 11:33:09 GMT

GET
H2 200 1-john-fountains-grandaparents-george-and-florence-hagler-pose-with-their-grandchildren-circa-1970s-e1552685203773.jpg
suntimesmedia.files.wordpress.com/2018/04/ 13 KB
13 KB 15ms
13ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2018/04/1-john-fountains-grandaparents-george-and-florence-hagler-pose-with-their-grandchildren-circa-1970s-e1552685203773.jpg?w=303&h=198&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 4674722f0944739940b94eef68359934502b06039dcf7b08cebad431a6894764

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Fri, 15 Mar 2019 21:26:43 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 13690
expires: Sun, 14 Apr 2019 18:50:18 GMT

GET
H2 200 afp_1eo5hm.jpg
suntimesmedia.files.wordpress.com/2019/03/ 5 KB
5 KB 15ms
13ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/afp_1eo5hm.jpg?w=303&h=198&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 7441ba7ff3f843975f291a26713ee4a4ac0f50c8f984ad52e6b5d8ab4bb2e5b1

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Fri, 15 Mar 2019 19:37:15 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 4954
expires: Wed, 17 Apr 2019 12:07:36 GMT

GET
H2 200 election2019-376_81050624-e1548593885777.jpg
suntimesmedia.files.wordpress.com/2018/12/ 6 KB
7 KB 15ms
13ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2018/12/election2019-376_81050624-e1548593885777.jpg?w=303&h=198&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: b5a12e2d86f36d5dc934c93e3256d66c26ffa3028564ff01615d9158a5f4a7b5

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Sun, 27 Jan 2019 12:58:05 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 6646
expires: Thu, 04 Apr 2019 20:32:50 GMT

GET
H2 200 2019election-210-e1550278844803.jpg
suntimesmedia.files.wordpress.com/2019/02/ 5 KB
5 KB 15ms
13ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/02/2019election-210-e1550278844803.jpg?w=303&h=198&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 5303bd01ce8c081cf223a0eab769f898d0daa25855f279b67e4c11123bec5ae9

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Sat, 16 Feb 2019 01:00:44 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 5482
expires: Thu, 04 Apr 2019 17:47:07 GMT

GET
H2 200 2019election-85-e1549326272369.jpg
suntimesmedia.files.wordpress.com/2019/02/ 7 KB
7 KB 20ms
19ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/02/2019election-85-e1549326272369.jpg?w=303&h=198&crop=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dea9b6671baa953ddb93fef6feec424387ccdffaed8cf00dda55d2823b71459

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:48 GMT
last-modified: Tue, 05 Feb 2019 00:24:32 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 6766
expires: Sat, 20 Apr 2019 02:24:28 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 98ms
98ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDkyNzI3Njk0OSIsImVidXkiOiIyNDcwNjEzODk3IiwiZWFkdiI6IjI2MTQ0ODQ3IiwiZWNpZCI6IjEzODI2Mzg5Nzg3NSIsImVlbnYiOiJqIiwiZXBpZCI6Ijg0OTM3Mjg3IiwiZXNpZCI6IjYwOTI0MjA3In0&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=69d1009e-8bf3-4823-8c32-951c90c12daa&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862268132&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x5983&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:48 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK vast.html Show response
search.spotxchange.com/ad/ 29 KB
11 KB 84ms
84ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/ad/vast.html?key=eyJob3N0IjoiZmUxMDEuc3BvdHguYW1zMDEucG9wIiwiY2hhbm5lbCI6IjIzMjM4NCIsInB1YiI6IjIzMDU4NSIsImd1aWQiOiI0YThhNGE1ZDQ5MDUxMWU5YjM3NDE0ZjBlZjhiMDAwNi06Mzg0YjkuY2IzMWUuYTQ2MToiLCJ0dGwiOjE1NTI4NzMwNjgsInYiOiIyLjAiLCJiQ29ycyI6dHJ1ZSwiaGFzaCI6ImEyZTI3MDRlNjIxMDVjMGVhZTM1NTM2ZTIyNzdjNTRkY2ExNDlmZmZiMmY5ZWViN2M1ZmE2OGUxM2VjMTJkMmQifQ
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/hqRhLnqw.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: cf33d191787caccfdf9a7ea60d0ef9938ed46821c146c4d42abd78f56a6d1a31

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com

Response headers

Date: Sun, 17 Mar 2019 22:37:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://chicago.suntimes.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 10937

GET
H/1.1 204
No Content ping.gif
jwpltx.com/v1/jwplayer6/ 0
103 B 396ms
95ms Image
text/plain 34.236.4.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jwpltx.com/v1/jwplayer6/ping.gif?h=615988910&e=e&n=6163780448014340&abc=0&aid=BpN2nBvQEeiNRApVuA4vVw&ask=czWflAco&at=1&c=0&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1ehxrsd44s0u&i=0&id=ATGSYzvL&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1b9l1qc1vixr&ph=1&pid=hqRhLnqw&pii=0&pl=358&plc=1&pli=puqv2enyjxvx&pp=html5&prc=1&ps=4&pss=1&pt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&pu=https%3A%2F%2Fchicago.suntimes.com%2F&pv=8.7.6&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Homepage%20Playlist&tv=3.7.0&vb=0&vi=0&vl=90&wd=637&ab=1&cb=1&cme=0&dd=0&fv=&ga=1&lng=en&mk=mp4&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fvideos%2FATGSYzvL-Om3e6rzI.mp4&pbc=1&pd=2&pdr=&plng=en&plt=1900&pni=0&pnl=38&po=1&pogt=Chicago%20Sun-Times&r=1&rf=%2F%2Fcontent.jwplatform.com%2Fv2%2Fplaylists%2Fg2jvAnok%3Frelated_media_id%3DMEDIAID&sp=0&st=300&vp=1&sa=1552862268667
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.4.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-4-254.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 17 Mar 2019 22:37:49 GMT
Server: nginx

GET
H/1.1 204
No Content ping.gif
jwpltx.com/v1/clienta/ 0
103 B 397ms
96ms Image
text/plain 34.236.4.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jwpltx.com/v1/clienta/ping.gif?h=-863449427&e=abq&n=9362114820703906&abc=0&aid=BpN2nBvQEeiNRApVuA4vVw&ask=czWflAco&at=1&c=0&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1ehxrsd44s0u&i=0&id=ATGSYzvL&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1b9l1qc1vixr&ph=1&pid=hqRhLnqw&pii=0&pl=358&plc=1&pli=puqv2enyjxvx&pp=html5&prc=1&ps=4&pss=1&pt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&pu=https%3A%2F%2Fchicago.suntimes.com%2F&pv=8.7.6&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Homepage%20Playlist&tv=3.7.0&vb=0&vi=0&vl=90&wd=637&ab=1&abid=gy37ft4k32j0&abo=pre&apid=pvdn35kavx00&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=3&asxi=232384&vpb=%7B%22spotx.id%22%3A%22232384%22%7D&sa=1552862268667
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.4.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-4-254.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 17 Mar 2019 22:37:49 GMT
Server: nginx

GET
H/1.1 204
No Content ping.gif
jwpltx.com/v1/clienta/ 0
103 B 397ms
97ms Image
text/plain 34.236.4.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jwpltx.com/v1/clienta/ping.gif?h=166309943&e=abr&n=9978105296697461&abc=0&aid=BpN2nBvQEeiNRApVuA4vVw&ask=czWflAco&at=1&c=0&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1ehxrsd44s0u&i=0&id=ATGSYzvL&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1b9l1qc1vixr&ph=1&pid=hqRhLnqw&pii=0&pl=358&plc=1&pli=puqv2enyjxvx&pp=html5&prc=1&ps=4&pss=1&pt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&pu=https%3A%2F%2Fchicago.suntimes.com%2F&pv=8.7.6&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Homepage%20Playlist&tv=3.7.0&vb=0&vi=0&vl=90&wd=637&ab=1&abid=gy37ft4k32j0&abo=pre&apid=pvdn35kavx00&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=3&asxb=1&asxi=232384&asxp=600&asxt=1195&asxw=1&vpb=%7B%22spotx.id%22%3A%22232384%22%2C%22spotx.result%22%3A1%2C%22spotx.code%22%3A1%2C%22spotx.winner%22%3Atrue%2C%22spotx.priceInCents%22%3A600%2C%22spotx.timeForBidResponse%22%3A1195%7D&sa=1552862268667
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.4.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-4-254.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 17 Mar 2019 22:37:49 GMT
Server: nginx

GET
H/1.1 204
No Content ping.gif
jwpltx.com/v1/clienta/ 0
103 B 400ms
96ms Image
text/plain 34.236.4.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jwpltx.com/v1/clienta/ping.gif?h=-1404570730&e=ar&n=3224137780235818&abc=0&aid=BpN2nBvQEeiNRApVuA4vVw&ask=czWflAco&at=1&c=0&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1ehxrsd44s0u&i=0&id=ATGSYzvL&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1b9l1qc1vixr&ph=1&pid=hqRhLnqw&pii=0&pl=358&plc=1&pli=puqv2enyjxvx&pp=html5&prc=1&ps=4&pss=1&pt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&pu=https%3A%2F%2Fchicago.suntimes.com%2F&pv=8.7.6&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Homepage%20Playlist&tv=3.7.0&vb=0&vi=0&vl=90&wd=637&ab=1&abid=gy37ft4k32j0&abo=pre&adi=2myniimuz6e0&apid=pvdn35kavx00&awi=1&awc=1&p=0&pc=0&pi=0&pr=0&vu=&apr=1&sa=1552862268667
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.4.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-4-254.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 17 Mar 2019 22:37:49 GMT
Server: nginx

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 98ms
98ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDkyNzI3Njk1OCIsImVidXkiOiIyNDcwNjEzODk3IiwiZWFkdiI6IjI2MTQ0ODQ3IiwiZWNpZCI6IjEzODI2MzYzMjQ2NyIsImVlbnYiOiJqIiwiZXBpZCI6Ijg0OTM3Mjg3IiwiZXNpZCI6IjYwOTI0MjA3In0&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=176fa924-eeec-4528-adbb-816ad66c5dda&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862268138&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x5983&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:48 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 204
No Content ping.gif
jwpltx.com/v1/clienta/ 0
103 B 387ms
94ms Image
text/plain 34.236.4.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jwpltx.com/v1/clienta/ping.gif?h=1954081001&e=al&n=3855525910299058&abc=0&aid=BpN2nBvQEeiNRApVuA4vVw&ask=czWflAco&at=1&c=0&ccp=0&cp=0&d=2&eb=0&ed=6&emi=1ehxrsd44s0u&i=0&id=ATGSYzvL&lsa=fail&mt=1&pbd=1&pbr=1&pgi=1b9l1qc1vixr&ph=1&pid=hqRhLnqw&pii=0&pl=358&plc=1&pli=puqv2enyjxvx&pp=html5&prc=1&ps=4&pss=1&pt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&pu=https%3A%2F%2Fchicago.suntimes.com%2F&pv=8.7.6&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Homepage%20Playlist&tv=3.7.0&vb=0&vi=0&vl=90&wd=637&ab=1&abid=gy37ft4k32j0&abo=pre&adi=2myniimuz6e0&apid=pvdn35kavx00&awi=1&awc=1&p=0&pc=0&pi=0&pr=0&vu=&apr=1&tal=100&sa=1552862268770
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.4.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-4-254.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 17 Mar 2019 22:37:49 GMT
Server: nginx

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 103ms
103ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDk5NTkwOTc4MCIsImVidXkiOiIyNTA3MjExNTM5IiwiZWFkdiI6IjQ2NDU0NDM0ODAiLCJlY2lkIjoiMTM4MjY0NTc2MDM4IiwiZWVudiI6ImoiLCJlcGlkIjoiODQ5MzcyODciLCJlc2lkIjoiNjA5MjQyMDcifQ&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=d067fc89-a24d-4633-84fa-bd64a9c36438&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862268245&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x5983&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:48 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 101ms
100ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDkyNzI3Njk1MiIsImVidXkiOiIyNDcwNjEzODk3IiwiZWFkdiI6IjI2MTQ0ODQ3IiwiZWNpZCI6IjEzODI2MzYzMjQ5NCIsImVlbnYiOiJqIiwiZXBpZCI6Ijg0OTM3Mjg3IiwiZXNpZCI6IjYwOTI0MjA3In0&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=2ae0610f-def4-4f76-8cce-0ebadab3aa51&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862268344&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x5986&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:48 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 98ms
97ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDkyNjY2OTI4MiIsImVidXkiOiIyNDcwNjEzODk3IiwiZWFkdiI6IjI2MTQ0ODQ3IiwiZWNpZCI6IjEzODI2MzU4ODE5NSIsImVlbnYiOiJqIiwiZXBpZCI6Ijg0OTM3Mjg3IiwiZXNpZCI6IjYwOTI0MjA3In0&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=c002a269-22a4-43ae-83c5-b29673d288cf&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862268360&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x5986&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:49 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 100ms
99ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDkyNjY2OTI3OSIsImVidXkiOiIyNDcwNjEzODk3IiwiZWFkdiI6IjI2MTQ0ODQ3IiwiZWNpZCI6IjEzODI2MzYzMjQ5MSIsImVlbnYiOiJqIiwiZXBpZCI6Ijg0OTM3Mjg3IiwiZXNpZCI6IjYwOTI0MjA3In0&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=85fde9b0-87f2-4670-b67a-185fed7f3da9&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862268370&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x5986&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:49 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 100ms
99ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDkyNzI3Njk2NyIsImVidXkiOiIyNDcwNjEzODk3IiwiZWFkdiI6IjI2MTQ0ODQ3IiwiZWNpZCI6IjEzODI2MzYzMTkwOSIsImVlbnYiOiJqIiwiZXBpZCI6Ijg0OTM3Mjg3IiwiZXNpZCI6IjYwOTI0MjA3In0&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=a9db92b8-1e5d-45b3-b186-fd5a609c36b2&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862268395&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x5986&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:49 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 2C66
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=1ce0127a-7664-431a-90aa-5f8a0105f4a8
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=1ce0127a-7664-431a-90aa-5f8a0105f4a8

0
0

15ms
14ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=1ce0127a-7664-431a-90aa-5f8a0105f4a8
Requested by: Host: suntimes-d.openx.net
URL: https://suntimes-d.openx.net/w/1.0/jstag?nc=61924087-suntimes
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.121.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=1ce0127a-7664-431a-90aa-5f8a0105f4a8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://chicago.suntimes.com/
accept-encoding: gzip, deflate, br
cookie: i=5473212b-9476-0d44-392d-c6d18671e953|1552862269
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chicago.suntimes.com/

Response headers

status: 200
vary: Accept
set-cookie: i=5473212b-9476-0d44-392d-c6d18671e953|1552862269; Version=1; Expires=Mon, 16-Mar-2020 22:37:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1552862269|mOsLgqgikin0fcmWiygu; Version=1; Expires=Mon, 01-Apr-2019 22:37:49 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.121.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 17 Mar 2019 22:37:49 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

status: 302
set-cookie: i=5473212b-9476-0d44-392d-c6d18671e953|1552862269; Version=1; Expires=Mon, 16-Mar-2020 22:37:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.121.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=1ce0127a-7664-431a-90aa-5f8a0105f4a8
date: Sun, 17 Mar 2019 22:37:49 GMT
content-length: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 66 KB
23 KB 9ms
7ms Script
application/x-javascript 2600:9000:200d:f800:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJylkFEOgjAMQC8kTCIa/TCeZW6FFVk7WYfi6QU/jJHEaPxr2peXl6pLyAyTAIlqorLQo4FwzZu4UC8nn7LQphopqhZPENU5QQKnybbQfYCRKiSU4Tm8s+LAj7oegzIOja45JhKcdjpGkDhV9UCWO1VxIqsFmXKP9I/Js4WO8DZL/0VinO7kCFqyilnmb/jK9YAyxx6CruGfnDD4vC9Gw8Hvi3W5WxXlZrts7nBPtmI=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:f800:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: d84a123811bd2d2ce924417daeb7a4e2622259ee306fc9c9e78182c8fe4319c4

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 16:54:16 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 13:43:37 GMT
server: nginx
age: 20613
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-id: xSjFD3aIawEHkT79PuSdUJgkpbOXPJacwcFKOYKKnCgQkgjUnwEfUA==
via: 1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
expires: Mon, 18 Mar 2019 16:54:16 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
409 B 34ms
34ms Image
image/gif 52.19.153.98
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1071005&ntv_gdpr_consent=&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2019 22:37:49 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 313ms
98ms Image
image/gif 18.214.27.130
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicago.suntimes.com&p=%2F&u=d_rjkC3Ekd6D5eoA9&d=chicago.suntimes.com&g=38241&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6003&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3726&t=B5VuJqBKy81sDN0xy8DQNNCNC_09vd&V=112&i=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&tz=0&sn=1&sv=D6exxoD0g4TtDmsBjXBvMTYSBBuYKR&sd=1&im=06539c43&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.27.130 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-214-27-130.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sun, 17 Mar 2019 22:37:49 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 312ms
98ms Image
image/gif 18.214.27.130
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40chicago.suntimes.com&g=38241&p=https%3A%2F%2Fcdn.jwplayer.com%2Fvideos%2FATGSYzvL-Om3e6rzI.mp4&i=Homepage%20Playlist&u=Dayy5pCsaxbtBCw7xJ&t=xaF3OkYBEOCZUjT1B0DPKpD3wIDr&x=0&y=0&V=112&VS=JW&n=1&b=3726&r=&_vi=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&_vp=chicago.suntimes.com%2F&_vh=chicago.suntimes.com&_pu=d_rjkC3Ekd6D5eoA9&_pt=B5VuJqBKy81sDN0xy8DQNNCNC_09vd&_pr=&_vdd=chicago.suntimes.com&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.004&_vpt=0&_vtn=https%3A%2F%2Fcdn.jwplayer.com%2Fthumbs%2FATGSYzvL-720.jpg&_vaup=unkn&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.27.130 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-214-27-130.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sun, 17 Mar 2019 22:37:49 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 98ms
97ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fchicago.suntimes.com%2F&page=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&sec=homepage&ptype=section&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&tid=f433ab96-00f4-4b78-9501-a808fb0095f1&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862269427&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x6003&tofa=1552862268&vid=1&duid=a98c57a16cef2544&fp=3998842399&cid=ma19714&mrk=535046800&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU1Mjg2MjI2NTU3MCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNi45MTc2NG1iIiwiaGVhcFQiOiI0MC4wODc0MzJtYiIsImZldGNoUyI6IjM0OCIsImRvbWFpblMiOiIzNDkiLCJkb21haW5FIjoiMzYzIiwiY29ublMiOiIzNjMiLCJjb25uRSI6IjM4NCIsInNzbFMiOiIzNjkiLCJyZXF1UyI6IjM4NCIsInJlc3BTIjoiNTI0IiwicmVzcEUiOiI3MDEiLCJkb21Mb2FkIjoiNTI5IiwiZG9tSW50ZXIiOiIyMzA5IiwiZG9tTG9hZFMiOiIyMzA5IiwiZG9tTG9hZEUiOiIyNDAxIiwiZG9tQ21wbHQiOiIzNzI2IiwibG9hZFMiOiIzNzI2IiwibG9hZEUiOiIzNzg4In19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:49 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 4weddings.jpg
suntimesmedia.files.wordpress.com/2019/03/ 6 KB
6 KB 9ms
8ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/4weddings.jpg?w=80&h=80&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c70868fcc4ab69542fd44a00fe1c48b9a236610d222270e2c585b677a6aed26

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:49 GMT
last-modified: Wed, 13 Mar 2019 21:00:48 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 6480
expires: Wed, 03 Apr 2019 05:11:35 GMT

GET
H2 200 runoff-08-4-e1552512588853.jpg
suntimesmedia.files.wordpress.com/2019/03/ 7 KB
7 KB 10ms
6ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/runoff-08-4-e1552512588853.jpg?w=303&h=198&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e8b9fb7d2ec2040fa5e01bd2eedfeacb285919f6e7269050ba84bff377748345

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:49 GMT
last-modified: Wed, 13 Mar 2019 21:29:49 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 6856
expires: Sun, 07 Apr 2019 00:12:46 GMT

GET
H2 200 rushduckworth-080818-3-e1552676644392.jpg
suntimesmedia.files.wordpress.com/2019/03/ 5 KB
5 KB 11ms
7ms Image
image/webp 192.0.72.22
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suntimesmedia.files.wordpress.com/2019/03/rushduckworth-080818-3-e1552676644392.jpg?w=303&h=198&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: bed84ff7ddc641364c81a6f08decd9945025ac7f070fcae9dc516edceefd0bc1

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 22 np
date: Sun, 17 Mar 2019 22:37:49 GMT
last-modified: Fri, 15 Mar 2019 19:04:04 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 5170
expires: Mon, 15 Apr 2019 20:05:29 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 20B4 42 B
122 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPd3YaQJMV6FvHw0xrC-I3vN0nfnC-Baxq1oOo9tttrPqT_0rzYgU4RpoHlcfUnePhXMYPSkn2kHz60ZMz34FSN7rewZD_GxF52Io&sig=Cg0ArKJSzGfNp4lkv1kDEAE&adk=4193948495&tt=66&bs=1585%2C1200&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&p=16,429,106,1157&mcvt=1097&rs=3&ht=0&tfs=269&tls=1366&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1552862267839&rpt=372&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C5983&ss=1600%2C1200&pt=1302&deb=1-4-8-25-13-40-102-11&tvt=1335&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=728x90&v=20190313

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2019 22:37:49 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B398 42 B
122 B 39ms
38ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul1WQuhSTx1JMARJQ5GNoqIVNAW7M0LNiCFX9O5Ru4x2thSr-T6iiYZTGrTLCTvxkkU45Cw9YQyOPj8GLvKN3VucVixPObYjvYpIY&sig=Cg0ArKJSzAdn_jnKVDfDEAE&adk=3166600435&tt=66&bs=1585%2C1200&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&p=412,1136,1012,1436&mcvt=1097&rs=3&ht=0&tfs=269&tls=1366&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1552862268346&rpt=1&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C5983&ss=1600%2C1200&pt=1302&deb=1-4-8-25-13-40-102-11&tvt=1335&r=v&id=osdim&vs=4&uc=11&upc=11&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=300x600&v=20190313

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2019 22:37:49 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 96ms
96ms Image
image/gif 18.214.27.130
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicago.suntimes.com&p=%2F&u=d_rjkC3Ekd6D5eoA9&d=chicago.suntimes.com&g=38241&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.02&x=0&m=0&y=6003&o=1585&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=3726&t=B5VuJqBKy81sDN0xy8DQNNCNC_09vd&V=112&tz=0&sn=2&sv=D6exxoD0g4TtDmsBjXBvMTYSBBuYKR&sd=1&im=06539c43&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.27.130 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-214-27-130.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sun, 17 Mar 2019 22:37:50 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 97ms
97ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.44&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=6&f_privb=0&tid=24899084-2c99-4afc-9258-27fe9bb1bdc8&pid=a467ee85-b5a4-488a-8cec-0e04c7089b11&dtm=1552862279427&qnm=_matherq&visible=1&tabid=3813d962-f340-430f-8cc0-2d66798d9a54&vp=1600x1200&ds=1585x6003&tofa=1552862279&vid=1&duid=9f60d68995bdee6e&fp=3998842399&cid=ma19714&mrk=535046800&url=https%3A%2F%2Fchicago.suntimes.com%2F&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU1Mjg2MjI2NTU3MCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyOS4zNTgyOG1iIiwiaGVhcFQiOiI0Ni4zODk4NDhtYiIsImZldGNoUyI6IjM0OCIsImRvbWFpblMiOiIzNDkiLCJkb21haW5FIjoiMzYzIiwiY29ublMiOiIzNjMiLCJjb25uRSI6IjM4NCIsInNzbFMiOiIzNjkiLCJyZXF1UyI6IjM4NCIsInJlc3BTIjoiNTI0IiwicmVzcEUiOiI3MDEiLCJkb21Mb2FkIjoiNTI5IiwiZG9tSW50ZXIiOiIyMzA5IiwiZG9tTG9hZFMiOiIyMzA5IiwiZG9tTG9hZEUiOiIyNDAxIiwiZG9tQ21wbHQiOiIzNzI2IiwibG9hZFMiOiIzNzI2IiwibG9hZEUiOiIzNzg4In19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 17 Mar 2019 22:37:59 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.openx.net/	1970-01-18 23:42:38	Name: pd Value: v2\|1552862269\|mOsLgqgikin0fcmWiygu
.openx.net/	1970-01-19 08:06:38	Name: i Value: 5473212b-9476-0d44-392d-c6d18671e953\|1552862269
chicago.suntimes.com/	1970-01-18 23:31:07	Name: DigiTrust.v1.identity Value: eyJpZCI6IllmeEY0aVhVUEFkY1V3WE9QOGN4V2U2NVRuL3RqNzBJTmt4ZDZheGJnVHdxaWFrMjBBMUJBbWR4SzFNZGU0Ui9FTnlXekJoUTdoTWZZbmJrbHhpRVpPVjJzOGpneE56NVpROHZySlRpVVhCZUN3RFR6YmxUN2JpQS9ybnZuVG9DR1ZsRWJZU2xOWjlaZExwcld2bTlkM2g3c2tCbUdrWnNZbGxOTm5telc2T2pYK2Nyb28xSHJlcWlua2thTm9RUU1jSjNoTzBjSzQwNkt4WDEzOE83aml0am5Bc0ppdmt3cFdVY1hkKzdpSVMwT0hwWWhtM284WFpXMnExQmJiUUNEa2VTeDdkQ2VteFhBOFZDTmVMUTFyUXovZUE3Y3N4UmFYWlJRazJZTWdoZU5zcVFxUEZUZzIxTmd6S3dLcW1PbXJHb0ZuSExaVmFFSytIUXhvT29RQT09IiwidmVyc2lvbiI6MiwicHJvZHVjZXIiOiIxQ3JzZFVOQW82IiwicHJpdmFjeSI6eyJvcHRvdXQiOmZhbHNlfSwia2V5diI6NH0%3D
chicago.suntimes.com/	1970-01-18 23:21:02	Name: __adblocker Value: false
chicago.suntimes.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
.suntimes.com/	1970-01-18 23:21:02	Name: _gat_BNA Value: 1
.suntimes.com/	1970-01-19 01:30:38	Name: _fbp Value: fb.1.1552862267294.517363294
.digitru.st/	1970-01-20 19:09:02	Name: DigiTrust.v1.identity Value: eyJpZCI6IkhUd0VOS1ZNMGFNPSIsInZlcnNpb24iOjIsInByb2R1Y2VyIjoiMUNyc2RVTkFvNiIsInByaXZhY3kiOnsib3B0b3V0IjpmYWxzZX19
chicago.suntimes.com/	1970-01-18 23:21:04	Name: sailthru_pageviews Value: 2
chicago.suntimes.com/	1970-01-18 23:21:03	Name: OX_sd Value: 1
chicago.suntimes.com/	1969-12-31 23:59:59	Name: sbi_debug Value: false
.suntimes.com/	1970-01-19 16:52:14	Name: _sp_id.44f9 Value: a98c57a16cef2544.1552862268.1.1552862268.1552862268
.suntimes.com/	1970-01-19 16:52:14	Name: __gads Value: ID=613d7a02bae78c2b:T=1552862267:S=ALNI_MbNiu1RZiiUzdWhTyzvm47byaCROg
.suntimes.com/	1970-01-18 23:21:04	Name: _sp_ses.44f9 Value: *
chicago.suntimes.com/	1970-01-19 08:49:50	Name: _cb_ls Value: 1
.suntimes.com/	1970-01-18 23:22:28	Name: _gid Value: GA1.2.845206994.1552862266
.suntimes.com/	1970-01-19 16:52:14	Name: _ga Value: GA1.2.162745238.1552862266

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s1.wp.com/_static/??-eJyFzkEKAjEMBdAL2ak6duFCPEutcUidpLVJHfT0dkAXwqAQ+Iv/4MdO2SCHsZ5BbGx3q1Ae7+iirOwvYAiH4hU6Qv7gkFiBdbY5iRKI+AEWWkonHMFUgdIAa5u5pAX3/RLyHWH6yyJo9uFqCgg+5/UjHTbOrbe7fd+7+AI4w1vP(Line 8) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: https://content.jwplatform.com/libraries/hqRhLnqw.js(Line 11) Message: JW Player Warning 301129. For more information see https://developer.jwplayer.com/jw-player/docs/developer-guide/api/errors-reference#301129

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
adservice.google.de
ak.sail-horizon.com
apex.go.sonobi.com
assets-jpcust.jwpsrv.com
cdn.digitru.st
cdn.jwplayer.com
cdn.spotxcdn.com
chicago.suntimes.com
cloud.typenetwork.com
connect.facebook.net
content.jwplatform.com
entitlements.jwplayer.com
eu-u.openx.net
g.jwpsrv.com
jadserve.postrelease.com
js.matheranalytics.com
js.spotx.tv
jwpltx.com
keymaker.go.sonobi.com
mab.chartbeat.com
mtrx.go.sonobi.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.wp.com
r-login.wordpress.com
s.ntv.io
s0.wp.com
s1.wp.com
s2.wp.com
search.spotxchange.com
securepubads.g.doubleclick.net
ssl.p.jwpcdn.com
static.chartbeat.com
stats.g.doubleclick.net
stats.wp.com
suntimes-d.openx.net
suntimes.com
suntimesmedia.files.wordpress.com
sync.search.spotxchange.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.npttech.com
107.178.250.234
13.32.223.127
151.101.1.198
159.180.84.2
172.217.21.194
173.241.240.143
173.241.240.220
178.162.133.150
178.162.133.151
18.214.27.130
185.94.180.123
185.94.180.124
185.94.180.126
185.94.180.127
192.0.72.22
192.0.76.3
192.0.77.32
192.0.78.12
192.0.78.13
192.0.78.18
192.0.79.33
192.229.233.123
2.18.232.234
2.18.234.163
2600:9000:200d:d400:1:a3fa:7cc0:93a1
2600:9000:200d:e200:1:a3fa:7cc0:93a1
2600:9000:200d:f800:18:1fcd:348:2461
2606:2800:133:9a:24ed:9b6:1020:2655
2606:2800:233:9d9:186a:1821:7f8:93e
2606:4700:30::6818:6096
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:815::2001
2a00:1450:4001:816::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c08::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1d::729
2a04:4e42::714
2a04:fa87:fffe::c000:4902
34.236.4.254
52.19.153.98
54.144.48.113
04594973f7a96b77780460442191015c23a0b97f553d7f336fc6c05971bb56bf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12aa60f41582f7f1e84e7118c627c27117b2221a31cd816709a85161675aca7c
191f38ebbca729e2429b7d6d2176d92790d68cdc9267ccc137e8f363892c7799
1b732b5e51ea28a3766f56963423d489577fc43b0499accf2bcd77318d36e70d
1c238bf8674b56ac1657f4b19a76c2099755a21f6cda487a77878cc3893ef42f
1fe06a4e8619818e12f11e6d850526a46fd2b61af10b05abe7e339c486680757
21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb
221ec2de131f872bdcffe167018d9fdd5b8f8a866c4d025b122ab014c5d30cd7
244d721c38ca791849946459389242f68e88e25d25668b0a6511ceb1cbb13065
28fed41dac64047024297e339d968eba283835098b5649c3eaa29ee3153424bd
2a0430571c5dbc8084eef2dadaa6eefa8bf4a1111ce7c988da0814584928f78d
2a3ee4b55b9288d8121054e54507071077c8d68671aa0183aebde9d6ee6c69b7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba304a2957a41ee7faa3eb851a4fef0df915f757420c3a9093295b31fabc625
2be2d2634bc1a99823a886b08261b24f043c5ac532282597d09d7429cabc14e7
3953f8b2e4900d568c54605b38b3a91f7e2304755b01cb4353516c071d6423d0
3a80b900c538dce6ded080e90ee6a3e25c9264181192f962dc62959412020681
3aea01d21314f4383950e0b67fd0367feb213d4c8174f005a774ad8b31e8689d
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
40fa9f9c9ae60dac1ce95d10510626c1c79a738aa77d518ccef2ad700234b9bd
4593da55354291d75b953bd98a3d2ba5033e56ad67b8b264bc03c9fc0606435b
4674722f0944739940b94eef68359934502b06039dcf7b08cebad431a6894764
4b862283bb0b7628d0a044ee87ae769795382c60338e8690c5bd9a65261aec44
4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a
5303bd01ce8c081cf223a0eab769f898d0daa25855f279b67e4c11123bec5ae9
5694d39bd2bf481cb522236718e2499ff5fe9bf351c279d2240b49c3335332a8
57e31e70a0f9e2d898173de952373c9fa414dc366739794fa992d6e60357465a
5c5dbaf7413783b7493f3e1c6fd80578463a271a87b512ffb81d1e79a9ce191c
5dea9b6671baa953ddb93fef6feec424387ccdffaed8cf00dda55d2823b71459
5e35f0c4e70ab840d0b73ca8c6177ddeb6f9862ac7e33d0ee916ebdb2415a5f2
5e6e2ec2e125693e30a839852c469bd8855b76976bf45518025c9114a714fc43
61026d4a0ed762f0d9025fe3d805cd8b6f9025e84e4fb74d1b3c9145700056a4
63d15804964b7f4dcf146cc346845e0243e0aa00f1d95f2833792937cba211fd
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
7441ba7ff3f843975f291a26713ee4a4ac0f50c8f984ad52e6b5d8ab4bb2e5b1
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
80b4a3b0625b8da34fcff5d37c79da8097678133cec053bfdec764cfc23c445f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844c37a72e87bef80e24829f54a4b824c29424cc89e2de915eb8b5f18342bcb2
8c70868fcc4ab69542fd44a00fe1c48b9a236610d222270e2c585b677a6aed26
943f5d39bfef4095abf1044eb45e207bd3d19c092bfbc047a02a70bf78e4bcd1
94d26e36f31f151ded3480613bed2293e9578d27a78395ea74b3b7be8bde7c9b
94df7590b4dad14ca1d32dc0713d4fd8290def36b9019313898bf10546e09f4f
95a6bc60e98c7aaa18f772d6cd0f8c1c97e2f8da6484c34740f4f2e5332df6f8
9722d5a080dfb62ee22e7aec41446a70a34378dca6d34dd56d19beabd024c73a
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
a037f203d8a9d4b2e988882b0aa28607e207ed6e34e5e5112c58fb09c66504a5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09e4714853c731b0a65d1e35b782487736070e05b19c43a3bde7ba492fd3457
a1002cd068947c33e0144e75071f557add407a4b8fd8b2cfa7c9d7ec1382ce14
a621473d8a62864f9f1000349d2472c57cee4a33ebde6baf96187e48b4a477bf
a7d608269f36dfbc22fd6c6e1aa670536ebcbafca67382835f77730bd08ddd28
ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92
af5535d12071a480400af9fd891c5e980ea36e54a42f67c4df0bfa688621d1c0
b03039dcedd7e1bd98129d798cd4c2418857c488c64bb15e734197774c31d99e
b0f51f39c6f9c9218414c6df9fbf19ba82a30e01db819e3fc31eb4b26f28b627
b156b5d24f65e76cfff6123c837215362fd186996f49ebf793b0297fc37acfc1
b2460fb5aeffb7ec20dee81a7b45dd8cd818cfefa92fd5d88be6a8d984b3e101
b48ef5a7bc3d64c9e962bd440b6071266a0b7fa786f5c9556e283d025ead506b
b5a12e2d86f36d5dc934c93e3256d66c26ffa3028564ff01615d9158a5f4a7b5
bae063124817c5b86f1b1be1a202b2984dea66414773cffe6f93ad1e3655ce4b
bafd08ba5b0d7223838f66c685211bd31839d91b2b2add78e177016c6d5d26f2
bed84ff7ddc641364c81a6f08decd9945025ac7f070fcae9dc516edceefd0bc1
c11b9a046106f278a5fb5411e95c1ba5d6f06daf9e4bfa98da51c523e4157388
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c5da057fac8cb4f344984accecabdc3d675c961d07548fcc9984dc11a4c4b117
c6bc05c420f4f6814defcc0ad232f46482fcfc9e6f6af0ac740306e352b2ab73
c731e9c3c9a4c2ca4638fdaacacdf19ee9ab70ef6e88751ee5c0396d91de31db
c7e86146e06562a96c483080700fad98a586aefcf762385e1900cf77a14546e1
cd819666328c67c7d75b232a43debccd28c51b7a71902c5939de91d8522d997e
cf33d191787caccfdf9a7ea60d0ef9938ed46821c146c4d42abd78f56a6d1a31
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32
cf830a73d4361d861f477d9d2cdab9bbd5a4acf8b2fca26c0099fd9d2914d36b
d4c17c831f8689889bee1e1e1ff420815a6740e9f28ab83eddaeeabc3d90efe2
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d84a123811bd2d2ce924417daeb7a4e2622259ee306fc9c9e78182c8fe4319c4
da095aa76b97bf5ea98eb3edf1b637f92318d6b262c11d61428479526c9d5f90
da535028787edcb1f2c0d4a2c778fbdd166974505e578ad2237a4e7eae8488b1
dbd4dd75eeb8646ebb99897f3538de2d7d6ba7e4fe128c6b05273194cd5e3ef0
dea0a65c803406d9e1e52b87dfc8c0e22ea8d17121677899c9b0819c20d39a32
df2f1b708c0dcd1b45b7924c9ee58a8374301fab275d46ea6b846ebddc0f67df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73908f95ac446e81fd422262462db3b34bafe0adbe828bc91f9f46292f7394d
e8b9fb7d2ec2040fa5e01bd2eedfeacb285919f6e7269050ba84bff377748345
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65
ec85daec905c0c74609903f50693b2851b87af14053b2afa6b108c9ec53f89ea
eeb4b205fe98a7dead88c8c20b375805984c314bf811c2b69a50b7fbf0d7975d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f59151e27c8c8df5cc15992c2609fbdfc259c01c46568bff0c44d45f62559e1a
f758aa731cb86c4be4f32ccb624388eac32974a41c0cd064bae98350af6581bc
ff3ae511ad442902d07cda794ab776342099fc909a06e630b758bd9a99109b50
ffda1f0713985e0d5a18db1691bd4b7e7b1351827e86c86505ed3a8fcfff8f0e

chicago.suntimes.com Open in urlscan Pro 192.0.78.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

95 %HTTPS

43 %IPv6

32 Domains

49 Subdomains

43 IPs

4 Countries

2378 kBTransfer

6160 kBSize

17 Cookies

33 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chicago.suntimes.com Open in urlscan Pro
192.0.78.12 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

95 %
HTTPS

43 %
IPv6

32
Domains

49
Subdomains

43
IPs

4
Countries

2378 kB
Transfer

6160 kB
Size

17
Cookies

166 HTTP transactions
1 data transactions