chicago.suntimes.com Open in urlscan Pro
13.32.99.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://chicago.suntimes.com/
Submission: On February 17 via manual (February 17th 2023, 8:19:50 pm UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 28 domains to perform 139 HTTP transactions. The main IP is 13.32.99.57, located in United States and belongs to AMAZON-02, US. The main domain is chicago.suntimes.com. The Cisco Umbrella rank of the primary domain is 106091.
TLS certificate: Issued by Amazon on March 31st 2022. Valid for: a year.

This is the only time chicago.suntimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	13.32.99.57 13.32.99.57	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:11a... 2a02:26f0:11a::217:9a58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	18.66.147.92 18.66.147.92	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.15 18.66.122.15	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:8f26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2606:4700::68... 2606:4700::6811:b9b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:600... 2600:1f14:600:6e02:f9b1:1ca1:8ea1:9c3c	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.85.39 13.225.85.39	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:11a... 2a02:26f0:11a:398::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:b6b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
20	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.36 13.224.189.36	16509 (AMAZON-02) (AMAZON-02)
1	54.231.193.185 54.231.193.185	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	143.204.94.230 143.204.94.230	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.175.79.87 54.175.79.87	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:402::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700::68... 2606:4700::6810:f015	() ()
139	40

3 13.32.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-57.fra60.r.cloudfront.net

chicago.suntimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:11a::217:9a58 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.66.147.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-92.fra60.r.cloudfront.net

cst.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-15.fra60.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8f26 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:600:6e02:f9b1:1ca1:8ea1:9c3c (Boardman, United States)

ASN16509 (AMAZON-02, US)

aamapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:11a:398::268b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-36.fra2.r.cloudfront.net

cdn.wbez.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.193.185 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b31817dc37740bca5121a185a6be6713.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-230.fra50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.79.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-79-87.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:f015 (None, )

ASN- ()

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	187 KB
16	brightspotcdn.com cst.brightspotcdn.com — Cisco Umbrella Rank: 115515	362 KB
15	googlesyndication.com b31817dc37740bca5121a185a6be6713.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	370 KB
12	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 7364 cdn.tinypass.com — Cisco Umbrella Rank: 5243 buy.tinypass.com — Cisco Umbrella Rank: 8610	191 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	185 KB
7	piano.io c2.piano.io — Cisco Umbrella Rank: 3944 i.piano.io — Cisco Umbrella Rank: 26575 api-esp.piano.io — Cisco Umbrella Rank: 12060	76 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4559 p1cluster.cxense.com — Cisco Umbrella Rank: 7785 comcluster.cxense.com — Cisco Umbrella Rank: 5438 id.cxense.com — Cisco Umbrella Rank: 10365	78 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 577	183 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	40 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 477	58 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	223 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9006 www.google.de — Cisco Umbrella Rank: 6232	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	122 KB
3	suntimes.com chicago.suntimes.com — Cisco Umbrella Rank: 106091	60 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 671	457 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 927 id5-sync.com — Cisco Umbrella Rank: 396	18 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	260 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2558 p1.parsely.com — Cisco Umbrella Rank: 1932	21 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 12281	114 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	29 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1014	407 B
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 15449	448 B
1	wbez.org cdn.wbez.org — Cisco Umbrella Rank: 228670	370 KB
1	aamapi.com aamapi.com — Cisco Umbrella Rank: 34987	180 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	66 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 7070	3 KB
0	googleapis.com Failed fonts.googleapis.com Failed
139	28

	Domain	Requested by
20	cdnjs.cloudflare.com	buy.tinypass.com
16	cst.brightspotcdn.com	chicago.suntimes.com
10	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
9	securepubads.g.doubleclick.net	www.googletagservices.com htlbid.com securepubads.g.doubleclick.net chicago.suntimes.com
8	tpc.googlesyndication.com	chicago.suntimes.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	use.typekit.net	chicago.suntimes.com use.typekit.net
5	api-esp.piano.io	cdn.tinypass.com code.jquery.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com chicago.suntimes.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	connect.facebook.net	chicago.suntimes.com connect.facebook.net
3	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	www.googletagservices.com	chicago.suntimes.com securepubads.g.doubleclick.net
3	chicago.suntimes.com	cst.brightspotcdn.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.facebook.com	chicago.suntimes.com
2	htlbid.com	chicago.suntimes.com
1	code.jquery.com	api-esp.piano.io
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	chicago.suntimes.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	b31817dc37740bca5121a185a6be6713.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ams-pageview-public.s3.amazonaws.com	chicago.suntimes.com
1	cdn.wbez.org	buy.tinypass.com
1	i.piano.io	buy.tinypass.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	p1.parsely.com	chicago.suntimes.com
1	c2.piano.io	cdn.tinypass.com
1	cdn.parsely.com	www.googletagmanager.com
1	aamapi.com	www.googletagmanager.com
1	cdn.tinypass.com	experience.tinypass.com
1	experience.tinypass.com	chicago.suntimes.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	chicago.suntimes.com
1	www.npttech.com	chicago.suntimes.com
0	fonts.googleapis.com Failed	chicago.suntimes.com
139	44

This site contains links to these domains. Also see Links.

Domain
elections.suntimes.com
graphics.suntimes.com
legacy.suntimes.com
ads.suntimes.com
marketplace.suntimes.com
jobs.suntimes.com
hiring.suntimes.com
www.publicnoticeillinois.com
marketing.suntimes.com
paper.suntimes.com
suntimesdeal.com
stmiservices.newscyclecloud.com
newsletter-hub.suntimes.com
secure.iwantmytvmagazine.com
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
origin.cst-web.production.chorus.brightspot.cloud Amazon	`2022-03-31` - `2023-04-29`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
htlbid.com Amazon	`2022-10-21` - `2023-11-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-27` - `2023-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
aamapi.com Amazon RSA 2048 M02	`2023-02-07` - `2023-04-22`	2 months	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.wbez.org Amazon	`2022-07-26` - `2023-08-24`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://chicago.suntimes.com/
Frame ID: 46CC5E53AAF54457F8A69EC4DC6AD5C9
Requests: 88 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTGVH4DT5J8J&templateVariantId=OTVOAK7NFMRCZ&offerId=fakeOfferId&experienceId=EXAOCV4EWOKD&iframeId=offer_1c5e9d31c17f72d951d5-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Frame ID: 43EBF85B76605ABCB8298329F416A326
Requests: 15 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTB4K7PD0YPC&templateVariantId=OTVCJUHDW6X4E&offerId=fakeOfferId&experienceId=EX1D2W8H4X2F&iframeId=offer_97f1666a773d7b955d13-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Frame ID: 1A52710AB853302F594DC4B9FAD6297A
Requests: 14 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 979AAF89E1977756668A427A68FB1691
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E36E069B19D1DA4AF49E7E31228C4656
Requests: 1 HTTP requests in this frame

Frame: https://b31817dc37740bca5121a185a6be6713.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 611DD1716C1C034E5AF9D30E3D744F8D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqry9xsxDZPZMVXyqBj-fVE-0efhaZ4PgkfUp8aZ1alyif8kjS6bwYe1QFYKR9pT4rWjLRahS_1e7ezsYMkzdW5Pi-1Cegq2FvDjPgJeX1hNijgn57hBNDXF6fCqMUdoFrJ6pdzp3cpeM5ODeXpT-KYr_tEA6DMJu0lzA7WrhyLWlMnMz59SiU8x_Voel4zU4LUK0k6HfZBME80bT7ZJ38w0Kkckby4fLX2JbHUhACVxabMs6ggpvjxIkLVrPt5WFQwIEa2bgMrnoadZ8k6ptW_MIkdMDBmT7o8P0sWRMWgsVfRMuQKmj1yphkmghNfZGpdypiUN6V8bngw0u0KVAJ9_Llc7EXDnMB46sia95MKwv2w5U&sai=AMfl-YTKsBXVScBunkQVTwgH2c2xE3VdacOd2v7F1yFUFHQrZcuL3HAQjFJxNY_PmKEqTislNRH0nNb1_BUCuhEuYzEW2cIMKt22qL-QltpKMn5RZj0g7MuBf4UoSos_vg4joG57pVgLPxD2CjlfN_KY&sig=Cg0ArKJSzOh_tdxj2sOzEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0EA8CF6D72F34FCE6413B9307E618B93
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLNnIJMD-zBKG1U0jdCUyxh4D2kwiqURwDodAU50U_5fCiItCyvfHeJ6dA34nOTPtBUGQDlRdcmAJsW5yH3uGFeDPnhwmZ489JzY7RhV68-Zix8-Z7WfuxHdVNqQ-hxw8GsnNTzfdykIEcvinmDHWIp8h0EGxMisDurF9-0B9vEVSABpN4urQtoRdacoRL7U_Up7xeiHI--PUSQVtRWWcNXu7SLMR8D6-hC-FlPOrKjQlYN_SVBXk68OjxL2S4hhVICAi5VHSfgH98ETyyorOEjVdnHnlWXNICrk4_yA0RdByIKUysKIH4CvqyPS62veOcZzPkMHi870qcKPyUMvPtG4GpSt2v2g0gPSkZhGbMKyg&sai=AMfl-YRuVtd_eAxF9fmbQ7n-q1dbX_CNXPfCqtF04-pxoy7daLdzWycWKce_7A6eDRGUvVsqzI_WzovQzsZS6oCcDHwOz6AcA6dBdchTtnmjwGU3bb03FkOX5dy2IP6HKO0&sig=Cg0ArKJSzBsJ1Ssn9JaLEAE&uach_m=[UACH]&adurl=
Frame ID: 78E2F304F654E8AA86872539FC98E731
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83697BF44FAD693D5603596FE2848C96
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2F7CA1610AC841A6B31C5AE0E150304D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chicago Sun-Times: Chicago news, sports, politics, entertainmentclockCST_

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

139
Requests

99 %
HTTPS

67 %
IPv6

28
Domains

44
Subdomains

40
IPs

6
Countries

2762 kB
Transfer

6703 kB
Size

24
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://elections.suntimes.com/
Title: Chicago Elections Voter Guide

Search URL Search Domain Scan URL

URL: https://graphics.suntimes.com/chicago-city-council/
Title: City Council Directory

Search URL Search Domain Scan URL

URL: https://legacy.suntimes.com/us/obituaries/chicagosuntimes/browse
Title: View Death Notices

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/obits/index.html
Title: Place a Death Notice

Search URL Search Domain Scan URL

URL: https://legacy.suntimes.com/obituaries/chicagosuntimes/
Title: View Death Notices

Search URL Search Domain Scan URL

URL: https://marketplace.suntimes.com/cst-marketplace/
Title: View Classified Ads

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/cstclassified/flow.html?_flowId=adportal-classified-flow&action=jump
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://jobs.suntimes.com/
Title: Find a Job

Search URL Search Domain Scan URL

URL: https://hiring.suntimes.com/purchase/post-now/
Title: Post a Job Opening

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/cstclassified/flow.html?action=jump&_flowId=adportal-classified-flow&categoryName=Retail&classificationName=Retail
Title: Place Small Business Ad

Search URL Search Domain Scan URL

URL: https://www.publicnoticeillinois.com/
Title: View Legal Notices

Search URL Search Domain Scan URL

URL: https://marketing.suntimes.com/post-a-legal-notice
Title: Place a Legal Notice

Search URL Search Domain Scan URL

URL: https://paper.suntimes.com/
Title: E-Paper

Search URL Search Domain Scan URL

URL: https://suntimesdeal.com/Offers.aspx?Zip=60607&PriceType=1
Title: Get Home Delivery

Search URL Search Domain Scan URL

URL: https://stmiservices.newscyclecloud.com/cgi-bin/cmo_stm-c-cmdb-01.sh/custservice/web/login.html?siteid=CST
Title: Manage home delivery account

Search URL Search Domain Scan URL

URL: https://newsletter-hub.suntimes.com/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://secure.iwantmytvmagazine.com/order/zipcode/1
Title: Manage TV Weekly account

Search URL Search Domain Scan URL

URL: https://twitter.com/Suntimes
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thechicagosuntimes
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvU3ALK4osa_RV4znIToB2Q
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/chicagosuntimes/
Title: instagram

Search URL Search Domain Scan URL

URL: https://elections.suntimes.com/quiz/

Search URL Search Domain Scan URL

URL: https://elections.suntimes.com/questionnaire/

Search URL Search Domain Scan URL

URL: https://marketing.suntimes.com/media-kit
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvWcmqwlLLVV0GyIFmMG_gLeT0t5iri6W1nEzlO9OuZsY9ghuGX3Ert74fAKjBQ7jFtbeNxckcLdz3VNqOnbRj5TCt2lP-lkO-XpmEjPzlWjBdSJHyXeIxRKW8GpwI_BWKlpOatk9uGVNALCikwzTGOBu7tfMgL1IFJjnTaa-iYyCbFhvKb4s8ybi-L47nVOe5fTfNil2j7g4LrMhEfxSoL4PWiimal-o3GBIxWOurX364Xp306Cq_AhneptLt6VO6Yvb0--1jq2Xv0VfSWjGitWixuvebOYTaSeb0cGyE3LHzQPQazwfJ3XAOWI0Lz0K58clQq50xtOqJpTlp1Ksr100Ea1CnrR3X32R7a6bQ&sai=AMfl-YTYI5fng9RemqONmzeyOyfxOdhPHwnivJ0kZnWDj5xpPZVT6JKfrw2G1WplGBKaPe5oJEP_pO39amyW2xQKDxlYdzQ4tmKUT2hwhEG8ffizY8kWn9EGFUm1gYrvEmlQhFl8JdmpHk2qCHnII9mn&sig=Cg0ArKJSzNYXeHz0rDAOEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.ticketmaster.com/bruno-mars-tickets/artist/1466801%3FvenueId%3D376930

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

139 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
chicago.suntimes.com/ 359 KB
48 KB 112ms
31ms Document
text/html 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

istio-envoy / Brightspot

Resource Hash

4fbad5d9bd036213ecd6f005492d7b05f8342f1bb5c0d37395185e218550601e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 265
content-encoding: gzip
content-length: 48931
content-type: text/html;charset=UTF-8
date: Fri, 17 Feb 2023 20:15:16 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: urG0r40fusOHOMP0vWIaYF_4DJpkv2k25x8NbwNSyGPn46cssdNJCg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-envoy-decorator-operation: brightspot-cms-verify.cst-web.svc.cluster.local:80/*
x-envoy-upstream-service-time: 732
x-powered-by: Brightspot

GET
H2 200 qzq4qkv.css
use.typekit.net/ 5 KB
1 KB 229ms
34ms Stylesheet
text/css 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qzq4qkv.css

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 17 Feb 2023 20:19:43 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 890

GET
H2 200 All.min.858122a877a69398c737fb540ecf080e.gz.css
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 328 KB
39 KB 109ms
27ms Stylesheet
text/css 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.858122a877a69398c737fb540ecf080e.gz.css?v=1212
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51f5d801f68f728dc54c54e314ee3f8e175f2ea27754cf3e5fbbfb86801e5e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 17:34:56 GMT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Wed, 18 May 2022 18:47:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 5021087
etag: "08cf48a243647e998a82e9d032152bc9"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 39427
x-amz-cf-id: LyAzE5ihKctEVLgE1UonvvGBH6rfQ4--GsG_zP2VXO3q3C65COsUfQ==

GET
H2 200 webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/ 2 KB
1 KB 105ms
23ms Script
text/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 03:52:31 GMT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Tue, 08 Feb 2022 15:26:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 5416032
etag: "15a442be7d06ec40170c3c91ac824065"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 999
x-amz-cf-id: MzRqBGp6Lj_w7s7glQkb_yVr4K9z6tEK2J9FCy07vJYUY7gcKSYRJA==

GET
H2 200 All.min.7891b8b08d6f288cab9ef1a568cd8f00.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 244 KB
74 KB 25ms
25ms Script
text/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.7891b8b08d6f288cab9ef1a568cd8f00.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62244150f04d7ec797bb671232e59083db031f026e3bdee84599678163fa399e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 17:51:43 GMT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Wed, 20 Apr 2022 18:51:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3896881
etag: "58867d41916224e181742cce811b6aea"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 74916
x-amz-cf-id: a84R9CDZfgU6biJnNHPwQckBruihde1Spi7Xe-kp9L9HUpDAEvM6Qw==

GET
H2 200 htlbid.css
htlbid.com/v3/chicago.suntimes.com/ 6 KB
978 B 501ms
418ms Stylesheet
text/css 18.66.122.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.css
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f13e80168acc715f3efb124839ebfb24de1597fdd4138b90517a58d04d6628ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 14:16:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"18c35f674543e5421de6af3568d4ab44"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: rXhZG383XzRFXQLdGgkJKw4GVi-W5GN14ZoJ7Hkx7nauRo6n_G0wrg==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/chicago.suntimes.com/ 508 KB
113 KB 425ms
425ms Script
application/javascript 18.66.122.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 882ff47b8bfe5bf2ca39503d05f91d42cb012d38fc22d8a6639d9422c3953a68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Tue, 01 Nov 2022 14:16:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"1d55eda230feb77e6da074280f184e3a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: 6_ong3VDRFJZBvfAcXM535k9ea8xR9a1ttGW2SUeUGWXT5MmOWwXVg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
26 KB 104ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309445f3112b2443409fca2540b7a15c93c8b98e6725a867192023b64f7e6286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26573
x-xss-protection: 0
server: sffe
etag: "1486 / 24 of 1000 / last-modified: 1676635697"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Feb 2023 20:19:43 GMT

GET
H2 200 ctimes-logo.svg
cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ 3 KB
3 KB 28ms
24ms Image
image/svg+xml 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ctimes-logo.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 21:53:17 GMT
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:50:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3882387
etag: "e87f670b52b097530289da1acb82568e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2576
x-amz-cf-id: MOdQWnYNEpIr6I5VlMxbLUfD77ZwXPPkvGdNEzA9llMMhxeBtCKwyw==

GET
H2 200 logo-mobile-cst.svg
cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/ 1 KB
1 KB 32ms
28ms Image
image/svg+xml 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/logo-mobile-cst.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:53:07 GMT
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:52:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3777997
etag: "872e5a087c60467941e5d72da5703323"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1182
x-amz-cf-id: 0a6zDq3So9p2K1w4d6wHJOd_ddaICxyfIQaxV0a86NZPTNnN2OM7rw==

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/da77e46/2147483647/strip/true/crop/1782x1000+109+0/resize/490x275!/format/webp/quality/90/ 31 KB
31 KB 29ms
25ms Image
image/webp 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/da77e46/2147483647/strip/true/crop/1782x1000+109+0/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FjqbitzzBbCyHrrKdQndAfsXsAm8%3D%2F0x0%3A2000x1000%2F2000x1000%2Ffilters%3Afocal%281000x500%3A1001x501%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24401737%2Felection_hub_hero_2000x1000.b8350298.png
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: a5ab63d1d5f57234ffae2a29d9ed1f1c5afc67f7cb4e268c726f914585913c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:14:40 GMT
x-envoy-decorator-operation: brightspot-dims-verify.cst-web.svc.cluster.local:80/*
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P4
age: 1389903
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 77
content-length: 31270
x-amz-cf-id: n8GRy9HRP1iR65mhpkBQK09HzPmh_S2prhTNcSkZXLxL64LsqtYGxQ==
expires: Thu, 01 Feb 2024 18:14:40 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/cc69dd3/2147483647/strip/true/crop/914x513+0+90/resize/490x275!/format/webp/quality/90/ 27 KB
27 KB 28ms
25ms Image
image/webp 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/cc69dd3/2147483647/strip/true/crop/914x513+0+90/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FO9ZlICwSE_InnNWM0NBghuT6xhY%3D%2F0x0%3A914x816%2F914x816%2Ffilters%3Afocal%28498x346%3A499x347%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24396246%2Fquiz_blob.00ba03fb.png
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: f98bbc13c728ccc5eea44c23b7478f9fa1399a3dadc5961413b0040cb59a89fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:58:56 GMT
x-envoy-decorator-operation: brightspot-dims-verify.cst-web.svc.cluster.local:80/*
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P4
age: 1563647
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 62
content-length: 27456
x-amz-cf-id: 1hB0G2ylXoZnUZArbhHYXpGiEUsHoIG7uFpf2_i-rsdeUPaqG4CvMQ==
expires: Tue, 30 Jan 2024 17:58:56 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/edc8332/2147483647/strip/true/crop/1056x593+0+49/resize/490x275!/format/webp/quality/90/ 21 KB
21 KB 32ms
28ms Image
image/webp 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/edc8332/2147483647/strip/true/crop/1056x593+0+49/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FlXNcutgw5GwiYtW0nI0mSrzB5Ag%3D%2F0x0%3A1056x689%2F1056x689%2Ffilters%3Afocal%28528x345%3A529x346%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24396242%2Fquestionnaire_blob.aad90b15.png
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 52af2c5175656c54f006fbcf39f7777cd5d337402ef25dd0dab2e11ee7e6a343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:55:25 GMT
x-envoy-decorator-operation: brightspot-dims-verify.cst-web.svc.cluster.local:80/*
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P4
age: 1563858
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 57
content-length: 21392
x-amz-cf-id: MvnA0qpnboFXBMa5IA-yetXyeFaSXiOfYLFYUWYGbnnX6C-MwdP1sQ==
expires: Tue, 30 Jan 2024 17:55:25 GMT

GET
H2 200 ctimes-logo-inverse.svg
cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ 3 KB
3 KB 30ms
27ms Image
image/svg+xml 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ctimes-logo-inverse.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 18:02:29 GMT
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:51:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3896235
etag: "adb236ef72a30b7d3eefd7c947693d02"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2862
x-amz-cf-id: NpQp7RiwyTavFnsTdxLqnXsGbvlDl9879au1cPhWE0sfzhnk7dmbug==

GET
H2 200 bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/ 9 KB
3 KB 23ms
22ms Script
text/javascript 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:53:07 GMT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Thu, 10 Feb 2022 19:08:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3777997
etag: "c066757a8992615b576ac565d39d182d"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3003
x-amz-cf-id: OGGa1af3nYQlp1m3jf-fnT6jWiVb1i0UjPfNtvLvl9MpfPH5Uy2z_w==

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 98ms
29ms Script
application/javascript 2606:4700:e2::ac40:8f26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y3P97VFAEKFETTA8
age: 3636
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: K09r06OOLNgHrTNgVihUvXgtEjH2Qu08LBMifbpeZiS7Qbo6fvEpvDDYGtmHiFzbo82NgW3u7H0=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuKB9BpwAWtjyV94WuJU%2FnX10NsAmrLATNlreKYnSTP0h%2FcJPwtLUZNy69yMbRCJJ%2FKPp6Ucks1J1rB6LZ7fMjkro6hD%2BVr1JRpy0Tj7wKl2pPUH8CaCGT5KLsFN4OWYzfWLLFBsthksjFnPpfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 79b1383419f0361e-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 89ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1331fe7f5e30b57db5471582da4b5846bb08d122614f4ce7836364bc19cffa72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 20:19:43 GMT
content-md5: +DqIPIrJ3xXQsXog3v4eYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: hXFeDWtHZVnD4FV+ZMqlj0ZIIqYDnEcJxdxrs25YkBxQfMnVUP9E7yB/J2G9RmytDT2JkInWEMDdxKdtBCui+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
x-fb-content-md5: 53a81e66306999ae109f100c964f177e
cross-origin-opener-policy: same-origin-allow-popups
etag: "e6ab932347d2011eaae63f38bf5178e4"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 17 Feb 2023 20:32:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
66 KB 107ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c78d2d94f852b1f338f922ac75f95154e0a08735369376625de3a357d0481f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67222
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 20:19:43 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 194ms
40ms Stylesheet
text/css 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1526da8f25d1beb20238eb04e99aaf13e4a77c2b534d246229fb7eceadaeda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 5 KB
2 KB 102ms
44ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8572450f390cda56ec83f6a4094901b012c4f3b3ebbe5ddcade91db1a5f96ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
date: Fri, 17 Feb 2023 20:19:43 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 20:01:24 GMT
server: cloudflare
age: 1099
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 79b138341b009128-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: rwt5c33fdz
expires: Fri, 17 Feb 2023 20:49:43 GMT

POST
H2 204 _track Show response
chicago.suntimes.com/ 0
336 B 304ms
304ms XHR
text/plain 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chicago.suntimes.com/_track

Requested by

Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-decorator-operation: brightspot-cms-verify.cst-web.svc.cluster.local:80/*
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 2
x-amz-cf-id: hfZ4vjj3JWVjYmuuBO89WE9ciVNnMcAiuOP1AI7iFfh8pMCLJ7X1Vg==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 56ms
30ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2c6af62ad7185656d0001d6ae7dec923

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07629114a900c969e9fca73ccfe6e479ee37c29227be86204186ed096f6117cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 20:19:43 GMT
content-md5: iS04QdSfkKYt+PReuovzhw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87019
x-fb-rlafr: 0
x-fb-debug: en06vG6KwojOj34KkJR3E0yzMAbJ/wdnB1PDIAN+YMbOPMcC3NKjBFGBoKllSgbduFVSJ9GFeJeT29cslP6bjA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 79c0451a206f9bcaf03618342e0fc67a
cross-origin-opener-policy: same-origin-allow-popups
etag: "0a111fdd0d99bafb81fcb4c5bc2efaab"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 17 Feb 2024 17:39:57 GMT

GET
H2 200 pubads_impl_2023021401.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 185ms
39ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132139
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 17 Feb 2024 12:09:54 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 478 B
772 B 207ms
69ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=chicago.suntimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d12ccd5032b108dc58294f1ce7dac565ab3e826a9ad99cd4ea7a83f99187af7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 230
x-xss-protection: 0
expires: Fri, 17 Feb 2023 20:19:43 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 340 KB
100 KB 68ms
44ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f393aab53c32ffc66f17c7bcfaba48bdf2a0c4eb42c44492231b9d761649b078

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
x-amz-version-id: HkwlJYDHCXoYcG8mKbniNirlL1gIp.jm
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: RT584Y9JBF1PZGPQ
age: 1315
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 41Yd+xUqFJs7mBcUWMkfpR6CHavq6yYyK7Ep4+SOfYZYziGeHNExeB7WOjwQOgM8mnemdCYuYvMB78WK6Urpsw==
last-modified: Fri, 17 Feb 2023 07:55:53 GMT
server: cloudflare
etag: W/"352d56057c9869e91d4b7dd4207608d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 79b13834cc1f9128-FRA
expires: Sat, 18 Feb 2023 00:19:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
27 KB 26ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 20:19:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Mn5tpOLCsioduDk0iet5GZU/JPv3LChdggnelFgQUBORoYzflLRL4aAC8u5gzqac4be3UnbDH03xKfdKJwunaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 init-5464ro4xhfzswgo4m2d.js Show response
aamapi.com/api/ 1 B
180 B 544ms
179ms Script
text/javascript 2600:1f14:600:6e02:f9b1:1ca1:8ea1:9c3c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aamapi.com/api/init-5464ro4xhfzswgo4m2d.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:600:6e02:f9b1:1ca1:8ea1:9c3c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Fri, 17 Feb 2023 20:19:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: openresty
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 87ms
29ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 20:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 293
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Feb 2023 22:14:50 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/chicago.suntimes.com/ 57 KB
21 KB 130ms
25ms Script
application/javascript 13.225.85.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/chicago.suntimes.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-39.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: ba8fc36506923e6c20528790a775d2c3d320b6ed9bedd5d555fd12231ca7575e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: public
date: Fri, 17 Feb 2023 11:04:22 GMT
content-encoding: gzip
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified: Tue, 20 Dec 2022 17:29:35 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 38082
etag: W/"63a1f0ff-e28e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: _t5kUIMVA_utOxqMSkHDaXafteL_PX2L_bM2YLDsDYgxpLxuTlLTzQ==
expires: Sat, 18 Feb 2023 09:45:01 GMT

GET
H2 200 l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ 39 KB
39 KB 135ms
37ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
server: nginx
etag: "aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39712

GET
H2 200 l
use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/ 38 KB
39 KB 130ms
33ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
server: nginx
etag: "9a0ddb2a9b3aa5e4eb0cc25f50e612d5ae59958a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39344

GET
H2 200 l
use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/ 39 KB
39 KB 167ms
73ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
server: nginx
etag: "788f540305918e8b77e6fded33fe357dbe2b001f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39616

GET
H2 200 l
use.typekit.net/af/e4c172/00000000000000003b9ae796/27/ 28 KB
28 KB 158ms
65ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e4c172/00000000000000003b9ae796/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 13ede502e0cbc1bc012baecd396efd9fff1f1c4ba00956cd33a3f93880515c89

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
server: nginx
etag: "d08cad0b472793519d07d009e36d665f81045768"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28448

GET
H2 200 l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ 37 KB
37 KB 192ms
100ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
server: nginx
etag: "cea691f813baff9c459e093daf1ff69d154fedc0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37980

GET
H3 200 146698685967099 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 31ms
27ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/146698685967099?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b489a0b7282eb0ac2f6b3bd61811f2bb4bb4f6061e82119f936ef2d6bf8d6df

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Feb 2023 20:19:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110230
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kj2cvO+z0TKDL0G5n4RSlLUEK9J4o8l0OgfsmXjrkHr9xjF1oqBPEAXclv19GOjbonOWIp5h9OsxS0h3BPebsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 190ms
35ms Script
application/x-javascript 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 20:19:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Oct 2022 14:05:13 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5959
Expires: Fri, 17 Feb 2023 21:19:43 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 29 KB
5 KB 234ms
165ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=FV0czWAOfe

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6cb507fa649d0d1cc10e539c965193844ba86e13b98f72c21253d22b6c967b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: mhdl30sfye
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 79b138360c9b2c75-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 101ms
99ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa82ffe7d18b08594713ba08b04f08afda85476583d9d2b3efa1be8336b8ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26580
x-xss-protection: 0
server: sffe
etag: "1486 / 300 of 1000 / last-modified: 1676635784"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Feb 2023 20:19:43 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 219 KB
54 KB 343ms
77ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ea92c04c03d7da0e4608664dfb06b8bcf85ac91e2f58a8b984620247f447cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 19:59:27 GMT
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront), 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 21:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1, FRA2-C1
age: 1217
x-amz-server-side-encryption: AES256
etag: W/"0b8b1ce84f37b3852d15570cccfe1752"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: OrpHxHMfTEPifMpHErRl0mtT5FZztSAUkWqBEBwTZCA47_eSZdcvCQ==

GET
H2 200 442.956d98bce5bc8c0a4b03.js Show response
chicago.suntimes.com/ 42 KB
12 KB 35ms
34ms Script
application/javascript 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chicago.suntimes.com/442.956d98bce5bc8c0a4b03.js

Requested by

Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.7891b8b08d6f288cab9ef1a568cd8f00.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

89492bc48602cb9a326b8074757ce2d4a953b5f6f6264a11e82e32568760ac63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 03:22:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-envoy-decorator-operation: brightspot-cms.cst-web.svc.cluster.local:80/*
server: istio-envoy
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 15181041
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 29
content-length: 11338
x-amz-cf-id: oU2a0hxA8Fk2AEdjz7z4FxL3dYDAILH-1XqaQoVCCxhUp5uVuosf7g==

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/eb886ed/2147483647/strip/true/crop/1800x1189+0+0/resize/840x555!/format/webp/quality/90/ 94 KB
95 KB 27ms
26ms Image
image/webp 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/eb886ed/2147483647/strip/true/crop/1800x1189+0+0/resize/840x555!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FrmpBkMQbZO_87YxovsrgHpXFeq4%3D%2F0x0%3A1800x1200%2F1800x1200%2Ffilters%3Afocal%28908x516%3A909x517%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24438084%2FMISSING_021723_07.JPG
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 04a224b8c917a07924aa2991cc3fd755334b4bc5c73e44ed78a2374e48a6fb0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 14:06:54 GMT
x-envoy-decorator-operation: brightspot-dims-verify.cst-web.svc.cluster.local:80/*
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P4
age: 22369
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 138
content-length: 96400
x-amz-cf-id: oIVk3jY4Uy014Ym28x8Uf6hXmTPWdwCjN4w0kdBDT8wyeAqDymC6Ww==
expires: Sat, 17 Feb 2024 14:06:54 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/48d12b7/2147483647/strip/true/crop/3000x1684+0+158/resize/490x275!/format/webp/quality/90/ 23 KB
24 KB 26ms
25ms Image
image/webp 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/48d12b7/2147483647/strip/true/crop/3000x1684+0+158/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FiTBrikA0lJpm-otp86qNFCZkKsM%3D%2F0x0%3A3000x2000%2F3000x2000%2Ffilters%3Afocal%281500x1000%3A1501x1001%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24438628%2FQUAKEVIGIL_021023_7.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: c7e1c94859857c91218133829b77ef3885ab00531ba90becb02015815eb84487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 18:13:09 GMT
x-envoy-decorator-operation: brightspot-dims-verify.cst-web.svc.cluster.local:80/*
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P4
age: 7594
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 165
content-length: 24010
x-amz-cf-id: Nxxq4YV3XubVXNu_PLUsBDRnL4X1gqK7uOr-qZJAABbhKZepskhDMw==
expires: Sat, 17 Feb 2024 18:13:09 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/73e4f6e/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 12 KB
12 KB 26ms
25ms Image
image/jpeg 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/73e4f6e/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FmHAjjowGfBQe6R1JmG0V5UDVOqI%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F195447%2FCST-WBEZ-093021-8.0.jpeg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 243c9a872543f449341624ea57626836cfdf18b469b9b22539dff804fb400520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 23:19:10 GMT
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA60-P4
age: 17701233
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
content-length: 11990
x-amz-cf-id: gRG-WF1O--lpHXEjRR2hWfsa3q78n0V_JOaE9Qg2bdz1Df55em4dkQ==
expires: Thu, 27 Jul 2023 23:19:10 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/a5511f5/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 8 KB
9 KB 24ms
23ms Image
image/jpeg 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/a5511f5/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FRH1ltVIjbom7vH1huNGpzk198zA%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F196189%2FPhilippeLargent.0.jpeg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 2f8bdd6bc0d8b9a67b1cde37385fa944d7487295310328a50c466115578f5d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 16:51:36 GMT
x-envoy-decorator-operation: brightspot-dims-verify.cst-web.svc.cluster.local:80/*
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P4
age: 98887
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 30
content-length: 8325
x-amz-cf-id: 8GNKZfk3ctaTmh8GQ424z_rrXIgxbnqf7U-uIsf7_WAoy7bHUIzASQ==
expires: Fri, 16 Feb 2024 16:51:36 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/b0b278c/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 7 KB
8 KB 33ms
33ms Image
image/jpeg 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/b0b278c/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2Ffx6ffxsqRKCr9WVk5SEiuN_CW1Q%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F192540%2FNeil_Steinberg.0.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 86fde260a0f61a358a031ad9dc81608230df4842cfb4364d9645febfbbc15e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 30 May 2022 09:18:55 GMT
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA60-P4
age: 22762848
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
content-length: 7539
x-amz-cf-id: OlOkrMNdsnWlWYgnYv7wvF22c7mh1o5R9ef5GEL-BGZmu-2IXCwBmw==
expires: Tue, 30 May 2023 09:18:55 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/3622215/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 11 KB
11 KB 34ms
34ms Image
image/jpeg 18.66.147.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/3622215/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FCHUJnk9jo9F7vc_qUMlKQ8gVZ-Y%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F194849%2F11-1_Stewart_Tyrone05_8..0.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-92.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e1df7093f3e1c27551a47f5484ed052303c37f06e39114e90efe0a7a42a29ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:45:09 GMT
x-envoy-decorator-operation: brightspot-dims-verify.cst-web.svc.cluster.local:80/*
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P4
age: 84873
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 23
content-length: 10758
x-amz-cf-id: Th7muyhID7xcnfY77IdRebx2nRRiZ0GQ1s28pUK6-wt5waTh3jiOOA==
expires: Fri, 16 Feb 2024 20:45:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 36ms
35ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1030994329&t=pageview&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2F&ul=en-us&de=UTF-8&dt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1447766752&gjid=1331226696&cid=1678049882.1676665184&tid=UA-52083976-6&_gid=362216139.1676665184&_r=1&_slc=1&gtm=45He32f0n81PRHXFPN&z=1556521224

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 20:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 77ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146698685967099&ev=PageView&dl=https%3A%2F%2Fchicago.suntimes.com%2F&rl=&if=false&ts=1676665183757&sw=1600&sh=1200&v=2.9.96&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1676665183756.1361093687&it=1676665183532&coo=false&rqm=GET

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Feb 2023 20:19:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 312ms
49ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1676665183790&plid=f338329f-3f03-441d-83c8-e11723dc5c60&idsite=chicago.suntimes.com&url=https%3A%2F%2Fchicago.suntimes.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fchicago.suntimes.com%2F&sref=&sts=1676665183781&slts=0&title=Chicago+Sun-Times%3A+Chicago+news%2C+sports%2C+politics%2C+entertainment&date=Fri+Feb+17+2023+20%3A19%3A43+GMT%2B0000+(GMT)&action=pageview&pvid=cefed724-c6c7-45d1-9755-9cafe604c7e1&u=pid%3D77db80d4-103b-4231-9a84-f63390a8a18f
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 20:19:44 GMT
Cache-Control: no-cache
Last-Modified: Friday, 17-Feb-2023 20:19:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 108 KB
34 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0a05e474bd6d4ce3eaeedc0a272ae2dd608a06758eda5aaa287a812d66787a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 20:19:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 13:03:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34903
Expires: Fri, 17 Feb 2023 21:19:43 GMT

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 589 B
781 B 269ms
182ms XHR
application/json 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=FV0czWAOfe

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6727847cd586c4908586568e276e0a77160a19d2fa2feb705aef682597fcea0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Mw4r8qr8gUp
pragma: no-cache
wn: prod-dash-10-0-116-73
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.003
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79b13837eaac9024-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 43EB 5 KB
2 KB 425ms
412ms Document
text/html 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTGVH4DT5J8J&templateVariantId=OTVOAK7NFMRCZ&offerId=fakeOfferId&experienceId=EXAOCV4EWOKD&iframeId=offer_1c5e9d31c17f72d951d5-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e17a2dd4806a3513abcfdb3eb3f3e84f826bd8713eedc159f6dd444c940b4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 79b13837487d9128-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 17 Feb 2023 20:19:44 GMT
expires: Fri, 17 Feb 2023 20:34:44 GMT
last-modified: Fri, 17 Feb 2023 20:19:44 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.004
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-116-73
x-forwarded-https: on
x-request-id: Mw4r8qrmkIC
x-xss-protection: 0

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 590 B
428 B 278ms
200ms XHR
application/json 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=FV0czWAOfe

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a98e601fb6d036a962c3c785a37d215e466b8527189dabae9c5397a3b25c9299

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Mw4r8qrA1rj
pragma: no-cache
wn: prod-dash-10-0-90-123
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.023
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79b13837eaad9024-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 1A52 5 KB
2 KB 430ms
425ms Document
text/html 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTB4K7PD0YPC&templateVariantId=OTVCJUHDW6X4E&offerId=fakeOfferId&experienceId=EX1D2W8H4X2F&iframeId=offer_97f1666a773d7b955d13-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebb90b08b8b9d017581eded2e930a2ecca1f41f36d86f89b1b108bd0d0c5ec5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 79b13837487f9128-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 17 Feb 2023 20:19:44 GMT
expires: Fri, 17 Feb 2023 20:34:44 GMT
last-modified: Fri, 17 Feb 2023 20:19:44 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.013
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-83-80
x-forwarded-https: on
x-request-id: Mw4r8qrMUyQ
x-xss-protection: 0

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 979A 684 B
749 B 52ms
51ms Document
text/html 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Fri, 17 Feb 2023 20:19:43 GMT
Expires: Mon, 27 Feb 2023 20:19:43 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 979A 108 KB
34 KB 42ms
41ms Script
application/x-javascript 2a02:26f0:11a:398::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b5b6703eb8b13227d6ebe52f7bf2ba497e70ed51336ffffa92a090e410f6ccb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 20:19:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 13:03:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34903
Expires: Fri, 17 Feb 2023 21:19:44 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 75ms
25ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date: Thu, 16 Feb 2023 23:43:54 GMT
x-amz-cf-pop: FRA2-C1
age: 74151
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: sukUkOSWN95FapbZ8BYWWrqPkHq6YfUfFjgmzp6Gdd38QE4nK0ncCg==

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 979A 46 B
635 B 100ms
31ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: de66f796d692cab00ce1464d90b3381e2a5c74872d5d3066741af07111500c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
last-modified: Wed, 17 Aug 2022 20:19:44 GMT
server: Jetty(9.4.28.v20200408)
etag: 38he4chp02vrhpn2vo2xlu2hz
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 46
expires: Sat, 17 Feb 2024 20:19:44 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 979A 43 B
468 B 93ms
33ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.11&typ=pgv&rnd=le8z5rh8q6grg4zf&sid=1148697685424599205&loc=https%3A%2F%2Fchicago.suntimes.com%2F&new=1&arf=0&ltm=1676665183931&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=le8z5rrr4fz6x0dk&ckp=le8z5rh8sr3mvgqg&glb=&cp_userState=anon&cst=38he4chp02vrhpn2vo2xlu2hz
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Fri, 17 Feb 2023 20:19:44 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 102 B
674 B 95ms
36ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22le8z5rh8sr3mvgqg%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2238he4chp02vrhpn2vo2xlu2hz%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2238he4chp02vrhpn2vo2xlu2hz%22%7D%5D%2C%22siteId%22%3A%221148697685424599205%22%2C%22location%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2F%22%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

e2d281683c31b6073f361bcd255d586d0f17d740455f4f74f8bd735b4d9de871

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 20:19:44 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 102
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E36E 0
75 B 22ms
21ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://chicago.suntimes.com
Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://chicago.suntimes.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 20:19:44 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 43EB 26 KB
5 KB 43ms
36ms Stylesheet
text/css 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTGVH4DT5J8J&templateVariantId=OTVOAK7NFMRCZ&offerId=fakeOfferId&experienceId=EXAOCV4EWOKD&iframeId=offer_1c5e9d31c17f72d951d5-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTGVH4DT5J8J&templateVariantId=OTVOAK7NFMRCZ&offerId=fakeOfferId&experienceId=EXAOCV4EWOKD&iframeId=offer_1c5e9d31c17f72d951d5-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1312
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Feb 2023 02:56:26 GMT
wn: prod-dash-10-0-116-14
server: cloudflare
etag: W/"26850-1676256986000"
vary: accept-encoding
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 79b13839fde59128-FRA
expires: Fri, 17 Feb 2023 22:19:44 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 43EB 95 KB
30 KB 84ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 73085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soXUYJ1jnLNKIO16zD7kcpzIqUbbFLRUmrLht2aDXOw2fRL%2BExz9h%2BoeSorJZ5npmaJsAWt6C57ufgHsyuraktNfDVmIla4LWYlOktlTJTXcHZb4GeVSYrgAmNMHuJFcC3xjhnGrU2dhGpy2Dbcs8fDs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a3c089b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 43EB 10 KB
4 KB 107ms
52ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1973487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP4%2F5BhcbDYuAUWZh7Qyu5YaDhy9AMw7g1mqjOSr5PBR3VQ1zt4BjQOwwuUeft1pMcgB6e7RBkLNfw4KdARAT10MA8XqjhFAmJEWvCDtysS6TkeLtLpX5fLThJrdTnyOJ5QPQe5v%2BSqKVGUnUZO62vvJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a3c0b9b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 43EB 104 KB
35 KB 108ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3121888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvPW5c4WcwkI0Xlwf41uNdvRQKdJG57JKHD1vkIa7jk%2B9Ch3HG%2B4q6xhJtymuYkbQvZulppGNGaiVzkd6KaKiLWP4l1N%2BqZBgqq5sfieLUXwAtVD4GjQfH%2BpeNEm%2FJg%2BvQbzJRqiOjrAO2m1OQ9s8w%2Bb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a3c0c9b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 43EB 11 KB
4 KB 101ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 80559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3978
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-2bd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfsMCpcVpdp73awxpWtDcENXlIDzNZh3wn3TItZK6WIuEE6ny%2F31Iubli%2F7bLom92ablQHaejKmbZN%2BF3UB%2FqYICmFx%2Fx3WHKpBNCZkkJooRGAhnEUnTV1GoraEVPcdGPV6pzCP507ipn3%2FcDZl%2BoovV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a3c0d9b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 43EB 825 B
756 B 82ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5790545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG7slDai%2FrfzGpu%2Fm0Pyk6HT%2FdblEb6W5w8uQpONnqLroPasauX5mhNc6pT1nvmRWg4ms2pwbdFcUbkn%2FjPQKhBRCStQXSWVv%2BaluI01oJ8aM%2BFo%2FOzX9OK8BwPAoRS796I1AJEe93ELu7KNzhSRSwQJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a3c0e9b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 43EB 4 KB
3 KB 80ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8565036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBsbC8xKwpbEMvf90g5Yun%2Bdg90Ya%2FIwsRIJwKLbFkiNFvEB8pAjGSyJ5cmLkc2O40SlPHNV9Pjd%2FofCMCBJ5pSFfleBhjvFmJfdt3lqt0Yqi3axBiWq4riyM33zDlF5lKCXk9cLM%2BU%2FqaVkxNRJOdy7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a4c119b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 43EB 3 KB
2 KB 106ms
52ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1234000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbDX%2BDKGLsBMx42NSXVPvtgja5RiNp7tKdpyfcO8bYD3YhFVQLfWsx7yHcVVDsv8eZGRlJciGVNCxLjC0CUWiMis0DvLzDbsXj4nQWYfyfNs%2FZRfEnv34S8q%2F5T80NjRc%2Bvn2QU2Q0l1aPSfOY2qS%2Fq4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a4c129b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 43EB 23 KB
8 KB 108ms
54ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 253048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJDOE1JfdPNvYxfw3gvKfBwh1NhHEVNsDm90iVTaGA52I%2FQzBZXQ9CTLtXjYYaECsUNM5JaJLdHdA77CFnaAJeKPTj3gEiN5j0DgfY4LXSCsL3St6CmYGL1tsStQ1JiEbf5k6rScaI0z4MZWi82QOdla"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c4f9b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 43EB 2 KB
1 KB 107ms
54ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6704915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMfONQzfkzCRpL%2BWjCvn6mIpp39nDbJxe%2BxwTBBBkYvoJlYVz8HL0i0KmZ8IA4zlEvdmaCFfOyVOx1BA%2Bahe6Lxv5kz4A%2BHew%2B2%2F4Rwd%2FXJ%2FEfHBJZhagnRLpDSFbExxQEzPPBpWMQj6zRvLnRjMMXk0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c439b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 43EB 20 KB
7 KB 105ms
54ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5532863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7QrO8kWsYM9m2qZyEKFq%2BKMsxy8Ii60HLiDSQSie9Uw1foYl9uR3ZgQ297kVADEvJfCefF%2Fe7SS9fUwRYbXRqbLN%2F8f0qHAX3QJvbjaGtCkqRHIVxktKMPHzqNJRS3nLg7Y5vUeCPQVIZ0BpGYepxuY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c409b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 43EB 115 KB
36 KB 47ms
45ms Script
text/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.116.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a6de8cacbe0dc41611e088f54c1a0094c5e53d95f5f5a97ebc144a68d5cb2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTGVH4DT5J8J&templateVariantId=OTVOAK7NFMRCZ&offerId=fakeOfferId&experienceId=EXAOCV4EWOKD&iframeId=offer_1c5e9d31c17f72d951d5-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1299
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 16 Feb 2023 15:17:48 GMT
wn: prod-dash-10-0-88-18
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=603501
x-optimized-by: _sam
cf-ray: 79b13839fdea9128-FRA
expires: Fri, 24 Feb 2023 19:58:05 GMT

GET
H2 200 chicago-history-museum-desktop-1.png
i.piano.io/managedservices/chicago-sun-times/ Frame 43EB 56 KB
56 KB 66ms
51ms Image
image/png 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.piano.io/managedservices/chicago-sun-times/chicago-history-museum-desktop-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c184dd05a040c8e0df82435e83d080e13138d6dec328ab9d894f0193e7649a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57178
last-modified: Wed, 19 Aug 2020 07:51:43 GMT
server: cloudflare
etag: "39b6b46605c459630764aa2bf91c73b1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 79b1383add3e2c75-FRA
x-amz-cf-id: IknjClVhNT6zvh5xrwuLtnsj1nfveEKkojOduQC3dqKJ-t_QOQ1B1Q==
expires: Sat, 18 Feb 2023 00:19:44 GMT

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 1A52 26 KB
5 KB 44ms
42ms Stylesheet
text/css 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTB4K7PD0YPC&templateVariantId=OTVCJUHDW6X4E&offerId=fakeOfferId&experienceId=EX1D2W8H4X2F&iframeId=offer_97f1666a773d7b955d13-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTB4K7PD0YPC&templateVariantId=OTVCJUHDW6X4E&offerId=fakeOfferId&experienceId=EX1D2W8H4X2F&iframeId=offer_97f1666a773d7b955d13-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1312
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Feb 2023 02:56:26 GMT
wn: prod-dash-10-0-116-14
server: cloudflare
etag: W/"26850-1676256986000"
vary: accept-encoding
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 79b1383a0e049128-FRA
expires: Fri, 17 Feb 2023 22:19:44 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 1A52 95 KB
30 KB 88ms
48ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 73085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWkPEL0cuQeXEsr3GMELbtqVtqTCq9uaAu3vSD6Pbd%2BNAogEVG%2BvdvBtBLWN57HMnEmuaFB5OndeYBDoGTbsKvTMPARALc%2F6%2Fz2sSQwxG1sAg%2BAUda3AtCwsi7jSP8AdHZwCAZKzhtFQoCFgg2BMRAqc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a4c139b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 1A52 10 KB
4 KB 93ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1973487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7CYxpnKmNnq8zP51VuTIvKXADsHN8vb00FTcNUXzBTgSfYZ7kKFn7cqT2XYd1AT8umxgcg9BZEzYqZguoyuYZeb3atBPKUr9TNVCX21%2FKiDaEkE%2FK5Y7DLJz1IV1MUPsnD7DAhQw0ietZCI%2FmGl5xnh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c3e9b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1A52 104 KB
35 KB 101ms
61ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3121888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r12eH1J6msQBWzj1cYsDlWfONT2mYP1rpBxu24RmUI3Z2fbwl8HEtx7PSbx1aMSBmTxwaaBpPr2FgV%2BYM%2BruPIaXxEgmZqQdzTfmzxx3F6sWD62ssRfavE2UxnMOVVYHYmsLmflEr5xphipAx1eYNK0A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c459b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1A52 11 KB
4 KB 94ms
54ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 80559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3978
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-2bd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQaESqybkABzW2SixHw9Nj%2FT20RRXyrE1%2B4x%2FNh72OgwtMjsxkqqBjRCEMWn4Ftcw9I5OhTd842oL%2BhdgqU0ngnAAEe%2BFtw8gvcgOqzf3Q50%2FZLCPFyfzJSomPb9KQ%2BIy6G8fwpYeBp%2FTUMn6zo4CG3m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c479b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1A52 825 B
781 B 94ms
55ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5790545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgU%2B0rpekdeypECUzoRtoEO2F6EwiImp6EYqt%2B0l6CanseYJ%2FJJGI%2BzfkMvDbAT1ONUFtMFfsj5ltXPxn5lL4rEKfwaBqnpwSga6rPh2bx6x8wTRaT3HWO%2FTLHBLkuk4fDWOqJjB7%2BTf%2BFGigscZEN2J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c499b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1A52 4 KB
2 KB 94ms
55ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8565036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3phR1eBTYIr7eB89VUjEUAr%2BdR9Y54XnzHZ4oUUVsF0naYD%2B5UcRKCjP0fILU1E9glwayoeqqFetrLJHFRAHKYRKUmeoQ1e83ZERXo0qWbhufnMq%2BF00Sy%2BYgJ4mjz9bKleDOv%2FKvL2yVpX0pKjtDY7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c4d9b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 1A52 3 KB
1 KB 94ms
55ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1234000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW9a%2F2S0XUR%2Fp48IDsRDRP0PMzju5qu8u5DtNfSd0KJXuw0FJQOpmJBoSjVVJ2svVaCnjHax1iWJ%2B0Xq21CeOkuvHZ%2BwBnSJxV2ABFomTz6ST%2BKpX%2F5IHEdqnQofCd8WheA5gqwnZsX3KCFT4syRRNO9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c529b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 1A52 23 KB
8 KB 101ms
62ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 253048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuFKF38VBLWPsyKy8NUrcW4xhVucpfdehKmyZjCUP%2FJXXtti59m6OFuGS1oujF05LwdDD4BgU9XGQwQXJIY%2BTkN%2Butfix3T0sdUYxoELHqUEBIZN75a8YWiYVkSEZmKl0%2BW3c%2FGCOJDiw4H%2BJXnyCTKe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c539b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 1A52 2 KB
1 KB 101ms
62ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6704915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys9VAot4WJ90ntnGFsnyY8SCKjorL9fBG3oIaU%2FZVf8vYTSgplY%2Bl7NqGK2cyDVtgQST2Btkne17Av%2FfGyHvhJxTYz%2F4nAx9tsfJK2ODY7zN6ETR7JQdqLp3qj1ETckk6MViYdn9pd3DD3XYA6mtZMDn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c559b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 1A52 20 KB
7 KB 100ms
61ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5532863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5lh1MCNlcryjG4XKFRbMNNLvWlLLHel5eOEkLsLxCgb4qxDqsiqsGXB4R6drOz7FY7REy2xVx2Vt7NKzFjc1q%2BKxIyc2utIaDWXY6SN5fATj61EadSJwHCiP9cHyrH95v2AZcDqaz6LF47KPDLOwf9Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79b1383a5c569b6a-FRA
expires: Wed, 07 Feb 2024 20:19:44 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 1A52 115 KB
36 KB 44ms
43ms Script
text/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.116.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a6de8cacbe0dc41611e088f54c1a0094c5e53d95f5f5a97ebc144a68d5cb2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTB4K7PD0YPC&templateVariantId=OTVCJUHDW6X4E&offerId=fakeOfferId&experienceId=EX1D2W8H4X2F&iframeId=offer_97f1666a773d7b955d13-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1299
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 16 Feb 2023 15:17:48 GMT
wn: prod-dash-10-0-88-18
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=603501
x-optimized-by: _sam
cf-ray: 79b1383a0e079128-FRA
expires: Fri, 24 Feb 2023 19:58:05 GMT

GET
H/1.1 200
OK 144a93041609da07bcbc1782a8e475b3
cdn.wbez.org/image/ Frame 1A52 370 KB
370 KB 595ms
25ms Image
image/png 13.224.189.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.wbez.org/image/144a93041609da07bcbc1782a8e475b3
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTB4K7PD0YPC&templateVariantId=OTVCJUHDW6X4E&offerId=fakeOfferId&experienceId=EX1D2W8H4X2F&iframeId=offer_97f1666a773d7b955d13-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92edbcde7936e0162e79167fc01219927a18e089c263f1de1456a77df3770246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 14:00:10 GMT
Via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
Last-Modified: Wed, 01 Feb 2023 16:29:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 1318776
ETag: "144a93041609da07bcbc1782a8e475b3"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315569520
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 378880
X-Amz-Cf-Id: aQat3z9iU28bljRwus19ORtXCGcnk9g-XR_dRiLpXUTQybA1oQQcYg==

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 43EB 2 KB
2 KB 41ms
41ms Image
image/png 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 1311
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
last-modified: Thu, 16 Feb 2023 15:17:48 GMT
wn: prod-dash-10-0-114-68
server: cloudflare
etag: W/"2177-1676560668000"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 79b1383af8849176-FRA
expires: Fri, 17 Feb 2023 22:19:44 GMT

GET
DATA 200
OK truncated
/ 268 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c04903b94edd9920e4d0054cb70e7e419e6bb921aa86862ba39b037dba4894f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 470ms
114ms Image
image/png 54.231.193.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=feb6b46121fe
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.193.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 20:19:46 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 9Y1Y3GA8ZST8PHEV
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: q13RsnhhM3NLGjlEZLtKebFA8jV/OmxqN+qh8scDn33m8WyYn1VlsVlSRo7kQKrKsqZw3SKgqWU=

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 349ms
57ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=chicago.suntimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 321ms
33ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=chicago.suntimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 178ms
178ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=24701504542045&correlator=3274576563999739&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fifs&iu_parts=61924087%2Csuntimes%2Cchicago.suntimes.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C2x2&ifi=1&adks=2911765573%2C618710011&didk=303353385~359666826&sfv=1-0-40&ists=2&prev_scp=position%3Dout-of-page%7Cposition%3Dreskin&eri=1&cust_params=htlbidid%3D14068%26is_testing%3Dno%26is_home%3Dyes%26category%3DHome%26post_id%3D0000017e-e975-d1e5-a1fe-ed756f1d0000%26entry_id%3D%26entry_type%3D%26page_type%3Dhome_page%26hub_pages%3D%26keywords%3Dhomepage&sc=1&cookie_enabled=1&abxe=1&dt=1676665184726&lmt=1676665184&dlt=1676665182793&idt=1007&adxs=0%2C799&adys=215%2C215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fchicago.suntimes.com%2F&frm=20&vis=1&psz=1600x0%7C1600x0&msz=1600x0%7C1600x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=1678049882.1676665184&ga_sid=1676665185&ga_hid=1030994329&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff471e6f075ffaa0765b12d1e52f5a7b78da0548f2d6b1c3d44fd6d7a2c1d7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11285
x-xss-protection: 0
google-lineitem-id: -2,6227269628
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138423779509
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b31817dc37740bca5121a185a6be6713.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 611D 6 KB
3 KB 99ms
30ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b31817dc37740bca5121a185a6be6713.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 20:19:45 GMT
expires: Sat, 17 Feb 2024 20:19:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 469 B
828 B 26ms
26ms XHR
application/json 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fchicago.suntimes.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 6e2feca12765f3e6ef129b7d5d88b354684d79d29a98438b5cf48f4097f90c44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 17:35:35 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 9849
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 469
x-amz-cf-id: dFgn6gvhyv0JAqV4qIWvYnOD1kvaSCiZ9oZS21aybiJldBGxbSgOCA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
466 B 340ms
72ms XHR
text/javascript 143.204.94.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fchicago.suntimes.com%2F&pid=msTrHazcaGKAS&cb=0&ws=1600x1200&v=23.210.317&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F61924087%2Fsuntimes%2Fchicago.suntimes.com%2Ffront_page%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1000000560%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.94.230 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-94-230.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: K778GP6GNB4J5Y2XYX6A
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: o7OG4jXKCjDIvlusDOTcWCfhaR4CZKSpPY1kxDjkCqzTZ2NCre7e3w==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0EA8 0
0 72ms
71ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqry9xsxDZPZMVXyqBj-fVE-0efhaZ4PgkfUp8aZ1alyif8kjS6bwYe1QFYKR9pT4rWjLRahS_1e7ezsYMkzdW5Pi-1Cegq2FvDjPgJeX1hNijgn57hBNDXF6fCqMUdoFrJ6pdzp3cpeM5ODeXpT-KYr_tEA6DMJu0lzA7WrhyLWlMnMz59SiU8x_Voel4zU4LUK0k6HfZBME80bT7ZJ38w0Kkckby4fLX2JbHUhACVxabMs6ggpvjxIkLVrPt5WFQwIEa2bgMrnoadZ8k6ptW_MIkdMDBmT7o8P0sWRMWgsVfRMuQKmj1yphkmghNfZGpdypiUN6V8bngw0u0KVAJ9_Llc7EXDnMB46sia95MKwv2w5U&sai=AMfl-YTKsBXVScBunkQVTwgH2c2xE3VdacOd2v7F1yFUFHQrZcuL3HAQjFJxNY_PmKEqTislNRH0nNb1_BUCuhEuYzEW2cIMKt22qL-QltpKMn5RZj0g7MuBf4UoSos_vg4joG57pVgLPxD2CjlfN_KY&sig=Cg0ArKJSzOh_tdxj2sOzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Feb 2023 20:19:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EA8 156 KB
48 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 20:19:45 GMT

GET
H2 200 17491745845156084845
tpc.googlesyndication.com/simgad/ 41 KB
41 KB 192ms
86ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17491745845156084845?

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee424d91a0b60770e048bedcc5d161bb52eed40141501d31030606b5105b5960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:17:01 GMT
x-content-type-options: nosniff
age: 36164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41775
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 20:20:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 10:17:01 GMT

GET
H2 200 4790136196031914599
tpc.googlesyndication.com/simgad/ 41 KB
41 KB 150ms
44ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4790136196031914599?

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee424d91a0b60770e048bedcc5d161bb52eed40141501d31030606b5105b5960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:17:01 GMT
x-content-type-options: nosniff
age: 36164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41775
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 20:19:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 10:17:01 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 96ms
32ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: 037BTZQJKQYKWKAR
age: 1300
etag: W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79b1383eede868e9-FRA
x-amz-id-2: 3ZDyDSgeRfyVVSAh3GfxJ4kNQciMYKTi/55hDh5DYTNL8pcmXctUGv5WpwM5NjY4JdFsL/rHnS4=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
457 B 116ms
115ms XHR
text/plain 54.175.79.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.79.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-79-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 17 Feb 2023 20:19:45 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 360ms
116ms Preflight 54.175.79.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.79.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-79-87.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chicago.suntimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 17 Feb 2023 20:19:45 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
DATA 200
OK truncated
/ Frame 0EA8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc74483ea4a747eb4c534fbee9346e2c0a808bdd5736a12aff1d8bf309d738

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0EA8 0
0 72ms
72ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusCDpJatujhbhhi8X5pc6WrKxNwnLbBXvJ1xYMEBekGdCp-OrrYDiPOy-OwPvnLXtc8S21AVB_cy7D73tuQ78kt6WumCqxbQY6xPpFRBr7beq1-WDRunbhZKDfvhV_QcP5qInzbo57cgSryaZ5RIbCxFp__TN7W5C3I_1LFb5ifKLDhqjnVRjqI3IkuFGOVQWEEpqNQ11cr-9rT6jPMn663tjCDhNu0-scL49uBj8e9yn5F30pZUy4JNOxOEWZteOVW3TV1txryQBdRsvVpBO516XP-abOQuaV_GrCj0k_cEAjf7MtDJuYxKtUItbRnvZTtDtKHBk2apL-Oy4mhg09732MzR2ngRfX1hBSOg6_iWsiAV-fsQ&sai=AMfl-YQ6tWJYg03iuHOh3625vPyziOV7_amIZJNB_92xq81PlCdElZp0hBN-T1J16ZHa_IlbCPlaMzVyWdpRwdMILblsyvUYxR52O3d0ZJuYglMwHFjI38DGajcyyahc9UcgXokBVpD556w2n3O_8hsY&sig=Cg0ArKJSzOP5zQhG9EzPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Feb 2023 20:19:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 62ms
60ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=chicago.suntimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 39ms
37ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=chicago.suntimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 105ms
104ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=24701504542045&correlator=130520438476781&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fifs&iu_parts=61924087%2Csuntimes%2Cchicago.suntimes.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90%7C1020x90&ifi=3&adks=590288999&didk=1622125026&sfv=1-0-40&prev_scp=position%3Ddesktop_leaderboard_variable%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=htlbidid%3D14068%26is_testing%3Dno%26is_home%3Dyes%26category%3DHome%26post_id%3D0000017e-e975-d1e5-a1fe-ed756f1d0000%26entry_id%3D%26entry_type%3D%26page_type%3Dhome_page%26hub_pages%3D%26keywords%3Dhomepage&sc=1&cookie=ID%3Db03938c257160650%3AT%3D1676665184%3AS%3DALNI_MbDa2gEOrvYxVKBvRBUa5g7ITyF2Q&gpic=UID%3D00000bb8b414cd8f%3AT%3D1676665184%3ART%3D1676665184%3AS%3DALNI_MZe9vK6pnKTWqHwxjBDR67Hhm0ejQ&abxe=1&dt=1676665185127&lmt=1676665185&dlt=1676665182793&idt=1007&adxs=315&adys=215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fchicago.suntimes.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uqTc445QJ8S2TKjDW3Oz2dUnQS1mFe4SkOkSAPOa9LMC66u6ku-s_lJ-DQZ2h-6SDnsCa3P9mgdv4jU2BfXaYYMg&ga_vid=1678049882.1676665184&ga_sid=1676665185&ga_hid=1030994329&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a66a9cc4cb0d22a04a1e4687dd5337c096cf10a931809383f7271b4656991d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17751
x-xss-protection: 0
google-lineitem-id: 6227269628
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138423076031
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
407 B 89ms
23ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

66309d76427a7346fcf785390832eb4a8653d1b7189eebd24e3b950a82a85e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://chicago.suntimes.com
date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78E2 0
0 71ms
70ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLNnIJMD-zBKG1U0jdCUyxh4D2kwiqURwDodAU50U_5fCiItCyvfHeJ6dA34nOTPtBUGQDlRdcmAJsW5yH3uGFeDPnhwmZ489JzY7RhV68-Zix8-Z7WfuxHdVNqQ-hxw8GsnNTzfdykIEcvinmDHWIp8h0EGxMisDurF9-0B9vEVSABpN4urQtoRdacoRL7U_Up7xeiHI--PUSQVtRWWcNXu7SLMR8D6-hC-FlPOrKjQlYN_SVBXk68OjxL2S4hhVICAi5VHSfgH98ETyyorOEjVdnHnlWXNICrk4_yA0RdByIKUysKIH4CvqyPS62veOcZzPkMHi870qcKPyUMvPtG4GpSt2v2g0gPSkZhGbMKyg&sai=AMfl-YRuVtd_eAxF9fmbQ7n-q1dbX_CNXPfCqtF04-pxoy7daLdzWycWKce_7A6eDRGUvVsqzI_WzovQzsZS6oCcDHwOz6AcA6dBdchTtnmjwGU3bb03FkOX5dy2IP6HKO0&sig=Cg0ArKJSzBsJ1Ssn9JaLEAE&uach_m=[UACH]&adurl=

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 78E2 22 KB
9 KB 37ms
35ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 02:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 02:41:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 78E2 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Mar 2023 10:57:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 78E2 0
0 152ms
58ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYaQgmhsfSFIHRmUI-I-D5wKcyj64QarX9p4qOB0W038xx38gTxZ0A54bQasnfSbCxyjjluS-yOdMTHMF9TR9akOgpag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78E2 156 KB
48 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 20:19:45 GMT

GET
H2 200 7405014598061396605
tpc.googlesyndication.com/simgad/ Frame 78E2 238 KB
238 KB 39ms
38ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7405014598061396605

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3373218c95570c68a80e91879721528b5e5565631f6c94e038dc4fc787c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:32:43 GMT
x-content-type-options: nosniff
age: 38822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243301
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 20:18:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 09:32:43 GMT

POST
H/1.1 200 517.json Show response
id5-sync.com/g/v2/ 216 B
630 B 87ms
23ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/517.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

cd6217b4343da01c59602fc664dc4c5d890c28e9af7307185a734342b2bad5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://chicago.suntimes.com
date: Fri, 17 Feb 2023 20:19:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 78E2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0065be51d5d6df5c285e8b4144f86f41a30946f529f0fb31c566a6898555695c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78E2 0
0 71ms
70ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJGnydhcIgmp7WSGX1t_wT5og30cSYpmM_uRjIf97-yvSq3CAHzovHY1e6dljiSfqSIEEw4F0aVVCkMa7hcTzY-ItVPkmthLMaX78TE6Vo2fUHD5woIYvvOtPWuWOnFmdOGJD5Z0nSkcwv72pL3POY8R23Sh62YgrduJBqwdES6K9yj2XpCuCjasBNO7D_mlDTC4Pi2AbQuiWeDrDD38QpSArO5aWZ1QNxS8WHUwOJtW4MASvJsagY3fgD03amDZPc0XZPlezwNL9ny2FfzwGxbY0vOdBy0ZJ21wLFNdHiH9ZGOhfh_sqYzZeOMvRaTQPSaixhweGCW118QEa2Ddy4_Dr131mkVEkBG4AHxrj4vu0wAA&sai=AMfl-YQn79BBGqhCYlYcCl8m4SOKD1h2pNxgOklCE5gX80cELwq_mAQXnY2lx6hnuEWUfZDew-qXdeF6vYXQNKAM-gAbzIK4bjfHzHIeQ3cd0pRqXF_N2V6gbUFv3OmpZRE&sig=Cg0ArKJSzI9lCA4zrWc8EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Feb 2023 20:19:45 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
30ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1030994329&t=pageview&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2F&ul=en-us&de=UTF-8&dt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=304022903&gjid=855212882&cid=1678049882.1676665184&tid=UA-52083976-1&_gid=362216139.1676665184&_r=1&_slc=1&gtm=45He32f0n81PRHXFPN&cd1=0000017e-e975-d1e5-a1fe-ed756f1d0000&cd2=homepage&cd6=0&cd10=&cd11=chicago.suntimes.com&cd12=chicago.suntimes.com&cd24=Logged%20Out&cd33=no%20value%20set&z=550835001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 20:19:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1030994329&t=event&ni=1&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2F&ul=en-us&de=UTF-8&dt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Data%20Layer&ea=Loaded&el=https%3A%2F%2Fchicago.suntimes.com%2F&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1678049882.1676665184&tid=UA-52083976-6&_gid=362216139.1676665184&gtm=45He32f0n81PRHXFPN&z=1852131958

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 08:35:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42242
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 135ms
69ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8975e95a69062d74b903211be9a2c4a0883789c84c5afdb1388c22c4ec2ad52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11230
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 95ms
33ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-52083976-1&cid=1678049882.1676665184&jid=304022903&gjid=855212882&_gid=362216139.1676665184&_u=aEDAAEABAAAAACAAI~&z=1986229932

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Feb 2023 20:19:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 73ms
72ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-52083976-1&cid=1678049882.1676665184&jid=304022903&_u=aEDAAEABAAAAACAAI~&z=2057952379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 20:19:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 166ms
72ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-52083976-1&cid=1678049882.1676665184&jid=304022903&_u=aEDAAEABAAAAACAAI~&z=2057952379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 20:19:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 97ms
97ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 20:19:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8369 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 10:56:18 GMT
expires: Sat, 17 Feb 2024 10:56:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2F7C 783 B
536 B 60ms
59ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5307e589cbb93c9988e5b8f0f714c358c76e09bec8b0d28d1ba4ce09f26e9cc6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OMwiz8lj67xAjfzEB4erOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-OMwiz8lj67xAjfzEB4erOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Feb 2023 20:19:45 GMT
expires: Fri, 17 Feb 2023 20:19:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame 8369 36 KB
14 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 17:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 17:06:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F7C 0
0 82ms
58ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021401&jk=24701504542045&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8369 0
10 B 36ms
36ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SHyWbg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EA8 42 B
174 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzi7uKxjE8fvkXrDcZnYaH7DgFq0uC1wbpV6bdqrxMdNjs7xPuaFaaM5h0PAd8YBHja054OvoqqgpicPdeQySjbWisdkhDFvjCSjjhO9YofRPMqNRS&sig=Cg0ArKJSzPIN7QJgyy1sEAE&id=lidar2&mcvt=1000&p=233,799,235,801&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=0.84&vu=1&app=0&itpl=19&adk=618710011&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676665185018&rpt=93&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 20:19:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78E2 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoxNElcrWeuVTl3Cm1e6G_EJwQUTt2VB-Vv8X2M8kczYz537ufsnKye5riWOnp4gWltP5bFim7BTCtvwxta7KwNDD3DEDCTKEKYiJwf9y0a-L1KYey&sig=Cg0ArKJSzCsHr1AST3iXEAE&id=lidar2&mcvt=1001&p=215,315,465,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=590288999&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676665185243&rpt=81&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 20:19:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
59ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021401&jk=24701504542045&bg=!R0SlRBDNAAZYlHKzeJQ7ADkAdvg8Wq1y23miPUT_QiVPhcU3FtaDrhsUJ_17mbSlDk2yYL24cqxGvqrhrs1E4Z4iO9ML7apP3dECAAAAV1IAAAACaAEHCgDoCk4vK95iN-Axlg282fA6Mvo_n7fjP58eVHIF9bQv_g26pwIkwInIPbhgtax8e2qzBDOTUfMA3vzZabG9lFtW_vsGwScawUVJScoKm7ZSsfLEFby1jPSEiykr9KSb77Kheu2kLxLVpdbT5D9FzmCepZzgdgwrFQGLUQfplF1OLE4sgf7TjA79C_FwC3SJ1107dcws7mu5D-IaciwKDjI2SjSQ6tHSaQZxrcetVTeSf02XlBExVdqaU8StZsRPyAd_H8073mP3a0LuD5wuejQaUIpL5EthcXfI2gzNdP5mqgHSlih69hEiOJkCnh7N6OPyQcCupPUqAvlS82tilMn9kP7ZLRk-EAAzs3tx6ff06c4A0cSSwFFO_efliCaUZKxNPydL0RsJS1iIzXXPGaNXTnEdfbt6JTGvs2SdVTVNtmq5vOJKEcWUm7secjvikvFygTEhBsHoyrW8oeaGgUCekARaHoJltd7lKiSTY4fETq8wvPy8dhS7tGhYYk6hdHtrQJ8Wi2phHffVKATvdAQcB2AhFaWyhhc7QRrJtC0nLzkthckBEEh5pbb_RDwMJq71GIxPPvqpjTVbDOBgWFT8BdgJ4LaGabgquooYa-Zkzcswi6aWEngC0YVVZL4OOMGfsSRte_x8AO2kkU-x6P97lkZyFwHLMYWeuObcerovKDdR26i8-WyvK2kmhANI7sjTbEJhgC9tjbdz45o-RXhmwHEqMmasr2ozuYElk5j_EmPkcCdT1U0FTD1fPP1-zTxRVb_kOWyxl_cKl1O7itlTIhSGHiEXUu7cjXDJ5iDyhtwYU1lgx7QYanem1apiEC5q75zqrFtI9XfdzN3HowT5M8imnot2JbPIVsqeB0AgGdWY_b9RrSdcDv6yrOJG8KJW9ZhePPLLKODtsON2wZaAB1GRFTffgVcW8q1Km5CV9a6iLE_ifLzUc4Zglg8SFswmJS_jrH1Ef3iqfk2zioVLZKGjOz3lYctznKaUkonnz7ZQgroajzl3uK-EnhfHJ2iHncX-3DZvO-Sm8cezOUSapJVxYnWFxd52nE-YlFrx4HfKhK_1IjdpjXubhDAHHpAeCsigjBcE9lzfW7cIn8GaCerAwJ-j0YPD07zLgv8kQemGyqoJkalNwcOO0ETGyzFF2yX6dTLAY6OxzqJVZro-QVmlcPwDvM2Nxwn4ZcXpz90YtJHwQ72bpQk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 53ms
38ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:48 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 28688
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 03 Dec 2022 08:35:00 GMT
server: cloudflare
etag: W/"1bbec-184d71fdd40"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 79b13854db462c75-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 17 Feb 2024 20:19:48 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 88ms
29ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:48 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e55"
vary: Accept-Encoding
x-hw: 1676665188.dop242.fr8.t,1676665188.cds273.fr8.hn,1676665188.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 19 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 461 B
443 B 134ms
133ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=le8z5rh8sr3mvgqg&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4c919926b95a81049bf95dac133767336e821c5601d338e3ea094e8e17c895d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Feb 2023 20:19:49 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"1cd-JIgY7CIK0IsUlihrAAIe0AGR0x0"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 79b13857c8882c75-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 19
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 161ms
132ms Preflight 2606:4700::6810:f015

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=le8z5rh8sr3mvgqg&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://chicago.suntimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79b13856fea82c43-FRA
date: Fri, 17 Feb 2023 20:19:49 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 40 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
586 B 139ms
139ms XHR
application/json 2606:4700::6810:f015

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2F&visitor=le8z5rh8sr3mvgqg

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0b290047b3349cd2b828e672ebaef7ded61cd00cf01aeb95d9ed5b29d0f2cea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Feb 2023 20:19:49 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-nPksjNRTaM6LvF8Z32LMleI2wqA"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 79b1385978953a72-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 76 B
456 B 137ms
136ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=FV0czWAOfe&tbc=%7Bkpex%7DSmfsD1GRZ66JmDJbFg8RSV0Uct4c0yM_aY-mpmr1w4X71YBOT7koSfca57k77FAY&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp297

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2390a8b3d185e03fdd4be0493eeb8f48f9481e1fffbbe62a76ecf0e916bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 20:19:49 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-114-68
server: cloudflare
content-type: application/javascript
server-time: 0.001
p3p: CP="NON DSP COR OUR IND"
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
cf-ray: 79b1385a2f289176-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: M15r8qrFQUD

OPTIONS
H3 200 40
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 128ms
128ms Preflight 2606:4700::6810:f015

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2F&visitor=le8z5rh8sr3mvgqg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chicago.suntimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79b13858a9512c43-FRA
date: Fri, 17 Feb 2023 20:19:49 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 20:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 299
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Feb 2023 22:14:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,7000&display=swap

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.suntimes.com/	1970-01-20 19:13:13	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWADgDYAnAHZ%2BvAKzcATN3GDBUgAziQAXyA
.suntimes.com/	1970-01-20 19:13:13	Name: _pcid Value: %7B%22browserId%22%3A%22le8z5rh8sr3mvgqg%22%7D
.suntimes.com/	1970-01-20 19:20:25	Name: _ga Value: GA1.2.1678049882.1676665184
.suntimes.com/	1970-01-20 09:45:51	Name: _gid Value: GA1.2.362216139.1676665184
.suntimes.com/	1970-01-20 09:44:25	Name: _gat_UA-52083976-6 Value: 1
.suntimes.com/	1970-01-20 11:54:01	Name: _fbp Value: fb.1.1676665183756.1361093687
chicago.suntimes.com/	1970-01-20 09:44:25	Name: __adblocker Value: false
.suntimes.com/	1970-01-20 09:44:26	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://chicago.suntimes.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1676665183781%2C%22slts%22:0}
.suntimes.com/	1970-01-20 19:13:49	Name: _parsely_visitor Value: {%22id%22:%22pid=77db80d4-103b-4231-9a84-f63390a8a18f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1676665183781}
.piano.io/	1970-01-20 09:44:26	Name: __cf_bm Value: jSW7MU21GdPOFInoIIZ7h2XkMzxvRWNnaFIiO4_e8Io-1676665183-0-AZTYfVlA5rNzf8RrUfkACzbubLYsbhcjIMOQGnoF3ixBIFrSm/RELwCkvirxncsHzbPgD7AEbvfyKQ+Q+SBjqMM=
.suntimes.com/	1970-01-20 19:20:25	Name: __tbc Value: %7Bkpex%7DSmfsD1GRZ66JmDJbFg8RSV0Uct4c0yM_aY-mpmr1w4X71YBOT7koSfca57k77FAY
.suntimes.com/	1970-01-20 10:27:37	Name: __pat Value: -21600000
.suntimes.com/	1970-01-20 09:45:51	Name: __pvi Value: eyJpZCI6InYtbGU4ejVyaGh6MDQyZGo2byIsImRvbWFpbiI6Ii5zdW50aW1lcy5jb20iLCJ0aW1lIjoxNjc2NjY1MTgzODQ1fQ%3D%3D
.suntimes.com/	1970-01-20 19:20:25	Name: xbc Value: %7Bkpex%7DsWkZ6WgmxvnDDAWD3FVEoB9Bw0-Z4uASqwKOJGcXAiquO9TMvM4y7ThUjbTQxgfPkoE7PGRsIPKnQDDFt_FnflE5ughTUjEZjj3KNDf5tON1ZYavUy8ghH1bRZxpkW5Q48ybBmebLj1-3z-6k2MQRwJ1hXQ1FGAJuw4taSturB89Gds0bxHQIj34jJzWt5a6S0vyR9-rk8XKWZATIEvYl1RQoe6Wc3XZ7DBS3kXVliQS7-wWa9DD1AAjiAwqc5Pd4xF1KmYVzYF6HftKjMBeu8G8TS_p52L6R7LMiYl-wfiWOmDokvJAl_oaJYJwwOJGr5AYlqE5suttoIcXhTA90y9UN54S0nAOdAC49MjtH1_qsGPb7LFPFrPwqv0s-RW7P9y-dRISOfrIjEGzJCXx-5Rvpw9_RTQlXOPXFlOBJWKt2p8NKkzTbWbujtPGE515NebwRJ9n1kwVrIgLQi9k2Zk7DvY6qrvZHXnntpBKXpsckQW_qhlsYkhS7_YnQwKJSTp1QTjYZTndBBXn6ckv15yQ2QZtC3ESQi5IHCvfMiEkcRgfYIyUgihXrGxVd1z6
.suntimes.com/	1969-12-31 23:59:59	Name: cX_S Value: le8z5rrr4fz6x0dk
.suntimes.com/	1970-01-20 19:13:13	Name: cX_P Value: le8z5rh8sr3mvgqg
.cxense.com/	1970-01-20 18:30:01	Name: gckp Value: u3hmilmf7c311a1gf56bnyo22
.suntimes.com/	1970-01-20 19:13:13	Name: cX_G Value: cx%3A2vgd6fzucendabrj04ml2iaye%3A3hmh2056bbkfv
.suntimes.com/	1970-01-20 19:06:01	Name: __gads Value: ID=b03938c257160650:T=1676665184:S=ALNI_MbDa2gEOrvYxVKBvRBUa5g7ITyF2Q
.suntimes.com/	1970-01-20 19:06:01	Name: __gpi Value: UID=00000bb8b414cd8f:T=1676665184:RT=1676665184:S=ALNI_MZe9vK6pnKTWqHwxjBDR67Hhm0ejQ
.doubleclick.net/	1970-01-20 19:06:01	Name: IDE Value: AHWqTUksGWIF8LxDyhJh0gNpZQL3ZFTe6RlKRpqIMspIXm0Xni7t5YZPup_zsM3pBtI
.suntimes.com/	1970-01-20 09:44:25	Name: _gat_UA-52083976-1 Value: 1
chicago.suntimes.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1676665189212%2C%22visitNumber%22%3A1%7D
chicago.suntimes.com/	1970-01-20 18:30:01	Name: pnespsdk_visitor Value: le8z5rh8sr3mvgqg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://chicago.suntimes.com/ Message: Access to CSS stylesheet at 'https://fonts.googleapis.com/css?family=benton-sans:300,400,700\|benton-sans-compressed:300,400,7000&display=swap' from origin 'https://chicago.suntimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fonts.googleapis.com/css?family=benton-sans:300,400,700\|benton-sans-compressed:300,400,7000&display=swap Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aamapi.com
aax-dtb-cf.amazon-adsystem.com
adservice.google.com
adservice.google.de
ams-pageview-public.s3.amazonaws.com
api-esp.piano.io
b31817dc37740bca5121a185a6be6713.safeframe.googlesyndication.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cdn.cxense.com
cdn.id5-sync.com
cdn.parsely.com
cdn.tinypass.com
cdn.wbez.org
cdnjs.cloudflare.com
chicago.suntimes.com
code.jquery.com
comcluster.cxense.com
connect.facebook.net
cst.brightspotcdn.com
experience.tinypass.com
fonts.googleapis.com
htlbid.com
i.piano.io
id.cxense.com
id5-sync.com
lb.eu-1-id5-sync.com
p.typekit.net
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
fonts.googleapis.com
13.224.189.36
13.224.195.78
13.225.85.39
13.32.99.57
143.204.94.230
147.75.83.64
162.19.138.116
162.19.138.120
18.66.122.15
18.66.147.92
2001:4de0:ac18::1:a:1a
2600:1f14:600:6e02:f9b1:1ca1:8ea1:9c3c
2606:4700:10::6816:3456
2606:4700::6810:2a41
2606:4700::6810:f015
2606:4700::6811:190e
2606:4700::6811:b6b1
2606:4700::6811:b9b1
2606:4700:e2::ac40:8f26
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:400d:802::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2004
2a00:1450:4025:402::9d
2a02:26f0:11a:398::268b
2a02:26f0:11a::217:9a58
2a02:26f0:11a::6867:4832
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.175.79.87
54.231.193.185
63.34.81.234
0065be51d5d6df5c285e8b4144f86f41a30946f529f0fb31c566a6898555695c
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
04a224b8c917a07924aa2991cc3fd755334b4bc5c73e44ed78a2374e48a6fb0c
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
07629114a900c969e9fca73ccfe6e479ee37c29227be86204186ed096f6117cd
0a05e474bd6d4ce3eaeedc0a272ae2dd608a06758eda5aaa287a812d66787a92
0b290047b3349cd2b828e672ebaef7ded61cd00cf01aeb95d9ed5b29d0f2cea2
0c04903b94edd9920e4d0054cb70e7e419e6bb921aa86862ba39b037dba4894f
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0ea92c04c03d7da0e4608664dfb06b8bcf85ac91e2f58a8b984620247f447cca
115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3
1331fe7f5e30b57db5471582da4b5846bb08d122614f4ce7836364bc19cffa72
13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769
13ede502e0cbc1bc012baecd396efd9fff1f1c4ba00956cd33a3f93880515c89
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
243c9a872543f449341624ea57626836cfdf18b469b9b22539dff804fb400520
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2f8bdd6bc0d8b9a67b1cde37385fa944d7487295310328a50c466115578f5d87
309445f3112b2443409fca2540b7a15c93c8b98e6725a867192023b64f7e6286
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0
3b489a0b7282eb0ac2f6b3bd61811f2bb4bb4f6061e82119f936ef2d6bf8d6df
3c184dd05a040c8e0df82435e83d080e13138d6dec328ab9d894f0193e7649a8
3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756
3f2390a8b3d185e03fdd4be0493eeb8f48f9481e1fffbbe62a76ecf0e916bad7
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbad5d9bd036213ecd6f005492d7b05f8342f1bb5c0d37395185e218550601e
51f5d801f68f728dc54c54e314ee3f8e175f2ea27754cf3e5fbbfb86801e5e17
52af2c5175656c54f006fbcf39f7777cd5d337402ef25dd0dab2e11ee7e6a343
5307e589cbb93c9988e5b8f0f714c358c76e09bec8b0d28d1ba4ce09f26e9cc6
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62244150f04d7ec797bb671232e59083db031f026e3bdee84599678163fa399e
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66309d76427a7346fcf785390832eb4a8653d1b7189eebd24e3b950a82a85e24
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6727847cd586c4908586568e276e0a77160a19d2fa2feb705aef682597fcea0f
6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d
6e17a2dd4806a3513abcfdb3eb3f3e84f826bd8713eedc159f6dd444c940b4d7
6e2feca12765f3e6ef129b7d5d88b354684d79d29a98438b5cf48f4097f90c44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77fc74483ea4a747eb4c534fbee9346e2c0a808bdd5736a12aff1d8bf309d738
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8572450f390cda56ec83f6a4094901b012c4f3b3ebbe5ddcade91db1a5f96ffe
86fde260a0f61a358a031ad9dc81608230df4842cfb4364d9645febfbbc15e3c
882ff47b8bfe5bf2ca39503d05f91d42cb012d38fc22d8a6639d9422c3953a68
89492bc48602cb9a326b8074757ce2d4a953b5f6f6264a11e82e32568760ac63
8975e95a69062d74b903211be9a2c4a0883789c84c5afdb1388c22c4ec2ad52f
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8e1526da8f25d1beb20238eb04e99aaf13e4a77c2b534d246229fb7eceadaeda
92edbcde7936e0162e79167fc01219927a18e089c263f1de1456a77df3770246
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6
9ff471e6f075ffaa0765b12d1e52f5a7b78da0548f2d6b1c3d44fd6d7a2c1d7b
a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8
a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ab63d1d5f57234ffae2a29d9ed1f1c5afc67f7cb4e268c726f914585913c3e
a66a9cc4cb0d22a04a1e4687dd5337c096cf10a931809383f7271b4656991d76
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
a98e601fb6d036a962c3c785a37d215e466b8527189dabae9c5397a3b25c9299
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5b6703eb8b13227d6ebe52f7bf2ba497e70ed51336ffffa92a090e410f6ccb7
ba8fc36506923e6c20528790a775d2c3d320b6ed9bedd5d555fd12231ca7575e
bd3373218c95570c68a80e91879721528b5e5565631f6c94e038dc4fc787c860
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c78d2d94f852b1f338f922ac75f95154e0a08735369376625de3a357d0481f1d
c7e1c94859857c91218133829b77ef3885ab00531ba90becb02015815eb84487
c8a6de8cacbe0dc41611e088f54c1a0094c5e53d95f5f5a97ebc144a68d5cb2e
cd6217b4343da01c59602fc664dc4c5d890c28e9af7307185a734342b2bad5c5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa82ffe7d18b08594713ba08b04f08afda85476583d9d2b3efa1be8336b8ee0
d12ccd5032b108dc58294f1ce7dac565ab3e826a9ad99cd4ea7a83f99187af7c
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
de66f796d692cab00ce1464d90b3381e2a5c74872d5d3066741af07111500c0a
e1df7093f3e1c27551a47f5484ed052303c37f06e39114e90efe0a7a42a29ff8
e2d281683c31b6073f361bcd255d586d0f17d740455f4f74f8bd735b4d9de871
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
ebb90b08b8b9d017581eded2e930a2ecca1f41f36d86f89b1b108bd0d0c5ec5a
ee424d91a0b60770e048bedcc5d161bb52eed40141501d31030606b5105b5960
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13e80168acc715f3efb124839ebfb24de1597fdd4138b90517a58d04d6628ce
f393aab53c32ffc66f17c7bcfaba48bdf2a0c4eb42c44492231b9d761649b078
f4c919926b95a81049bf95dac133767336e821c5601d338e3ea094e8e17c895d
f6cb507fa649d0d1cc10e539c965193844ba86e13b98f72c21253d22b6c967b8
f98bbc13c728ccc5eea44c23b7478f9fa1399a3dadc5961413b0040cb59a89fe

chicago.suntimes.com Open in urlscan Pro 13.32.99.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

99 %HTTPS

67 %IPv6

28 Domains

44 Subdomains

40 IPs

6 Countries

2762 kBTransfer

6703 kBSize

24 Cookies

25 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

chicago.suntimes.com Open in urlscan Pro
13.32.99.57 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

99 %
HTTPS

67 %
IPv6

28
Domains

44
Subdomains

40
IPs

6
Countries

2762 kB
Transfer

6703 kB
Size

24
Cookies

139 HTTP transactions
6 data transactions