urlscan.io logo urlscan.io
SecurityTrails logo

www.chicagotribune.com Open in urlscan Pro
2600:141b:13::17d7:823a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.engage.ticketmaster.com/els/v2/EZ7jh6jrxGCN/cFdVdmJWenlRRThaZmZRaE5objdLQ3BXT0grWklvZjlNME9nOGIxS3JhaDFhdjFITFFHNUFSWkc2...
Effective URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt...
Submission: On January 19 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 175 IPs in 10 countries across 150 domains to perform 840 HTTP transactions. The main IP is 2600:141b:13::17d7:823a, located in New York, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.chicagotribune.com. The Cisco Umbrella rank of the primary domain is 29954.
TLS certificate: Issued by R3 on January 17th 2022. Valid for: 3 months.
This is the only time www.chicagotribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.60.182.80 16509 (AMAZON-02)
2 17 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 151.101.193.194 54113 (FASTLY)
1 57 142.250.65.194 15169 (GOOGLE)
10 13.225.222.69 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 28 151.101.1.44 54113 (FASTLY)
2 13.225.230.117 16509 (AMAZON-02)
1 13.225.230.118 16509 (AMAZON-02)
2 50.19.97.153 14618 (AMAZON-AES)
2 13.33.46.43 16509 (AMAZON-02)
2 2600:9000:21e... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 5 23.217.25.136 16625 (AKAMAI-AS)
5 99.84.125.40 16509 (AMAZON-02)
2 2600:1400:b00... 20940 (AKAMAI-ASN1)
12 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 8 13.225.230.62 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.23 16509 (AMAZON-02)
2 33 23.52.162.21 16625 (AKAMAI-AS)
5 104.118.8.253 16625 (AKAMAI-AS)
1 13.33.46.111 16509 (AMAZON-02)
3 13.225.230.85 16509 (AMAZON-02)
1 2600:9000:216... 16509 (AMAZON-02)
3 99.84.125.64 16509 (AMAZON-02)
1 13.224.214.91 16509 (AMAZON-02)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 44.235.12.17 16509 (AMAZON-02)
1 2600:9000:21e... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 143.204.150.36 16509 (AMAZON-02)
8 21 68.67.161.212 29990 (ASN-APPNEX)
4 23.39.175.77 16625 (AKAMAI-AS)
3 2602:803:c002... 26667 (RUBICONPR...)
4 52.1.1.63 14618 (AMAZON-AES)
3 35.211.165.199 15169 (GOOGLE)
1 99.84.40.238 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.230.11 16509 (AMAZON-02)
3 54.89.1.168 14618 (AMAZON-AES)
24 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
16 17 3.33.220.150 16509 (AMAZON-02)
1 52.86.156.15 14618 (AMAZON-AES)
2 34.120.155.137 15169 (GOOGLE)
9 104.36.115.111 62713 (AS-PUBMATIC)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21e... 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 54.144.144.142 14618 (AMAZON-AES)
1 13.225.230.54 16509 (AMAZON-02)
3 104.102.253.139 16625 (AKAMAI-AS)
1 34.228.250.212 14618 (AMAZON-AES)
1 3.236.169.120 14618 (AMAZON-AES)
1 20 52.46.130.91 16509 (AMAZON-02)
1 3 8.28.7.81 62713 (AS-PUBMATIC)
20 2607:f8b0:400... 15169 (GOOGLE)
22 13.33.46.45 16509 (AMAZON-02)
6 54.146.207.8 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
4 75.101.165.252 14618 (AMAZON-AES)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.201.103.212 15169 (GOOGLE)
3 44.196.113.69 14618 (AMAZON-AES)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 2600:1400:d:1... 20940 (AKAMAI-ASN1)
1 54.82.87.39 14618 (AMAZON-AES)
4 3.33.189.65 16509 (AMAZON-02)
1 2607:f8b0:402... 15169 (GOOGLE)
4 54.204.0.108 14618 (AMAZON-AES)
2 3 185.167.164.37 198622 (ADFORM)
7 7 151.101.2.49 54113 (FASTLY)
2 32 8.28.7.83 62713 (AS-PUBMATIC)
6 6 216.200.232.249 30419 (MEDIAMATH...)
7 7 52.201.9.166 14618 (AMAZON-AES)
13 18 142.251.32.98 15169 (GOOGLE)
4 4 193.122.128.135 31898 (ORACLE-BM...)
3 7 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 104.36.115.114 62713 (AS-PUBMATIC)
5 5 169.61.103.241 36351 (SOFTLAYER)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
3 7 2600:1f18:4e9... 14618 (AMAZON-AES)
10 14 52.45.33.138 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:202... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
7 107.23.41.144 14618 (AMAZON-AES)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
7 192.35.249.142 11742 (SPOTX-IAD)
1 3 35.244.159.8 15169 (GOOGLE)
1 52.203.12.126 14618 (AMAZON-AES)
27 2607:f8b0:400... 15169 (GOOGLE)
1 18.211.94.94 14618 (AMAZON-AES)
6 23.52.164.7 16625 (AKAMAI-AS)
2 156.154.202.36 19907 (NEUSTAR-AS6)
1 5 18.233.240.143 14618 (AMAZON-AES)
5 5 207.198.113.169 13768 (COGECO-PEER1)
1 1 18.209.200.15 14618 (AMAZON-AES)
1 34.233.103.61 14618 (AMAZON-AES)
1 34.204.245.180 14618 (AMAZON-AES)
1 2 52.200.157.223 14618 (AMAZON-AES)
4 5 8.43.72.97 26667 (RUBICONPR...)
1 2 18.207.77.150 14618 (AMAZON-AES)
1 19 151.101.130.137 54113 (FASTLY)
2 18.209.139.57 14618 (AMAZON-AES)
10 23.64.109.237 16625 (AKAMAI-AS)
5 22 34.98.64.218 15169 (GOOGLE)
1 54.210.163.148 14618 (AMAZON-AES)
3 11 35.71.139.29 16509 (AMAZON-02)
1 1 54.205.198.81 14618 (AMAZON-AES)
1 1 192.132.33.46 18568 (BIDTELLECT)
17 17 35.211.178.172 15169 (GOOGLE)
3 3.214.225.122 14618 (AMAZON-AES)
2 2 34.237.23.137 14618 (AMAZON-AES)
4 5 198.148.27.140 19189 (PULSEPOINT)
3 7 8.43.72.98 26667 (RUBICONPR...)
1 2001:4998:14:... 14777 (YAHOO)
1 2600:9000:21e... 16509 (AMAZON-02)
2 12 104.16.190.66 13335 (CLOUDFLAR...)
15 151.101.194.137 54113 (FASTLY)
3 3 68.67.179.77 29990 (ASN-APPNEX)
3 3 192.35.249.120 11742 (SPOTX-IAD)
7 2607:f8b0:400... 15169 (GOOGLE)
5 5 34.225.172.55 14618 (AMAZON-AES)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
4 199.127.204.163 26120 (RHYTHMONE)
2 104.36.113.24 62713 (AS-PUBMATIC)
1 1 52.3.54.123 14618 (AMAZON-AES)
3 3 2620:116:800b... 14618 (AMAZON-AES)
3 3 69.90.254.78 13768 (COGECO-PEER1)
3 18.223.14.89 16509 (AMAZON-02)
19 2404:6800:400... 15169 (GOOGLE)
2 2600:9000:21d... 16509 (AMAZON-02)
2 104.16.68.69 13335 (CLOUDFLAR...)
4 35.190.38.143 15169 (GOOGLE)
8 104.17.209.240 13335 (CLOUDFLAR...)
1 34.120.253.250 15169 (GOOGLE)
1 1 34.102.163.6 15169 (GOOGLE)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
2 2 3.221.247.3 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 64.202.112.63 23352 (SERVERCEN...)
1 2 173.223.56.123 16625 (AKAMAI-AS)
2 34 141.226.224.48 200478 (TABOOLA-AS)
2 142.251.4.154 15169 (GOOGLE)
2 34.98.72.95 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
2 2600:1f18:66e... 14618 (AMAZON-AES)
1 35.227.232.15 15169 (GOOGLE)
1 35.227.192.160 15169 (GOOGLE)
1 35.186.239.31 15169 (GOOGLE)
3 104.17.208.240 13335 (CLOUDFLAR...)
1 34.107.191.194 15169 (GOOGLE)
3 2600:9000:21e... 16509 (AMAZON-02)
1 34.149.130.207 15169 (GOOGLE)
1 104.77.8.143 16625 (AKAMAI-AS)
10 34.117.4.53 15169 (GOOGLE)
1 2 35.186.253.211 15169 (GOOGLE)
2 2 54.226.209.67 14618 (AMAZON-AES)
2 3 107.178.246.49 15169 (GOOGLE)
1 142.250.72.98 15169 (GOOGLE)
1 3 2600:1f18:66e... 14618 (AMAZON-AES)
1 1 18.215.192.237 14618 (AMAZON-AES)
1 1 13.225.230.53 16509 (AMAZON-02)
1 13.225.214.29 16509 (AMAZON-02)
1 54.89.130.42 14618 (AMAZON-AES)
4 142.251.35.162 15169 (GOOGLE)
2 3 35.207.10.239 15169 (GOOGLE)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
1 34.107.221.36 15169 (GOOGLE)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
3 3 35.207.24.140 15169 (GOOGLE)
2 2 23.73.244.44 16625 (AKAMAI-AS)
1 2 74.119.119.150 19750 (AS-CRITEO)
2 2 173.231.178.77 29791 (VOXEL-DOT...)
1 169.197.150.8 398989 (DEEPINTENT)
2 3 18.210.180.232 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 3.215.1.222 14618 (AMAZON-AES)
1 1 104.45.178.220 8075 (MICROSOFT...)
4 4 23.10.88.241 16625 (AKAMAI-AS)
3 3 38.27.122.101 174 (COGENT-174)
3 3 199.127.204.147 26120 (RHYTHMONE)
1 1 172.105.203.31 63949 (LINODE-AP...)
1 162.55.120.196 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
1 1 23.88.75.188 24940 (HETZNER-AS)
5 5 51.210.112.63 16276 (OVH)
2 2 52.0.156.250 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 8.28.7.109 62713 (AS-PUBMATIC)
1 2 3.215.189.212 14618 (AMAZON-AES)
1 52.54.80.180 14618 (AMAZON-AES)
4 4 2001:438:65:1... 26762 (CNVR-US-EAST)
1 1 52.72.29.190 14618 (AMAZON-AES)
1 2 204.2.255.233 2914 (NTT-COMMU...)
1 1 45.35.192.162 40676 (AS40676)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 54.70.210.121 16509 (AMAZON-02)
2 18.223.204.51 16509 (AMAZON-02)
4 3.139.192.142 16509 (AMAZON-02)
1 2 23.92.190.69 29791 (VOXEL-DOT...)
1 199.187.193.166 47043 (SMARTADSE...)
4 5 44.196.51.251 14618 (AMAZON-AES)
9 9 51.195.5.38 16276 (OVH)
1 1 69.166.1.10 27630 (AS-XFERNET)
2 2 35.211.141.197 15169 (GOOGLE)
1 195.244.31.11 63140 (IGUANA-WO...)
1 2a04:4e42:400... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 1 199.38.167.128 ()
4 4 52.203.251.126 ()
2 4 3.212.89.65 ()
1 2 54.174.249.39 ()
840 175
1    52.60.182.80 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-182-80.ca-central-1.compute.amazonaws.com
links.engage.ticketmaster.com
17    2600:141b:13::17d7:823a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.chicagotribune.com
3    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
57    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
10    13.225.222.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-222-69.jfk51.r.cloudfront.net
c.amazon-adsystem.com
7    2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
28    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
trc.taboola.com
15.taboola.com
vidstat.taboola.com
imprnjmp.taboola.com
match.taboola.com
2    13.225.230.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-117.jfk51.r.cloudfront.net
assets.zephr.com
1    13.225.230.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-118.jfk51.r.cloudfront.net
tribune-chicagotribuneclassic.zeustechnology.com
2    50.19.97.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-97-153.compute-1.amazonaws.com
embed.sendtonews.com
2    13.33.46.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-43.ewr52.r.cloudfront.net
tags.remixd.com
2    2600:9000:21ec:6c00:e:f240:cc80:21 (United States)

ASN16509 (AMAZON-02, US)
d3mmnnn9s2dcmq.cloudfront.net
2    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:141b:13:6ad::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
5    23.217.25.136 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-25-136.deploy.static.akamaitechnologies.com
ssor.tribdss.com
www.tribdss.com
5    99.84.125.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-40.ewr52.r.cloudfront.net
zephr.chicagotribune.com
2    2600:1400:b000:4ac::11a6 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
173bf111.akstat.io
12    2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
8    13.225.230.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-62.jfk51.r.cloudfront.net
sb.scorecardresearch.com
7    2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.214.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-23.phl50.r.cloudfront.net
check.analytics.rlcdn.com
33    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
5    104.118.8.253 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-8-253.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    13.33.46.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-111.ewr52.r.cloudfront.net
ib.3lift.com
3    13.225.230.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-85.jfk51.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2162:ba00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
3    99.84.125.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-64.ewr52.r.cloudfront.net
player.sendtonews.com
1    13.224.214.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-91.phl50.r.cloudfront.net
insights.zeustechnology.com
10    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)
63cae183affa97044b8cb5582b7200aa.safeframe.googlesyndication.com
1    44.235.12.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-12-17.us-west-2.compute.amazonaws.com
authenticate.chicagotribune.com
1    2600:9000:21ec:2800:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
4    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    143.204.150.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-36.ewr52.r.cloudfront.net
cdn.sophi.io
21    68.67.161.212 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    23.39.175.77 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-175-77.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    2602:803:c002:300::99 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    52.1.1.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-1-63.compute-1.amazonaws.com
tlx.3lift.com
3    35.211.165.199 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    99.84.40.238 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-40-238.ewr52.r.cloudfront.net
cdn.parsely.com
1    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    13.225.230.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-11.jfk51.r.cloudfront.net
ats.rlcdn.com
3    54.89.1.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-1-168.compute-1.amazonaws.com
bcp.crwdcntrl.net
24    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
17    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    52.86.156.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-156-15.compute-1.amazonaws.com
idx.liadm.com
2    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
9    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
1    2600:9000:21ec:cc00:9:7c30:be80:21 (United States)

ASN16509 (AMAZON-02, US)
d1n00d49gkbray.cloudfront.net
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
7    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
1    13.225.230.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-54.jfk51.r.cloudfront.net
geo.privacymanager.io
3    104.102.253.139 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-253-139.deploy.static.akamaitechnologies.com
a.teads.tv
1    34.228.250.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-250-212.compute-1.amazonaws.com
protected-by.clarium.io
1    3.236.169.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-120.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
20    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
20    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
22    13.33.46.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-45.ewr52.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
6    54.146.207.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-207-8.compute-1.amazonaws.com
s2l.sendtonews.com
5    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    75.101.165.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-165-252.compute-1.amazonaws.com
tr2.smarterhq.io
8    2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)
news.google.com
1    2600:9000:21da:a000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
4    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
3    35.201.103.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.103.201.35.bc.googleusercontent.com
smoggysnakes.com
3    44.196.113.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-113-69.compute-1.amazonaws.com
www.i.matheranalytics.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    2600:1400:d:18f::26e5 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
1    54.82.87.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-87-39.compute-1.amazonaws.com
id.sv.rkdms.com
4    3.33.189.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab5547fe103db6c64.awsglobalaccelerator.com
collector.sophi.io
1    2607:f8b0:4023:1404::9c (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    54.204.0.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-0-108.compute-1.amazonaws.com
timber.sendtonews.com
3    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
rtd-tm.everesttech.net
32    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
6    216.200.232.249 (United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    52.201.9.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-9-166.compute-1.amazonaws.com
match.prod.bidr.io
18    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
4    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
5    169.61.103.241 (Brooklyn, United States)

ASN36351 (SOFTLAYER, US)
PTR: f1.67.3da9.ip4.static.sl-reverse.com
um.simpli.fi
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
7    2600:1f18:4e9:5a05:7530:e049:6d41:d338 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
14    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
6    2607:f8b0:4006:80f::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2600:9000:202c:8c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2607:f8b0:4006:808::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
7    107.23.41.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-41-144.compute-1.amazonaws.com
prebid-server.rubiconproject.com
2    2600:1f18:612b:4216:369e:8f18:e653:ef27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pi979-10rsz.ads.tremorhub.com
7    192.35.249.142 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
sendtonews-d.openx.net
u.openx.net
us-u.openx.net
1    52.203.12.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-12-126.compute-1.amazonaws.com
ads.adaptv.advertising.com
27    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    18.211.94.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-94-94.compute-1.amazonaws.com
ping.chartbeat.net
6    23.52.164.7 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-164-7.deploy.static.akamaitechnologies.com
t.teads.tv
2    156.154.202.36 (United States)

ASN19907 (NEUSTAR-AS6, US)
aa.agkn.com
5    18.233.240.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-240-143.compute-1.amazonaws.com
sync.crwdcntrl.net
5    207.198.113.169 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    18.209.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com
jadserve.postrelease.com
1    34.233.103.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-103-61.compute-1.amazonaws.com
ml314.com
1    34.204.245.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-245-180.compute-1.amazonaws.com
beacon.krxd.net
2    52.200.157.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-157-223.compute-1.amazonaws.com
thrtle.com
5    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    18.207.77.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-77-150.compute-1.amazonaws.com
ps.eyeota.net
19    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
img.connatix.com
cks.connatix.com
2    18.209.139.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-139-57.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
10    23.64.109.237 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-109-237.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
22    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
sendtonews-d.openx.net
1    54.210.163.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-163-148.compute-1.amazonaws.com
crb.kargo.com
11    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    54.205.198.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-81.compute-1.amazonaws.com
sync.extend.tv
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
17    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    3.214.225.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-225-122.compute-1.amazonaws.com
ads.yieldmo.com
2    34.237.23.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-23-137.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
7    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
1    2001:4998:14:800::1001 (Ashburn, United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
1    2600:9000:21ec:5600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
12    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
dmx.districtm.io
15    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
capi.connatix.com
3    68.67.179.77 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
3    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
7    2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)
play.google.com
5    34.225.172.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-172-55.compute-1.amazonaws.com
pixel.advertising.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
4    199.127.204.163 (United States)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    52.3.54.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-54-123.compute-1.amazonaws.com
match.sharethrough.com
3    2620:116:800b:21:d7a4:3372:2f4a:f3b0 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
3    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    18.223.14.89 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-14-89.us-east-2.compute.amazonaws.com
vid.springserve.com
19    2404:6800:4005:81d::2003 (Central, Hong Kong)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2600:9000:21dd:da00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
2    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
4    35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com
pubcast-files.remixd.com
player-files.remixd.com
8    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.wknd.ai
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    3.221.247.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-247-3.compute-1.amazonaws.com
ads.creative-serving.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    173.223.56.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
34    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
us-trc-events.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
2    142.251.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: gm-in-f154.1e100.net
bid.g.doubleclick.net
2    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    2600:9000:21da:b400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    2600:1f18:66e7:fb11:219f:3941:9d50:b09d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
vast.extremereach.io
1    35.227.232.15 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 15.232.227.35.bc.googleusercontent.com
data.cdnbasket.net
1    35.227.192.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.192.227.35.bc.googleusercontent.com
page.cdnbasket.net
1    35.186.239.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.239.186.35.bc.googleusercontent.com
view.cdnbasket.net
3    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
siteintercept.qualtrics.com
1    34.107.191.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.191.107.34.bc.googleusercontent.com
ids.cdnwidget.com
3    2600:9000:21ec:8e00:1d:e9ba:f480:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.extremereach.io
1    34.149.130.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.130.149.34.bc.googleusercontent.com
pd.cdnwidget.com
1    104.77.8.143 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-8-143.deploy.static.akamaitechnologies.com
ca1.qualtrics.com
10    34.117.4.53 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 53.4.117.34.bc.googleusercontent.com
api.bounceexchange.com
dfp.bouncex.net
events.bouncex.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    54.226.209.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-209-67.compute-1.amazonaws.com
sync.ipredictive.com
3    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2600:1f18:66e7:fb12:6f41:d484:66e:dd06 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacons.extremereach.io
1    18.215.192.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-192-237.compute-1.amazonaws.com
beacons-ipv4.extremereach.io
1    13.225.230.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-53.jfk51.r.cloudfront.net
pixel.pointmediatracker.com
1    13.225.214.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-29.ewr50.r.cloudfront.net
cdn.blisspointmedia.com
1    54.89.130.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-130-42.compute-1.amazonaws.com
ir.surveywall-api.survata.com
4    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
ade.googlesyndication.com
3    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
1    34.107.221.36 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 36.221.107.34.bc.googleusercontent.com
u.cdnwidget.com
2    2600:1f18:612b:4216:ea4:d95f:6e76:faa7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    173.231.178.77 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    18.210.180.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-180-232.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    3.215.1.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-1-222.compute-1.amazonaws.com
pm.w55c.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
4    23.10.88.241 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-10-88-241.deploy.static.akamaitechnologies.com
px.owneriq.net
3    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
3    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    172.105.203.31 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1857-31.members.linode.com
gocm.c.appier.net
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
5    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loada.exelator.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    8.28.7.109 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    3.215.189.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-189-212.compute-1.amazonaws.com
io.narrative.io
1    52.54.80.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-80-180.compute-1.amazonaws.com
rtb.adentifi.com
4    2001:438:65:11::1720 (United States)

ASN26762 (CNVR-US-EAST, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
1    52.72.29.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-29-190.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
2    204.2.255.233 (United States)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
pmp.mxptint.net
1    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    54.70.210.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-210-121.us-west-2.compute.amazonaws.com
id.sharedid.org
2    18.223.204.51 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-204-51.us-east-2.compute.amazonaws.com
bc-ssb-cle.springserve.com
4    3.139.192.142 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-192-142.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
2    23.92.190.69 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
5    44.196.51.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-51-251.compute-1.amazonaws.com
e1.emxdgt.com
cs.emxdgt.com
9    51.195.5.38 (France)

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com
id5-sync.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    35.211.141.197 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
1    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    199.38.167.128 (None, )

ASN- ()
p.rfihub.com
4    52.203.251.126 (None, )

ASN- ()
ad.360yield.com
4    3.212.89.65 (None, )

ASN- ()
sync.bfmio.com
2    54.174.249.39 (None, )

ASN- ()
um2.eqads.com
Apex Domain
Subdomains		 Transfer
79 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
pubads.g.doubleclick.net — Cisco Umbrella Rank: 462
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
bid.g.doubleclick.net — Cisco Umbrella Rank: 452
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
301 KB
62 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 923
trc.taboola.com — Cisco Umbrella Rank: 570
trc-events.taboola.com — Cisco Umbrella Rank: 1857
15.taboola.com — Cisco Umbrella Rank: 1821
us-trc-events.taboola.com — Cisco Umbrella Rank: 6193
vidstat.taboola.com — Cisco Umbrella Rank: 1882
imprnjmp.taboola.com — Cisco Umbrella Rank: 7871
us-match.taboola.com — Cisco Umbrella Rank: 8032
us-vid-events.taboola.com — Cisco Umbrella Rank: 7593
sync-t1.taboola.com — Cisco Umbrella Rank: 1260
sync.taboola.com — Cisco Umbrella Rank: 969
match.taboola.com — Cisco Umbrella Rank: 2469
pips.taboola.com — Cisco Umbrella Rank: 1701
cds.taboola.com — Cisco Umbrella Rank: 1042
333 KB
56 googlesyndication.com
63cae183affa97044b8cb5582b7200aa.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
ade.googlesyndication.com — Cisco Umbrella Rank: 268
455 KB
54 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image6.pubmatic.com — Cisco Umbrella Rank: 595
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 1032
image4.pubmatic.com — Cisco Umbrella Rank: 848
simage4.pubmatic.com — Cisco Umbrella Rank: 1179
aud.pubmatic.com — Cisco Umbrella Rank: 5343
52 KB
36 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
574 KB
35 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
as-sec.casalemedia.com — Cisco Umbrella Rank: 1285
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
ssum.casalemedia.com
52 KB
34 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3412
cds.connatix.com — Cisco Umbrella Rank: 3516
capi.connatix.com — Cisco Umbrella Rank: 3102
vid.connatix.com — Cisco Umbrella Rank: 4031
img.connatix.com — Cisco Umbrella Rank: 4155
cks.connatix.com — Cisco Umbrella Rank: 4434
1 MB
34 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
token.rubiconproject.com — Cisco Umbrella Rank: 689
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
67 KB
33 google.com
adservice.google.com — Cisco Umbrella Rank: 80
ampcid.google.com — Cisco Umbrella Rank: 1722
www.google.com — Cisco Umbrella Rank: 13
news.google.com — Cisco Umbrella Rank: 5085
play.google.com — Cisco Umbrella Rank: 39
70 KB
30 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
106 KB
27 openx.net
sendtonews-d.openx.net — Cisco Umbrella Rank: 17098
u.openx.net — Cisco Umbrella Rank: 710
us-u.openx.net — Cisco Umbrella Rank: 359
rtb.openx.net — Cisco Umbrella Rank: 1548
4 KB
27 cloudfront.net
d3mmnnn9s2dcmq.cloudfront.net
dyv1bugovvq1g.cloudfront.net
d15kdpgjg3unno.cloudfront.net
d1n00d49gkbray.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2 MB
27 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
2 MB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
60 KB
23 chicagotribune.com
www.chicagotribune.com — Cisco Umbrella Rank: 29954
zephr.chicagotribune.com — Cisco Umbrella Rank: 80262
authenticate.chicagotribune.com — Cisco Umbrella Rank: 135860
192 KB
22 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
ads.yahoo.com — Cisco Umbrella Rank: 913
11 KB
20 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1264
x.bidswitch.net — Cisco Umbrella Rank: 287
9 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
10 KB
16 3lift.com
ib.3lift.com — Cisco Umbrella Rank: 1122
tlx.3lift.com — Cisco Umbrella Rank: 600
eb2.3lift.com — Cisco Umbrella Rank: 389
6 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 14693
player.sendtonews.com — Cisco Umbrella Rank: 15373
s2l.sendtonews.com — Cisco Umbrella Rank: 15601
timber.sendtonews.com — Cisco Umbrella Rank: 16173
110 KB
14 districtm.io
cdn.districtm.io — Cisco Umbrella Rank: 2067
dmx.districtm.io — Cisco Umbrella Rank: 1407
6 KB
12 qualtrics.com
zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com — Cisco Umbrella Rank: 98047
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1205
ca1.qualtrics.com — Cisco Umbrella Rank: 21260
90 KB
11 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 6017
vpaid.springserve.com — Cisco Umbrella Rank: 8109
bc-ssb-cle.springserve.com — Cisco Umbrella Rank: 13202
vid-io-cle.springserve.com — Cisco Umbrella Rank: 6871
182 KB
11 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
22 KB
11 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4187
ats.rlcdn.com — Cisco Umbrella Rank: 1554
api.rlcdn.com — Cisco Umbrella Rank: 812
idsync.rlcdn.com — Cisco Umbrella Rank: 316
id.rlcdn.com — Cisco Umbrella Rank: 738
37 KB
10 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 405
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
8 KB
10 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1286
s8t.teads.tv — Cisco Umbrella Rank: 3189
t.teads.tv — Cisco Umbrella Rank: 2400
136 KB
9 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
13 KB
9 extremereach.io
vast.extremereach.io — Cisco Umbrella Rank: 2796
cdn1.extremereach.io — Cisco Umbrella Rank: 3193
beacons.extremereach.io — Cisco Umbrella Rank: 2680
beacons-ipv4.extremereach.io — Cisco Umbrella Rank: 30585
13 KB
8 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
4 KB
7 bouncex.net
dfp.bouncex.net — Cisco Umbrella Rank: 3817
events.bouncex.net — Cisco Umbrella Rank: 2011
872 B
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
3 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2397
1 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
55 KB
6 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
sync.1rx.io — Cisco Umbrella Rank: 528
2 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
dis.criteo.com — Cisco Umbrella Rank: 691
2 KB
6 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127
pixel.advertising.com — Cisco Umbrella Rank: 327
2 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
99 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
223 KB
6 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 22672
collector.sophi.io — Cisco Umbrella Rank: 21707
53 KB
6 remixd.com
tags.remixd.com — Cisco Umbrella Rank: 17925
pubcast-files.remixd.com — Cisco Umbrella Rank: 19732
player-files.remixd.com — Cisco Umbrella Rank: 19350
63 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 496
136 KB
5 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1296
cs.emxdgt.com
849 B
5 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
2 KB
5 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2228
api.bounceexchange.com — Cisco Umbrella Rank: 3236
160 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
4 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6222
ads.yieldmo.com — Cisco Umbrella Rank: 670
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 11023
3 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
3 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
2 KB
5 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11842
www.i.matheranalytics.com — Cisco Umbrella Rank: 12059
44 KB
5 tribdss.com
ssor.tribdss.com — Cisco Umbrella Rank: 34535
www.tribdss.com — Cisco Umbrella Rank: 34544
38 KB
4 bfmio.com
sync.bfmio.com
1 KB
4 360yield.com
ad.360yield.com
1 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3523
casale-match.dotomi.com
1 KB
4 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 990
3 KB
4 tremorhub.com
pi979-10rsz.ads.tremorhub.com — Cisco Umbrella Rank: 17088
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3194
3 KB
4 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
3 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
82 KB
4 smarterhq.io
tr2.smarterhq.io — Cisco Umbrella Rank: 10099
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
143 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1587
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1483
949 B
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
1 KB
3 behave.com
ssp.behave.com — Cisco Umbrella Rank: 3065
1 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
1 KB
3 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 4797
pd.cdnwidget.com — Cisco Umbrella Rank: 4868
u.cdnwidget.com — Cisco Umbrella Rank: 4964
1 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 6123
page.cdnbasket.net — Cisco Umbrella Rank: 6121
view.cdnbasket.net — Cisco Umbrella Rank: 6142
1 KB
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1208
2 KB
3 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
1 KB
3 smoggysnakes.com
smoggysnakes.com — Cisco Umbrella Rank: 48677
27 KB
3 go-mpulse.net
c.go-mpulse.net — Cisco Umbrella Rank: 542
s.go-mpulse.net — Cisco Umbrella Rank: 1253
100 KB
3 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1580
107 KB
2 eqads.com
um2.eqads.com
563 B
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 5275
770 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 816
1018 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5335
965 B
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2498
643 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4756
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23037
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 2305
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1634
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
959 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 510
tags.bluekai.com — Cisco Umbrella Rank: 466
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3972
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 642
552 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
996 B
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3271
33 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
879 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 916
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1139
769 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 797
849 B
2 google.ca
ampcid.google.ca — Cisco Umbrella Rank: 75023
www.google.ca — Cisco Umbrella Rank: 7861
967 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2931
p1.parsely.com — Cisco Umbrella Rank: 2249
21 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
27 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
97 KB
2 zeustechnology.com
tribune-chicagotribuneclassic.zeustechnology.com — Cisco Umbrella Rank: 81616
insights.zeustechnology.com — Cisco Umbrella Rank: 13861
61 KB
2 zephr.com
assets.zephr.com — Cisco Umbrella Rank: 35743
16 KB
1 rfihub.com
p.rfihub.com
779 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1700
342 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
763 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
ssbsync.smartadserver.com Failed
697 B
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 4825
379 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2987
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4285
464 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2805
485 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6203
322 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
88 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1175
217 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6346
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 52096
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2591
395 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
650 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4383
348 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
222 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 3454
263 B
1 survata.com
ir.surveywall-api.survata.com — Cisco Umbrella Rank: 5387
294 B
1 blisspointmedia.com
cdn.blisspointmedia.com — Cisco Umbrella Rank: 4138
1 KB
1 pointmediatracker.com
pixel.pointmediatracker.com — Cisco Umbrella Rank: 2761
555 B
1 akstat.io
173bf111.akstat.io — Cisco Umbrella Rank: 15128
207 B
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 1969
39 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 273
667 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2371
250 B
1 wknd.ai
tag.wknd.ai — Cisco Umbrella Rank: 7568
215 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 637
222 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
241 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 746
670 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1519
435 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 408
338 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1557
517 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117
537 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1120
201 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
481 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4739
360 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4047
354 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 9106
169 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1277
14 KB
1 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 4634
658 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1904
345 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1747
596 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 6022
694 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 743
434 B
1 ticketmaster.com
links.engage.ticketmaster.com — Cisco Umbrella Rank: 94658
441 B
0 brand-display.com Failed
dmp.brand-display.com Failed
840 150
Domain Requested by
27 pagead2.googlesyndication.com www.googletagservices.com
srcdoc
imasdk.googleapis.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
27 pubads.g.doubleclick.net 1 redirects www.chicagotribune.com
player.sendtonews.com
imasdk.googleapis.com
24 tpc.googlesyndication.com www.chicagotribune.com
vpaid.springserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
23 simage2.pubmatic.com 2 redirects ads.pubmatic.com
23 securepubads.g.doubleclick.net www.chicagotribune.com
securepubads.g.doubleclick.net
www.googletagservices.com
cd.connatix.com
22 d29xw9s9x32j3w.cloudfront.net player.sendtonews.com
www.chicagotribune.com
cdnjs.cloudflare.com
21 ib.adnxs.com 8 redirects tribune-chicagotribuneclassic.zeustechnology.com
d29xw9s9x32j3w.cloudfront.net
sync-amz.ads.yieldmo.com
vpaid.springserve.com
20 imasdk.googleapis.com player.sendtonews.com
imasdk.googleapis.com
cd.connatix.com
www.chicagotribune.com
20 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
sync-amz.ads.yieldmo.com
eus.rubiconproject.com
eb2.3lift.com
ssum.casalemedia.com
19 csi.gstatic.com imasdk.googleapis.com
18 cm.g.doubleclick.net 13 redirects u.openx.net
eus.rubiconproject.com
eb2.3lift.com
17 sync.taboola.com 2 redirects srcdoc
ssum.casalemedia.com
ssum-sec.casalemedia.com
17 x.bidswitch.net 17 redirects
17 match.adsrvr.org 16 redirects js-sec.indexww.com
17 www.chicagotribune.com 2 redirects www.chicagotribune.com
16 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
um2.eqads.com
14 capi.connatix.com cd.connatix.com
14 ups.analytics.yahoo.com 10 redirects u.openx.net
www.chicagotribune.com
13 us-u.openx.net 5 redirects u.openx.net
12 fonts.gstatic.com fonts.googleapis.com
news.google.com
11 trc.taboola.com 1 redirects cdn.taboola.com
srcdoc
eus.rubiconproject.com
11 dmx.districtm.io 1 redirects cdn.districtm.io
s.amazon-adsystem.com
11 eb2.3lift.com 3 redirects ib.3lift.com
eb2.3lift.com
10 sync-t1.taboola.com srcdoc
10 siteintercept.qualtrics.com zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com
siteintercept.qualtrics.com
10 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
d29xw9s9x32j3w.cloudfront.net
srcdoc
10 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
10 cdn.taboola.com www.chicagotribune.com
cdn.taboola.com
10 c.amazon-adsystem.com www.chicagotribune.com
c.amazon-adsystem.com
player.sendtonews.com
9 id5-sync.com 9 redirects
9 vid.connatix.com cd.connatix.com
9 image2.pubmatic.com ads.pubmatic.com
9 hbopenbid.pubmatic.com tribune-chicagotribuneclassic.zeustechnology.com
d29xw9s9x32j3w.cloudfront.net
vpaid.springserve.com
8 news.google.com www.chicagotribune.com
news.google.com
www.gstatic.com
8 as-sec.casalemedia.com js-sec.indexww.com
vpaid.springserve.com
8 sb.scorecardresearch.com 3 redirects cdn.taboola.com
www.chicagotribune.com
7 googleads.g.doubleclick.net
7 play.google.com www.gstatic.com
7 sendtonews-d.openx.net d29xw9s9x32j3w.cloudfront.net
vpaid.springserve.com
7 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
vpaid.springserve.com
7 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
vpaid.springserve.com
7 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
u.openx.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
7 match.prod.bidr.io 7 redirects
7 www.google.com www.chicagotribune.com
tpc.googlesyndication.com
7 www.google-analytics.com www.chicagotribune.com
www.google-analytics.com
7 fonts.googleapis.com www.chicagotribune.com
player.sendtonews.com
client
6 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
6 t.teads.tv www.chicagotribune.com
6 s0.2mdn.net imasdk.googleapis.com
6 sync.mathtag.com 6 redirects
6 sync-tm.everesttech.net 6 redirects
6 s2l.sendtonews.com www.chicagotribune.com
6 www.googletagservices.com www.chicagotribune.com
6 cdn.cookielaw.org www.chicagotribune.com
cdn.cookielaw.org
5 pixel.onaudience.com 5 redirects
5 events.bouncex.net
5 pixel.advertising.com 5 redirects
5 bh.contextweb.com 4 redirects
5 token.rubiconproject.com 4 redirects bcp.crwdcntrl.net
5 u.openx.net 1 redirects s.amazon-adsystem.com
d29xw9s9x32j3w.cloudfront.net
5 pixel-sync.sitescout.com 5 redirects
5 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
5 um.simpli.fi 5 redirects
5 www.gstatic.com www.google.com
news.google.com
www.gstatic.com
5 ads.pubmatic.com tribune-chicagotribuneclassic.zeustechnology.com
ads.pubmatic.com
s.amazon-adsystem.com
assets.bounceexchange.com
5 zephr.chicagotribune.com assets.zephr.com
4 sync.bfmio.com 2 redirects srcdoc
4 ad.360yield.com 4 redirects
4 cs.emxdgt.com 4 redirects
4 vid-io-cle.springserve.com vpaid.springserve.com
4 px.owneriq.net 4 redirects
4 ade.googlesyndication.com
4 us-trc-events.taboola.com cdn.taboola.com
4 tag.1rx.io cds.connatix.com
4 cks.connatix.com www.chicagotribune.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
srcdoc
4 idsync.rlcdn.com 2 redirects ads.pubmatic.com
u.openx.net
4 sync.technoratimedia.com 4 redirects
4 timber.sendtonews.com player.sendtonews.com
4 collector.sophi.io cdn.sophi.io
4 tr2.smarterhq.io d1n00d49gkbray.cloudfront.net
www.chicagotribune.com
4 www.tribdss.com 2 redirects www.chicagotribune.com
4 tlx.3lift.com tribune-chicagotribuneclassic.zeustechnology.com
d29xw9s9x32j3w.cloudfront.net
4 htlb.casalemedia.com tribune-chicagotribuneclassic.zeustechnology.com
d29xw9s9x32j3w.cloudfront.net
4 cdnjs.cloudflare.com www.chicagotribune.com
player.sendtonews.com
3 match.bnmla.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 rtb.mfadsrvr.com 3 redirects
3 ssp.behave.com 2 redirects
3 beacons.extremereach.io 1 redirects
3 pixel.tapad.com 2 redirects u.openx.net
3 api.bounceexchange.com assets.bounceexchange.com
3 cdn1.extremereach.io
3 player-files.remixd.com
3 vid.springserve.com imasdk.googleapis.com
vpaid.springserve.com
3 ums.acuityplatform.com 3 redirects
3 pixel.quantserve.com 3 redirects
3 sync.search.spotxchange.com 3 redirects
3 secure.adnxs.com 3 redirects
3 img.connatix.com www.chicagotribune.com
cdn.taboola.com
3 cdn.districtm.io 1 redirects s.amazon-adsystem.com
cdn.districtm.io
3 id.rlcdn.com 1 redirects eus.rubiconproject.com
u.openx.net
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 cds.connatix.com www.chicagotribune.com
cd.connatix.com
3 ad.turn.com 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 www.i.matheranalytics.com www.chicagotribune.com
3 smoggysnakes.com www.chicagotribune.com
smoggysnakes.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 a.teads.tv www.chicagotribune.com
s8t.teads.tv
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 grid.bidswitch.net tribune-chicagotribuneclassic.zeustechnology.com
3 fastlane.rubiconproject.com tribune-chicagotribuneclassic.zeustechnology.com
3 player.sendtonews.com embed.sendtonews.com
player.sendtonews.com
3 tags.crwdcntrl.net tribune-chicagotribuneclassic.zeustechnology.com
tags.crwdcntrl.net
3 confiant-integrations.global.ssl.fastly.net www.chicagotribune.com
confiant-integrations.global.ssl.fastly.net
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 m.fg8dgt.com 2 redirects
2 ce.lijit.com 1 redirects
2 bc-ssb-cle.springserve.com vpaid.springserve.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 io.narrative.io 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 match.taboola.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 secure-assets.rubiconproject.com 2 redirects
2 taboola-supply-partners.tremorhub.com 2 redirects
2 dfp.bouncex.net www.chicagotribune.com
2 sync.ipredictive.com 2 redirects
2 rtb.openx.net 1 redirects u.openx.net
2 vast.extremereach.io imasdk.googleapis.com
2 assets.bounceexchange.com tag.wknd.ai
assets.bounceexchange.com
2 bid.g.doubleclick.net imasdk.googleapis.com
2 b1sync.zemanta.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 vpaid.springserve.com imasdk.googleapis.com
2 simage4.pubmatic.com ads.pubmatic.com
2 mug.criteo.com www.chicagotribune.com
2 gum.criteo.com 1 redirects
2 sync.srv.stackadapt.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 onesignal.com cdn.onesignal.com
2 ps.eyeota.net 1 redirects bcp.crwdcntrl.net
2 thrtle.com 1 redirects bcp.crwdcntrl.net
2 aa.agkn.com bcp.crwdcntrl.net
ads.pubmatic.com
2 pi979-10rsz.ads.tremorhub.com 1 redirects www.chicagotribune.com
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 cdn.onesignal.com www.chicagotribune.com
cdn.onesignal.com
2 js.matheranalytics.com 1 redirects www.chicagotribune.com
2 api.rlcdn.com js-sec.indexww.com
tribune-chicagotribuneclassic.zeustechnology.com
2 cdn.sophi.io www.googletagmanager.com
www.chicagotribune.com
2 js-sec.indexww.com tribune-chicagotribuneclassic.zeustechnology.com
player.sendtonews.com
2 c.go-mpulse.net www.chicagotribune.com
c.go-mpulse.net
2 www.googletagmanager.com www.chicagotribune.com
2 d3mmnnn9s2dcmq.cloudfront.net www.chicagotribune.com
d3mmnnn9s2dcmq.cloudfront.net
2 tags.remixd.com www.chicagotribune.com
tags.remixd.com
2 embed.sendtonews.com www.chicagotribune.com
player.sendtonews.com
2 assets.zephr.com www.chicagotribune.com
1 p.rfihub.com 1 redirects
1 ssum.casalemedia.com srcdoc
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 visitor.omnitagjs.com
1 rtd-tm.everesttech.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 e1.emxdgt.com
1 rtb-csync.smartadserver.com
1 id.sharedid.org cds.connatix.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 sync.resetdigital.co 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 us-vid-events.taboola.com
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 u.cdnwidget.com
1 event.clientgear.com 1 redirects
1 ir.surveywall-api.survata.com
1 cdn.blisspointmedia.com
1 pixel.pointmediatracker.com 1 redirects
1 beacons-ipv4.extremereach.io 1 redirects
1 googleads4.g.doubleclick.net
1 ca1.qualtrics.com
1 vidstat.taboola.com cdn.taboola.com
1 173bf111.akstat.io c.go-mpulse.net
1 pd.cdnwidget.com assets.bounceexchange.com
1 15.taboola.com cdn.taboola.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 cdn.jwplayer.com tags.remixd.com
1 trc-events.taboola.com cdn.taboola.com
1 stags.bluekai.com 1 redirects
1 c.bing.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 tag.wknd.ai www.chicagotribune.com
1 zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com www.chicagotribune.com
1 pubcast-files.remixd.com tags.remixd.com
1 match.sharethrough.com 1 redirects
1 s.ad.smaato.net s.amazon-adsystem.com
1 ads.yahoo.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 bttrack.com 1 redirects
1 sync.extend.tv 1 redirects
1 crb.kargo.com s.amazon-adsystem.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 cd.connatix.com 1 redirects
1 beacon.krxd.net bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 jadserve.postrelease.com 1 redirects
1 ping.chartbeat.net www.chicagotribune.com
1 ads.adaptv.advertising.com d29xw9s9x32j3w.cloudfront.net
1 www.google.ca www.chicagotribune.com
1 static.adsafeprotected.com www.chicagotribune.com
1 tags.rd.linksynergy.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 id.sv.rkdms.com js-sec.indexww.com
1 s8t.teads.tv a.teads.tv
1 cdn.resonate.com player.sendtonews.com
1 static.chartbeat.com www.chicagotribune.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 protected-by.clarium.io www.chicagotribune.com
1 geo.privacymanager.io ats.rlcdn.com
1 p1.parsely.com www.chicagotribune.com
1 d1n00d49gkbray.cloudfront.net www.chicagotribune.com
1 ampcid.google.ca www.google-analytics.com
1 idx.liadm.com js-sec.indexww.com
1 ats.rlcdn.com www.chicagotribune.com
1 ampcid.google.com www.google-analytics.com
1 cdn.parsely.com www.googletagmanager.com
1 d15kdpgjg3unno.cloudfront.net tribune-chicagotribuneclassic.zeustechnology.com
1 authenticate.chicagotribune.com www.chicagotribune.com
1 63cae183affa97044b8cb5582b7200aa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 insights.zeustechnology.com tribune-chicagotribuneclassic.zeustechnology.com
1 dyv1bugovvq1g.cloudfront.net tribune-chicagotribuneclassic.zeustechnology.com
1 ib.3lift.com tribune-chicagotribuneclassic.zeustechnology.com
1 check.analytics.rlcdn.com tribune-chicagotribuneclassic.zeustechnology.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 s.go-mpulse.net www.chicagotribune.com
1 ssor.tribdss.com www.chicagotribune.com
1 tribune-chicagotribuneclassic.zeustechnology.com www.chicagotribune.com
1 links.engage.ticketmaster.com 1 redirects
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
0 ssbsync.smartadserver.com Failed srcdoc
840 268
Subject Issuer Validity Valid
tronc.web.arc-cdn.net
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
assets.zephr.com
Amazon		 2021-05-28 -
2022-06-26		 a year crt.sh
*.zeustechnology.com
Amazon		 2021-05-15 -
2022-06-13		 a year crt.sh
*.sendtonews.com
Amazon		 2021-06-17 -
2022-07-16		 a year crt.sh
*.remixd.com
Amazon		 2021-04-10 -
2022-05-09		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh
www.trbimg.com
DigiCert SHA2 Secure Server CA		 2021-08-10 -
2022-06-02		 10 months crt.sh
zephr.sun-sentinel.com
Amazon		 2021-01-08 -
2022-02-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
analytics.rlcdn.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
authenticate.baltimoresun.com
Amazon		 2021-10-12 -
2022-11-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
cdn.sophi.io
Amazon		 2021-11-18 -
2022-12-16		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.liadm.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.google.ca
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
queue.amazonaws.com
Amazon		 2021-10-15 -
2022-10-07		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
smarterhq.io
Amazon		 2021-10-20 -
2022-11-17		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
smoggysnakes.com
R3		 2021-12-26 -
2022-03-26		 3 months crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
collector.sophi.io
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.ml314.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.app.kargo.com
Amazon		 2022-01-06 -
2023-02-03		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.springserve.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
pubcast-files.remixd.com
GTS CA 1D4		 2021-12-19 -
2022-03-19		 3 months crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-24 -
2022-09-24		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
tag.wknd.ai
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.extremereach.io
Amazon		 2021-11-04 -
2022-12-02		 a year crt.sh
*.cdnbasket.net
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-09-27		 a year crt.sh
player-files.remixd.com
GTS CA 1D4		 2021-12-20 -
2022-03-20		 3 months crt.sh
ids.cdnwidget.com
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
pd.cdnwidget.com
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
*.wunderkind.co
R3		 2021-12-16 -
2022-03-16		 3 months crt.sh
*.surveywall-api.survata.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-03 -
2022-02-10		 2 years crt.sh
u.cdnwidget.com
GTS CA 1D4		 2021-12-18 -
2022-03-18		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh

This page contains 104 frames:

Primary Page: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Frame ID: 4286DF60FB2D41A14A8076B3B73FD404
Requests: 251 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
Frame ID: 4B9D59316F83DFF718F6028F6E008758
Requests: 2 HTTP requests in this frame

Frame: https://63cae183affa97044b8cb5582b7200aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 81286BDF784222B15AF60053CFE5A4F6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFDqA24QuH1QXAXGd4GsyaemmEQyufabEViMAoAHYsodkbzOv7n3daFGZy07-9hvXTRCAYXsWLuD8JVVTrJ6tv4ZVDEFpXUjxqMbvTYaZCpWK3jzpH9FY0OUhxg0FMz4IBnqrT0i6FW5uB0divQI7uBEg03DHs_rTE9k407RaUAQ47hZb40dwURdFBsGQlXdy2AqeXvcpfdBNk3zs3gvBWDNWjKsWaJ11_mP7vBOU5MHAXP5WHr829oAebxEQYqhJKtt7lt42QWnGT5QH_90FPZpcmyU7ka5NE2wCrZWQNr0cEKN-bKEYEQEpmqgRXYmQSXHntbcUA5G6KDvlqtJ2scvPfwYWSoFmp&sig=Cg0ArKJSzCDc8vm7I4mLEAE&uach_m=[UACH]&adurl=
Frame ID: 6EEC0CAA67ACBAEFE8EA277BC1097DCC
Requests: 8 HTTP requests in this frame

Frame: https://player.sendtonews.com/player7/player/65.21.11/player.js
Frame ID: 0E60855B2E4C4C89A10DBCCAE74B64E6
Requests: 71 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: C3FEB030850D47D102F212AD160C6235
Requests: 13 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=13200
Frame ID: 6EBBADA2A8054F7C63F830F67173A2DC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuts6cZtKCOwmSqqwUztKropEOhieQXOHeg_ZJ0mhz4SKeRCFavPaHevNIRXfPM5tyt7W2nUlaBjFQJgW7PI4xBNipURtyFHy8sDG-x7SkYKOIl3Jm5jCrLfs9q61z1H2o7ZSB80aaLpr-lLuRTXw1VCzoGjaOJMOKGB9pw6lTXJ5MYIpvRDDOE9RtbFmdebJjZ_rI_IMvGgiCSN5nLKHFI8gmyzxup05DY50h0_jkF1VQutoI2RQLuoUxwoc6Uwya7yevUVH4-X-LMlPgGm3L80LULGwkRL3dHDJGFHd9JDJ2aHBlDfMbgLjhO6BEQVu2ROqxg4bnVrbjJXQR0QHos2g8xDZw5aBwHD9AZgLYL&sig=Cg0ArKJSzMouQCVSbslaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6DAD251559FE605ACE255CC5096068A5
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&dcc=t
Frame ID: C78B679E349E41109F42DE5F92D0A9FC
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Frame ID: 637AB4D4DBB80E70BA8D9EB26C79254E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YehZTgAABTHFZgAZ&gdpr=0&gdpr_consent=&_test=YehZTgAABTHFZgAZ
Frame ID: 48B8E4424A0672EB3353BA54CCD506EC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc1361e8-594e-4000-912e-fc1e60f60433&gdpr=0&gdpr_consent=
Frame ID: 02AF55C98C743ED0EA8852D0AD231D36
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB-E7D0LMAAEHRhEm97A
Frame ID: 35BB176857ABB66EB72CB3672D985953
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: C6C7E14AAD9AFA61AAFE34748A292D21
Requests: 15 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Frame ID: 990B4D102A9C54C5D8058078ED2BE5D4
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: E63A36D46EB10B132EE2E7C17C33091C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst98kFf0pUZVbqfc9uOYbZKNZe-6OsEQeiOfYrKLXC3i-8colPOBXq6jRvCRb3YF5f6QkW2UmxtrGXnKCpW4HeS7t9K_tEIsdRiJzjjsBa95OAKtLDiSeZBxi-MptkdB0C5zSQD1P1_sPXytOxIDoECWA1XS3f_T0ObOH5siXMzjN06gSYVsINfaWKCttJi91zIHr1twfpbX4DpzuCwD12oRZmi6j0sSNiTs-2acE7EitqoYcCaW2gDOkEVLQwzfg4Os5t0zczKRy7MnleMgFnjYkuHaa3iD_dwopgczO_bhLTXwzlXVb19EWY4OiT4BOCQm_E39QVyo8z7kPYHsvHMCqCw_YJ8u0YG&sig=Cg0ArKJSzKW3904f42XZEAE&uach_m=[UACH]&adurl=
Frame ID: DCA937A4CD8B20AFBF53344B0CA34998
Requests: 9 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Frame ID: 5FB0D1FF49E0CF6AF011A02A2A494000
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2946C46EEB4D6E163E59A9FDCFF00B64
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugq2ptNuZkjeYzf5HY518b6p-yVYpaS8rlbiUqJCNnXPLBD0_aJrNl7-nXeWhHpILDdm1Fcaf0Ucu3rraltg2InXLvi8K43OYaNW3FkgLTWmtODnDxXjjMYNXP1WNe7zHODACXSsSbxqxI9QlM58_CmCXD5byfzK6xIqcBK-FVEKfkapH7DdozEpdchL0xFcU5_4XRdGJ0Kft7sh7y-0gwUUDDjybZoifgg9Gv5y4bbFdQdKoiaSC-5KqibTi3JPtK0lFmQlG8Vgv7X76GAvsXZ0864HWJ7mIPXifAx9GtpwcDLWZN7aQe5kchJV2eGjHztZ2KQw-KXlbLmAldU5GNYH3e0PrhlXcqou0N&sig=Cg0ArKJSzLr0sHJuIPuREAE&uach_m=[UACH]&adurl=
Frame ID: E60AC3D1750AC6B0CB8A17E7F4FE04C9
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCyoWiFTa8RBH02LrrZ3qH1SwmGbLcxI3GCLk6bQE3Z1vI_M8x87h7k5W7SSmF_Nbk-HZIAKF-z_1EhKdWrAt41DicbZxsUIQrvSWyB0JcnEhruu0MDNBw_R30_uYWPJrSo9sQfO2EfD08Y8DUIxhS4UeOqJzJXFXLxG8O4-0bv_fRTKw38BmtAWoyOc0YS4m6_3wk_hvvdevrY3hL-PvdBg-oSos_FPKamGFET8QqRyWXu8zcQG_2a6yYba6QRw0fcirfBr3RYhBZX6OvNyoMXgdBHMk5QSUHdH4XPO3u9Xq-H3gMdPLmTVjWP6vXUO51GxoqoQHrCBsxR1jiemZTvn0IM5Rt61tKyrAc&sig=Cg0ArKJSzLDd14vR5P2DEAE&uach_m=[UACH]&adurl=
Frame ID: 0ADF10D5B1360ADE47504A0FA400AD19
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG8n-8_DnmP9-vO7gwgjSiOC1Wt0UNDgR1D44Lriqm_oGT77CqenJ25PEkSQanplY9lwD3RvqtVRRYRTsgZDLHFLwe32acsq1zCFbNbQAuvz62XiVhW42ZhvzrrCdsbTKDzz89xLsmqNuk8GLAXd-wzoQ_fjkbK4iK07fQ8VtotE7LauWN9S5v4UXt4DC8dQ9paRHYcTGvJU93jFVIeZfAFr_JtxqpxE98acY2N761AIfSYwx-nzIAWVL5g-TZOFxul9ajD0G7CxDN3vbBpGy5VjebgCmz4dWgzukLnwWZYrfXfkzVQALoLLJQ0QIM4OgreFeRGfkvDq09KX1K4KlE_CPe6zotJ4mK&sig=Cg0ArKJSzLpAjdNbQRbrEAE&uach_m=[UACH]&adurl=
Frame ID: CB89049F6373033D21EE15054467A4CC
Requests: 9 HTTP requests in this frame

Frame: https://cds.connatix.com/p/146566/connatix.player.js
Frame ID: CF0BA36F5CFB1D86D8A78EBDDB5F7189
Requests: 47 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: A448BE1FDF166F30B3C5E74AD16A9F66
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 36BFA0BBCBFB561438BD5CCF858B4EFA
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: FF1FC5A6C8B16D0D8024AA519B1FDC00
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 0BB531083D3DD6E06CD07A5FF9FCC49D
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1DQ2J6REJkRTJ1S1ZRQTdkSW11a2lEWTVNVUpacE5xTH5B
Frame ID: E5982A24570E617AD067B599F46DFDD1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: D059A8B8F7D238D94A10D41F159122B9
Requests: 7 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/dinitsync?partners=A9
Frame ID: FE9FB12C4B6B09A1E242E854380B13D6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=appnexus.com
Frame ID: 6BF140B6935116D2B076ED76F954639E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4673296360271624245
Frame ID: 7FCA3EFEB2F42844F9355936C2A5A1A4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_an-db5_dmx_n-Outbrain
Frame ID: AACE2131F60E9BA45B7618C5B66811D6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Frame ID: BA06E1CEA695AB45A1195A94AE91C7A9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 1662D244A9116541B86C5A7544CA87D9
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: B7F91D95CD2E81887948B942E40DC925
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=districtm
Frame ID: 93D028DD2B9667DE84B6C334ED38A8B7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: C84A10485E64FB92FA36266BA3E0C77B
Requests: 11 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Frame ID: A21597AC84F50AD7F3A2909FA51FAE2E
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 64A3B5F5227C1D0EB981166786B1DDDF
Requests: 25 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: E185F498BE0A33B911C8268092954EB9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: E1DF752C9603A6C0AFD1F2B10090FE5F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A352B8D00C846362398489E82A273760
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 46F3BBB121DC5099E92039F8DC3269C4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FB8A454A352C8F142101BD353B428018
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 80AFFE30D7363162DBA672232DAFED8F
Requests: 28 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Frame ID: BFB68E7800B43C9440FAC5FEC704C17B
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: C10642F1B9B38700F353775C686772AD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B1FCEF6F495BEA4884F6DE0FFF8E383E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8BF48306347F8E8EBCA993C29E41A86D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4BB83BF345075BFA41884853202E55D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1601A5A50C28218C40125FB64D66F842
Requests: 2 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: D136B14AEEFEE2ECB65BC4DB9AAD0358
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined%26channel%3Dvastadp
Frame ID: B9B2C3599B019039A62DC1470AE35ADF
Requests: 5 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: F7868A9F5E3B30ADE662BF9CD2C7A115
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 6AFC5A56407B18678D291BC4D7C2E57E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A072C2999AFD9D3D9E6C5D0B65EE4C96
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8C6FA0F5BE4B3E61EAEFCF322B938F15
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: EF1E0CB760DDE6448F4FF70C3E3FC543
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 26629E1FDCEACC31A7CE54D47634D051
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1EF4B9B9BF19F18966A6FC7154662DDB
Requests: 3 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66234245&crid=4974525&dast=V7vN0CFgMZFTvctCfgEQQZFTvctCfgEQUAAAAGBvQHGTWYDIfDCYmzWa4Gk91mslyNBpPZaDaEjBpMhsPhhMTZLFeDyW4yW2wmk8VmNpvCh7FcJoNaIHGZ_b63wnJ6eswut-joels8_walw4ZATDSdDp_rXq_7_e4ao9Pj8PlNl6fFdXfZNX63X2U3vSynh9PudtlNf9HR5TC9LH_Jy_Z0-T5_jemtspveeq_ZYfS7HW6J5e8w-R7Ot-jvurw1RqfH4fO7JS_b0-V7SwaTyWCx2Kz1tpvjcHp5PHeL6bX3fJ2vp99jWTx8a7fm9Lc870LT22wHAAAAgAeApfNeiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIPxJg0AEw6E9ttNl5fD7A8AgAcFEAAAAQwSAIKfuBIAi9flEwAAAAAAAAAAlv____-YAfnTQhkAjb3VHoAHH4AHIgK4IkYAAAAAlTiZu0eTOqGyqAIAIEi3ArgCAAjwm-M8Jw8DAAAgGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCNgAAacKTKPZqv4AAAGu_gAAAbOoGAPAWABd0BjOcjTa71Q3kaDA7AAAAgLv___9_PRCymWwr18Y0HExMDpvDsfDNRhuPyzJbTZaDjWO1vTH2QqRtxxmZvhBxmf2-t8JyenrMLrfo6HpbPP8GpUMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyN0AJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhcjKZmRar1VrjsnnWoolltVZYBqO1ZLdZzHyDmWtisq1Fr4_puHKMXCbHFgUDMPciuEgnosvT4rq7TE6f0_QwuzVGp8fh85suT4vr7rKIJZqTRTqRXfYlm8m2cm1Mw8HE5LA5HAvfbLTxuCyz1WQ52DhW--ZkMjMtVqu1xmXzrEUTy2qtsAxGa8lus5j5BjPXxGRbi14f03HlGLlMjn1jNprMFrvFbLlvzEaT2WK3mC33HTrDd_U5G5WP37nj06zE1fRuZj4oXAaLd6U6rbQFyUGbvYqcLs1MWdQZlc_vyGtQeA4e1eI7Pbxei5_WWBR-D0ZFLBGcLtKJ6GU8XcQSydMincgGq41nOdvMJhOTx7Ww2WaWlckzM0xmlpVrtfJMxBKl6SKd6FV208tyejjtbpfd9BcdXQ7Ty_KXvGxPl-_z15jeKrvprfeaHUa_2-GWWP4Ok-_hfIv-rstbY3R6HD6_W_KyPV2-t2QwmQwWi81ab7s5DqeXx3O3mF57z9f5evo9lsXDt3ZrTn_L8y40vc0W9R8dYrScq2ZzxWozVwx3qwQAAAAAAAAAsIQp8yYAAAAAp4HshpvharkAD2UtusAgAAAAAAAAuzNXsg-V6_7GxY0fd9DlaXHdXSanz2l6mN0ao9Pj8PlNl6fFdXdZGeChjIV5s2eCWKvVsgYAABDABgAACODWzVsgOiQH!&cmcv=&pix=undefined&cb=1642617170663&uv=3107&tms=1642617170663&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl102121-107_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=502888BD33950273295402646&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F66B810D2F269572F6B8F5F71DCFB784
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7vN0CFgMZFTvctCfgEQQZFTvctCfgEQUAAAAGBvQHGTWYDIfDCYmzWa4Gk91mslyNBpPZaDaEjBpMhsPhhMTZLFeDyW4yW2wmk8VmNpvCh7FcJoNaIHGZ_b63wnJ6eswut-joels8_walw4ZATDSdDp_rXq_7_e4ao9Pj8PlNl6fFdXfZNX63X2U3vSynh9PudtlNf9HR5TC9LH_Jy_Z0-T5_jemtspveeq_ZYfS7HW6J5e8w-R7Ot-jvurw1RqfH4fO7JS_b0-V7SwaTyWCx2Kz1tpvjcHp5PHeL6bX3fJ2vp99jWTx8a7fm9Lc870LT22wHAAAAgAeApfNeiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIPxJg0AEw6E9ttNl5fD7A8AgAcFEAAAAQwSAIKfuBIAi9flEwAAAAAAAAAAlv____-YAfnTQhkAjb3VHoAHH4AHIgK4IkYAAAAAlTiZu0eTOqGyqAIAIEi3ArgCAAjwm-M8Jw8DAAAgGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCNgAAacKTKPZqv4AAAGu_gAAAbOoGAPAWABd0BjOcjTa71Q3kaDA7AAAAgLv___9_PRCymWwr18Y0HExMDpvDsfDNRhuPyzJbTZaDjWO1vTH2QqRtxxmZvhBxmf2-t8JyenrMLrfo6HpbPP8GpUMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyN0AJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhcjKZmRar1VrjsnnWoolltVZYBqO1ZLdZzHyDmWtisq1Fr4_puHKMXCbHFgUDMPciuEgnosvT4rq7TE6f0_QwuzVGp8fh85suT4vr7rKIJZqTRTqRXfYlm8m2cm1Mw8HE5LA5HAvfbLTxuCyz1WQ52DhW--ZkMjMtVqu1xmXzrEUTy2qtsAxGa8lus5j5BjPXxGRbi14f03HlGLlMjn1jNprMFrvFbLlvzEaT2WK3mC33HTrDd_U5G5WP37nj06zE1fRuZj4oXAaLd6U6rbQFyUGbvYqcLs1MWdQZlc_vyGtQeA4e1eI7Pbxei5_WWBR-D0ZFLBGcLtKJ6GU8XcQSydMincgGq41nOdvMJhOTx7Ww2WaWlckzM0xmlpVrtfJMxBKl6SKd6FV208tyejjtbpfd9BcdXQ7Ty_KXvGxPl-_z15jeKrvprfeaHUa_2-GWWP4Ok-_hfIv-rstbY3R6HD6_W_KyPV2-t2QwmQwWi81ab7s5DqeXx3O3mF57z9f5evo9lsXDt3ZrTn_L8y40vc0W9R8dYrScq2ZzxWozVwx3qwQAAAAAAAAAsIQp8yYAAAAAp4HshpvharkAD2UtusAgAAAAAAAAuzNXsg-V6_7GxY0fd9DlaXHdXSanz2l6mN0ao9Pj8PlNl6fFdXdZGeChjIV5s2eCWKvVsgYAABDABgAACODWzVsgOiQH!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: F1F68DD14BE5322B6AA692167C3916E4
Requests: 1 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
Frame ID: 7843BFD9EBA0C7864C73F2DA04C68ABA
Requests: 4 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
Frame ID: 3BA1258564C0A8B34F6A761AAB4E43B6
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: 47F84F53E5278809471DDC30A5293B61
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 89FAFBCF1FF9025F8ECE77D16D5FE2E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=35483968-7956-11ec-bad7-68220af88a6f
Frame ID: FCC2E3B54D9AA9AADC4410D5A11C0009
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 98B6CDFF697BF0D4F25F81B6FFC51417
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Frame ID: DAB8A9D812DF3349558A2659B31E1070
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XNW61SFrQnxUHBiGnrx50ZU4mbs
Frame ID: 709D87CA15626041659EEE178CEAE78A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4BA21BAA08C96946BE82A7FB0ECCCFC0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NpJI2n1H1NafLl5&gdpr=0&gdpr_consent=
Frame ID: EB155AE34391FE9346E63B77C4D90C5D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=641253725093
Frame ID: 55CEC84C4677B08BC37DB1FDE5D5413A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=5375b53f-8e0d-471e-ae4c-f4330ef2339e
Frame ID: 2D7ECE55CC02288ABEFE09AC9274E529
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6959035711058652685
Frame ID: 4876B50B56C2669918DCBE5D727E510B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=9e98d77b-7461-43b2-8bb3-0c6790007fa0
Frame ID: 7CBD8F4195CF4F9CB45DB82F78D9E950
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005
Frame ID: B540CB2F57F184C44FD584E61546B335
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: C0E292F45E0FF2F9BD6F1669EEFC0207
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mPPSdJz3A-Gnd4vIU1noYQ
Frame ID: EC6B42B3D8BFB1210E4B9EE4B7E7CCE4
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 26E053A00844BC161C4D9483494AAB27
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: D27E7CCCCBBCCFC93D7F0D4DC4B41BB8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 921545EF1A9D6AA17589FB24B8793641
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
Frame ID: 4DC6C079B59F1BE2C754F7F82BE19AC7
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH
Frame ID: 45A4E5B94F8C8B96AE4C7AAD31368668
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 218483D756910FE433C69A4F3BF669A5
Requests: 27 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Frame ID: 6D8D497F565A3039261C34CCBCA900B6
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: FD9A1C719AE6161ACF2CA79AF2239891
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BB4D65DDC6345503FD82AFB7DC32A793
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined%26channel%3Dvastadp
Frame ID: 6C2D6D12994112923D559E4986BBC9F5
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 5F79FE401FC2380676CEA7BA1AE52531
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CD1FC83A34A72B3381C6E204EBBC443C
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Frame ID: 140174CB8F42CA50A4B125A42AC1286D
Requests: 4 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
Frame ID: 860CE150B179A45C2260C86E24310AB0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: 84AF44D3A3A2DA60522F0ACC905479B6
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 0C38EFD281F144A5048732D5934DFC82
Requests: 10 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
Frame ID: 338405C3FAB2328DBCCE0D3AEEB68E34
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
Frame ID: BB3CBE36E8859BC033DAB2C92BAFC450
Requests: 3 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
Frame ID: 0052B5010658B9B2E3B3BFDB454C11BB
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 23F3A22F94D449DD8C19883F1E5B7C08
Requests: 9 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?gdpr=0&callerId=4&us_privacy=1---
Frame ID: 9503B7892BE5A0EA1A1C2806A966F654
Requests: 1 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
Frame ID: 91F7389EA527EAFAADFBE16D9BBF8330
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?gdpr=0&callerId=4&us_privacy=1---
Frame ID: 388BABD9A43DDCEDA960F30B8C242B4B
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 5FFF41DE97268DCC66C44A41BEA6D324
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Review: “Oklahoma!” in a radical new tour in Chicago - Chicago TribuneBack ButtonSearch IconFilter IconGroup 3Group 3Group 3Group 3

Page URL History Show full URLs

  1. http://links.engage.ticketmaster.com/els/v2/EZ7jh6jrxGCN/cFdVdmJWenlRRThaZmZRaE5objdLQ3BXT0grWklvZjlNME9nOGIxS3Jh... HTTP 302
    https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

840
Requests

78 %
HTTPS

23 %
IPv6

150
Domains

268
Subdomains

175
IPs

10
Countries

9904 kB
Transfer

31027 kB
Size

271
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.engage.ticketmaster.com/els/v2/EZ7jh6jrxGCN/cFdVdmJWenlRRThaZmZRaE5objdLQ3BXT0grWklvZjlNME9nOGIxS3JhaDFhdjFITFFHNUFSWkc2bldqREdOT2dQU3Z5aUtIV3hpOFNjRWZHQi9LSW1QQmxPTkovV1FPUnc2MWlERFg2aTg9S0/ HTTP 302
    https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1&pre=1
Request Chain 67
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1642617164809&ns_c=UTF-8&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1642617164809&ns_c=UTF-8&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c9=
Request Chain 68
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1642617164816&ns_c=UTF-8&cv=3.5&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1642617164816&ns_c=UTF-8&cv=3.5&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c9=
Request Chain 96
  • https://www.tribdss.com/meter/chiarc.min.js HTTP 302
  • https://www.tribdss.com/meter/chiarc.min.js?disabled=international
Request Chain 97
  • https://js.matheranalytics.com/s/ma89701/197837611/all/sp.js?cb=1587 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma89701/all/15/ml.br.js
Request Chain 99
  • https://www.chicagotribune.com/api/v2/render/feature?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false HTTP 301
  • https://www.chicagotribune.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
Request Chain 125
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&dcc=t
Request Chain 143
  • https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-14928297824093199.min.js HTTP 302
  • https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-14928297824093199.min.js?disabled=international
Request Chain 178
  • https://c1.adform.net/serving/cookie/match?party=14&cid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Request Chain 179
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YehZTgAABTHFZgAZ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YehZTgAABTHFZgAZ&gdpr=0&gdpr_consent=&_test=YehZTgAABTHFZgAZ
Request Chain 180
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc1361e8-594e-4000-912e-fc1e60f60433&gdpr=0&gdpr_consent=
Request Chain 181
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQi1FN0QwTE1BQUVIUmhFbTk3QQ&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABB-E7D0LMAAEHRhEm97A&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB-E7D0LMAAEHRhEm97A
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZKSejSy0ReSHoyGU2MdOPw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 183
  • https://idsync.rlcdn.com/420486.gif?partner_uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDY0QTQ5RThELTJDQjQtNDVFNC04N0EzLTIxOTREOEM3NEUzRhAAGg0IzrKhjwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8203de639d35df1943bfe47ec789202dbd861b466d1e8019ed987ac283524934791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4MjAzZGU2MzlkMzVkZjE5NDNiZmU0N2VjNzg5MjAyZGJkODYxYjQ2NmQxZTgwMTllZDk4N2FjMjgzNTI0OTM0NzkxNDI2YjU0MTdkY2UyMRAAGgwIzrKhjwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4MjAzZGU2MzlkMzVkZjE5NDNiZmU0N2VjNzg5MjAyZGJkODYxYjQ2NmQxZTgwMTllZDk4N2FjMjgzNTI0OTM0NzkxNDI2YjU0MTdkY2UyMRAAGgwIzrKhjwYSBAgCEABCAEoA&google_gid=CAESEIhGK4IzaAeDAwx_wbdcK4I&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c1428f21-a461-433d-9441-471e4cb14c42
Request Chain 184
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ab0161e8-594e-4b00-90fe-576cb3984342
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjRBNDlFOEQtMkNCNC00NUU0LTg3QTMtMjE5NEQ4Qzc0RTNG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAKlFOpTZcCm6QSXx5aDNks&google_cver=1
Request Chain 187
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
Request Chain 188
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8234736566488735343&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 189
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c222d7c1-8acc-4e56-b834-86840521a4ea
Request Chain 191
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JEgl569E2uUqIZznAD771OOt.P1Fh7k-~A&gdpr=0&gdpr_consent=
Request Chain 218
  • https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=740&playerHeight=416&srcPageUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&supplyCode=pi979-10rsz&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&transactionId=040086f4-2471-4640-a56d-7a7a9c9f7258&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&hb=1&fmt=json HTTP 302
  • https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=740&playerHeight=416&srcPageUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&supplyCode=pi979-10rsz&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&transactionId=040086f4-2471-4640-a56d-7a7a9c9f7258&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&hb=1&fmt=json&_tur=T
Request Chain 250
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183715&cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D6725%2Ftp%3DINDX%2Ftpid%3D__UID__ HTTP 302
  • https://sync.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YehZTHaLvzfc9K6Athf.PwAA%26997
Request Chain 251
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
Request Chain 252
  • https://jadserve.postrelease.com/dmp/5?vk=22e505047af2ac4526390b3d8af5fbe&ntv_r=https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=NTV_USER_ID HTTP 302
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=19612126-2264-4870-abc8-417840092cbd
Request Chain 254
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid= HTTP 302
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=18f9ec1b-1eb1-06ed-3749-64ad8da96771
Request Chain 256
  • https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=22e505047af2ac4526390b3d8af5fbe HTTP 302
  • https://thrtle.com/insync?vxii_pdid=22e505047af2ac4526390b3d8af5fbe&vxii_pid=12&vxii_pid1=10014&vxii_rcid=379cc914-9980-4990-8fc1-1d005d814424
Request Chain 258
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=22e505047af2ac4526390b3d8af5fbe HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=22e505047af2ac4526390b3d8af5fbe
Request Chain 279
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/146566/connatix.player.js
Request Chain 285
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1DQ2J6REJkRTJ1S1ZRQTdkSW11a2lEWTVNVUpacE5xTH5B
Request Chain 288
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=appnexus.com
Request Chain 289
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4673296360271624245
Request Chain 304
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YehZTgAABTHFZgAZ
Request Chain 306
  • https://match.adsrvr.org/track/cmf/openx?oxid=0a8f3108-244f-30ab-5103-97561e0f6855&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c222d7c1-8acc-4e56-b834-86840521a4ea&ttd_puid=0a8f3108-244f-30ab-5103-97561e0f6855
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFKgMXlJgttIhwAc12q7yyM&google_cver=1
Request Chain 310
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c222d7c1-8acc-4e56-b834-86840521a4ea&expiration=1645209167&gdpr=0&gdpr_consent=
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC12LNl6GwAx8NLQrHlLbsA&google_cver=1
Request Chain 313
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YehZTHaLvzfc9K6Athf.PwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGwZ2O0HUWWRXimUfV-I-iQ&google_cver=1&google_hm=2
Request Chain 314
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=237cc8d2-55aa-424f-9f19-cb7cfccf0873
Request Chain 315
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=968068c7-148e-4ffc-b8eb-2a78cfaf20ae
Request Chain 316
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ab0161e8-594e-4b00-90fe-576cb3984342
Request Chain 317
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABB-E7D0LMAAEHRhEm97A&expiration=1643826767
Request Chain 325
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=3616449762476959287&pn_id=an
Request Chain 326
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=yieldmo&ssp_user_id=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119561&expires=5&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=c537c1a7-8b12-48ac-8876-293826cb2880&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 327
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=c222d7c1-8acc-4e56-b834-86840521a4ea
Request Chain 328
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=XNW61SFrQnxUHBiGnrx50ZU4mbs
Request Chain 329
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=swO3BX3KC4Qh&ev=1&pn_id=pp&pid=561118
Request Chain 331
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KYLVUKBY-X-FLXH HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KYLVUKBY-X-FLXH&ex=d-rubiconproject.com&status=ok
Request Chain 338
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ab0161e8-594e-4b00-90fe-576cb3984342&expires=28
Request Chain 339
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qCzMze_e1BR7LfL8so8f1w?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1581051695442616395
Request Chain 340
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YehZTgAABTHFZgAZ
Request Chain 341
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lMVlVLQlktWC1GTFhI
Request Chain 342
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYLVUKBY-X-FLXH&sigv=1&esig=2~0f51b59e827d1c03800141d2db700dfb8c3eed06
Request Chain 343
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWY1OWRhZTE0Mzc1Y2RhMDQyNTBiN2U4NWIwYWZhYTczZmYwZTFlNw
Request Chain 345
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c222d7c1-8acc-4e56-b834-86840521a4ea&gdpr=0&gdpr_consent=&expires=30
Request Chain 349
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=AFA610033CEC41D099D2903D4862471D&ex=simpli.fi&status=ok
Request Chain 354
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=districtm
Request Chain 355
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 368
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3df021565052754a778cf6ebe173497f87%26pname%3dBeeswax%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d{userid} HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=f021565052754a778cf6ebe173497f87&pname=Beeswax&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=AABB-E7D0LMAAEHRhEm97A
Request Chain 369
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=c222d7c1-8acc-4e56-b834-86840521a4ea&ttl=1645209167
Request Chain 370
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3df021565052754a778cf6ebe173497f87%26pname%3dAppNexus%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=f021565052754a778cf6ebe173497f87&pname=AppNexus&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=3616449762476959287
Request Chain 371
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3df021565052754a778cf6ebe173497f87%26pname%3dSpotX%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d%24SPOTX_USER_ID HTTP 302
  • https://cks.connatix.com/cks?pid=10&ev=f021565052754a778cf6ebe173497f87&pname=SpotX&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=3298609f-7956-11ec-992c-18f0df000003
Request Chain 387
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=244bb281-fc25-0ae2-0224-565c89ac9c3c HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=244bb281-fc25-0ae2-0224-565c89ac9c3c&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=244bb281-fc25-0ae2-0224-565c89ac9c3c&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
Request Chain 388
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=5f494e6e-e908-06cb-0e7a-17a52794098d HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=5f494e6e-e908-06cb-0e7a-17a52794098d
Request Chain 389
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3616449762476959287
Request Chain 391
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8234736566488735343&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 409
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.chicagotribune.com%2F&domain=www.chicagotribune.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=d_hRSnw2eTRXSlRzWGZTZWxsQ0UyaUdid2hNK3FTWFZPQVdkU3d5eFZ3NVkyOHZ3Z1RDUHJFdThhZHo1NndNL1lCOHJRamF0TVBJQkxmc2h4WE1JTWhMMWl2TUdMbjgrRVIwcG9nYVlNMHZGTHRmZHNSbFpKVTZHRmVPckEyVDBRZm1wakRtZE1kV0RKUThoQWhQNzIxTjhydy9TSVlacVM2b1hmb2ZveThpMGUyYkpxTWdNQm0vc3RpZ25RMGw5M0VUcFJVOTZ0eDZ1dTVscFVaMlR2SEx4R1FYQTB0bzJXN20rc2VRQm9FTC9qNXRqOVIrNHBHRlN6dlQ1aG94b2kzclQ3fA&cppv=2
Request Chain 422
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
Request Chain 423
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://dmx.districtm.io/s/10057/y-WnnyR39E2uG7KgxehjTlOkWP1Hl_jrF5AqgL1Pw-~A
Request Chain 424
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/56b36cc4-6da5-4c7e-944c-a67b1c0f5738
Request Chain 425
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=23valvCWDbkcpseyhnzgBmkTb37 HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=districtm&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=districtm&gdpr=0&user_id=JQjKHCYAmhQ-DZxCcFuCHSVbnR0-CZYRdwxEMqo4 HTTP 302
  • https://dmx.districtm.io/s/10009/c537c1a7-8b12-48ac-8876-293826cb2880
Request Chain 426
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
  • https://dmx.districtm.io/s/10022/641253725093
Request Chain 457
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qTjJZV3gyUTFkRVltdGpjSE5sZVdodWVtZENiV3RVWWpNMyJ9.khIU9gQAojtN87qLFeaT_g0GsD_QMt9DQAxOODWwfGkOo8xCYPAF82O094a3YmmtGWoZT3A8uWEmvH7PHu472A
Request Chain 472
  • https://sb.scorecardresearch.com/c2/6036462/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 476
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c222d7c1-8acc-4e56-b834-86840521a4ea&dongle=0cfd
Request Chain 477
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=gzHH8124M&dongle=u6nf
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELLbcVTqfSAkGuQ_ZXxXbJ0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 479
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDY3MzI5NjM2MDI3MTYyNDI0NQ%3D%3D
Request Chain 480
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4673296360271624245&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4673296360271624245&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bbc9c1d6-1d35-4fef-b6d7-7a902ff8b88c&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bbc9c1d6-1d35-4fef-b6d7-7a902ff8b88c&_noobservation=1&_expected_cookie=2503b2dd4f439a771f8197ca57085f88
Request Chain 481
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4673296360271624245?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_OZguTdE2oQeNmXvHm2PNZZTj9KlJ1QVj0A7aCcpqw--~A&dongle=0883
Request Chain 482
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4673296360271624245&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=cdf5c145-0ef1-456c-b6ed-852e66eab5ae&ssp=triplelift&expires=30&user_group=5&bsw_param=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c537c1a7-8b12-48ac-8876-293826cb2880&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 485
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=dqJbbnEkDteeGpaflQ6V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MRYUUYTCNZCWWRDUMVSUO4DBMZWFCNSW&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MRYUUYTCNZCWWRDUMVSUO4DBMZWFCNSW HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=dqJbbnEkDteeGpaflQ6V
Request Chain 563
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c222d7c1-8acc-4e56-b834-86840521a4ea&_origin=1&gdpr=0&gdpr_consent=
Request Chain 564
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YehZTgAABTHFZgAZ&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YehZTgAABTHFZgAZ&_origin=0&gdpr=0&gdpr_consent=&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
Request Chain 565
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP33692661-7956-11ec-bf71-0296dfb51d47 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAzMzY5MjY2MS03OTU2LTExZWMtYmY3MS0wMjk2ZGZiNTFkNDc%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEAsqkXy4kc6R6rtFGOT7LJI&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAsqkXy4kc6R6rtFGOT7LJI&google_cver=1&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
Request Chain 576
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=1dm7NI3JiYW3d9vhzRZS7w==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 577
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=ab0161e8-594e-4b00-90fe-576cb3984342
Request Chain 578
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=35045f58-7956-11ec-88c6-5d8ea439b083
Request Chain 579
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341&gdpr=0&gdpr_consent=
Request Chain 580
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=0cf142f4-7f48-0d2c-1be2-0f802d83a959 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=0cf142f4-7f48-0d2c-1be2-0f802d83a959
Request Chain 604
  • https://beacons.extremereach.io/cp-imp?cid=188419&creative_id=24373124&line_item=15419412&companion_id=0&er_ts=1642617169&session_id=C0SCZV5e8VsllbIqQQFXrR1642617169&er_fp=8913f5ae6e02ee82&subid1=novpaid&er_ar=0&us_privacy=%24%7BUS_PRIVACY%7D&hasIpSync=1&hasBpmBidr=1& HTTP 302
  • https://beacons-ipv4.extremereach.io/ip-sync?fp=8913f5ae6e02ee82d758098b5c43dead&forwardto=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%2Fblisspoint%3Fbuyer_user_id%3D1-61e85952-36bc388053cbf80c50107a81.188419 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/blisspoint?buyer_user_id=1-61e85952-36bc388053cbf80c50107a81.188419 HTTP 303
  • https://pixel.pointmediatracker.com/bsync?beeswax_id=AABB-E7D0LMAAEHRhEm97A&buyer_user_id=1-61e85952-36bc388053cbf80c50107a81.188419 HTTP 302
  • https://cdn.blisspointmedia.com/assets/img/pixel.gif
Request Chain 616
  • https://www.chicagotribune.com/news/trending/rss2.0.xml HTTP 301
  • https://www.chicagotribune.com/arcio/rss/category/news/?query=display_date:[now-2d+TO+now]&sort=display_date:desc
Request Chain 619
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=bouncex&bsw_custom_parameter=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkf2339889-8b16-4350-bb5e-db4427194736&expires=7&user_group=5&ssp=bouncex&bsw_param=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=c537c1a7-8b12-48ac-8876-293826cb2880
Request Chain 637
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
Request Chain 638
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
Request Chain 639
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3298609f-7956-11ec-992c-18f0df000003&orig=video&us_privacy=1---gdpr=0&
Request Chain 640
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Request Chain 641
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
Request Chain 642
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
Request Chain 643
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3298609f-7956-11ec-992c-18f0df000003&orig=video&us_privacy=1---gdpr=0&
Request Chain 644
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=c537c1a7-8b12-48ac-8876-293826cb2880&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=641253725093&expires=30&user_group=1&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Request Chain 645
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Request Chain 648
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 650
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=35483968-7956-11ec-bad7-68220af88a6f
Request Chain 652
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=b0a984ec-42ea-409f-952b-be1ac433cef2&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Request Chain 653
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XNW61SFrQnxUHBiGnrx50ZU4mbs
Request Chain 654
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 655
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NpJI2n1H1NafLl5&gdpr=0&gdpr_consent=
Request Chain 656
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=641253725093
Request Chain 657
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=5375b53f-8e0d-471e-ae4c-f4330ef2339e
Request Chain 658
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ6959035711058652685&uid=Q6959035711058652685&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6959035711058652685
Request Chain 659
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=AFA610033CEC41D099D2903D4862471D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=41525FB517A54E5CB6A7A5A36FA7A2D3 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=9e98d77b-7461-43b2-8bb3-0c6790007fa0
Request Chain 660
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2636847665 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c222d7c1-8acc-4e56-b834-86840521a4ea HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005
Request Chain 661
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 662
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mPPSdJz3A-Gnd4vIU1noYQ
Request Chain 665
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 666
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
Request Chain 667
  • https://pixel.onaudience.com/?partner=214&mapped=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=c222d7c1-8acc-4e56-b834-86840521a4ea&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=12ae88a8f07eddf037347430bb7d00e6 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=22e505047af2ac4526390b3d8af5fbe HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=1245c6cd553a5b7f
Request Chain 668
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&addseg=10,33,39
Request Chain 670
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:64A49E8D-2CB4-45E4-87A3-2194D8C74E3F HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=3552cd10-7956-11ec-96af-0e9f37bd45a9&companyId=673&id=pubmatic_id:64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Request Chain 672
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3616449762476959287&gdpr=0&gdpr_consent=
Request Chain 673
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=35045f58-7956-11ec-88c6-5d8ea439b083&gdpr=0&gdpr_consent=
Request Chain 674
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=44d96eb27edf122d&is_secure=true&networkId=17100&version=1&nuid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGdiqC1zS4xgMdpxkIAAAAAAA&expiration=1642703571&nuid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 675
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KIG15iuJ5e4zhOO4fdL95yjS4uczgOnreoWKOWKb
Request Chain 676
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c537c1a7-8b12-48ac-8876-293826cb2880&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_be68cba0-cb4a-4afa-8482-29e8b683058d&bsw_param=c537c1a7-8b12-48ac-8876-293826cb2880&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c537c1a7-8b12-48ac-8876-293826cb2880&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 677
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341&gdpr=0&gdpr_consent=
Request Chain 678
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_E9F3C299_BC591F2A&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 679
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4579766571360473542
Request Chain 680
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000096D50A6558
Request Chain 681
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3616449762476959287
Request Chain 682
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4562d301-91df-46c4-9bf1-cc1356430190&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 689
  • https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=KYLVUKBY-X-FLXH HTTP 302
  • https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH&gdpr=0&us_privacy=1---
Request Chain 697
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH
Request Chain 698
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEJYJuBjKVAaAR61RkkXwk0&google_cver=1
Request Chain 700
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
Request Chain 701
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
Request Chain 702
  • https://ce.lijit.com/merge?pid=42&3pid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 706
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9964d0d6-5fb3-494e-b572-b755310d3d19
Request Chain 707
  • https://id5-sync.com/s/464/9.gif?puid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=3616449762476959287&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOflvf4pAKhNtPR1FdftMlVqOPKTVy-6-LEcXIlg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=ab0161e8-594e-4b00-90fe-576cb3984342&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=c222d7c1-8acc-4e56-b834-86840521a4ea&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/3/5.gif?puid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/2/6.gif?puid=b87b2c55-ced3-4bdd-956f-54276ce1d199&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/1/7.gif?puid=e8871f41-f1ff-4faf-98aa-f84c2a6df530&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/136/0/8.gif?puid=YehZTgAABTHFZgAZ&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOflvf4pAKhNtPR1FdftMlVqOPKTVy-6-LEcXIlg
Request Chain 708
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&ssp_uuid=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&ssp_uuid=c537c1a7-8b12-48ac-8876-293826cb2880 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=taboola&user_id=3b785fa1-b845-4665-8cbc-f008c91c6933 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Request Chain 709
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3De48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&isDirect=0
Request Chain 771
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Request Chain 772
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2VteGRpZ2l0YWxydGItbmV0d29yay8xL3J0Yi1oLz90YWJvb2xhX2htPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3616449762476959287&redirect=https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2VteGRpZ2l0YWxydGItbmV0d29yay8xL3J0Yi1oLz90YWJvb2xhX2htPSRFTVhVSUQ= HTTP 302
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
Request Chain 773
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26v%3D1%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&v=1&taboola_hm=swO3BX3KC4Qh&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Request Chain 774
  • https://ups.analytics.yahoo.com/ups/58533/occ HTTP 302
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Request Chain 775
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2VteGRpZ2l0YWxydGItbmV0d29yay8xL3J0Yi1oLz90YWJvb2xhX2htPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3616449762476959287&redirect=https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2VteGRpZ2l0YWxydGItbmV0d29yay8xL3J0Yi1oLz90YWJvb2xhX2htPSRFTVhVSUQ= HTTP 302
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
Request Chain 776
  • https://ups.analytics.yahoo.com/ups/58533/occ HTTP 302
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Request Chain 777
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dmxTWHlfTFR2WTVkWDYwTWpxRnlUQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEPkzmhhld79f8p6E2gCI6ow&google_cver=1 HTTP 302
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=swO3BX3KC4Qh&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Request Chain 778
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 782
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
Request Chain 791
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3616449762476959287
Request Chain 793
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YehZTgAABTHFZgAZ
Request Chain 794
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8234736566488735343
Request Chain 796
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6959035711058652685P
Request Chain 797
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a86c5780-09b2-45aa-bd8b-6da93279b09f&expiration=1674153176
Request Chain 798
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2810035076712465670
Request Chain 806
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
Request Chain 807
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D HTTP 307
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
Request Chain 808
  • https://sync.bfmio.com/syncb?gdpr=0&pid=170&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=c222d7c1-8acc-4e56-b834-86840521a4ea
Request Chain 809
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D HTTP 307
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
Request Chain 810
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
Request Chain 811
  • https://sync.bfmio.com/syncb?gdpr=0&pid=170&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=c222d7c1-8acc-4e56-b834-86840521a4ea
Request Chain 814
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
Request Chain 816
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
Request Chain 817
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3daa6f80f962122e&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGdiqC1zS6tAMGi3QOAAAAAAA&expiration=1642703580&is_secure=true
Request Chain 818
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=q0WZ2ahNydGwQM-H_hbR2KsWztiwRMXU-UFQF2Ig
Request Chain 819
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AFA610033CEC41D099D2903D4862471D
Request Chain 821
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6959035711058652685P
Request Chain 822
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0734220407d296af809f5cdd&expiration=[EXPIRATION]
Request Chain 824
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

840 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html
www.chicagotribune.com/entertainment/theater/reviews/
Redirect Chain
  • http://links.engage.ticketmaster.com/els/v2/EZ7jh6jrxGCN/cFdVdmJWenlRRThaZmZRaE5objdLQ3BXT0grWklvZjlNME9nOGIxS3JhaDFhdjFITFFHNUFSWkc2bldqREdOT2dQU3Z5aUtIV3hpOFNjRWZHQi9LSW1QQmxPTkovV1FPUnc2MWlERFg2...
  • https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODU...
344 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d6f6e232e872798c49c7c26b5d71cd5743adcdd05ef86d776262e8a2cc853064
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=UTF-8
server
openresty
last-modified
Wed, 19 Jan 2022 18:15:16 GMT
x-akamai-transformed
9 347672 0 pmb=mRUM,2
vary
Accept-Encoding
content-encoding
gzip
cache-control
private, max-age=60
expires
Wed, 19 Jan 2022 18:33:44 GMT
date
Wed, 19 Jan 2022 18:32:44 GMT
server-timing
cdn-cache; desc=HIT edge; dur=58
content-security-policy
upgrade-insecure-requests

Redirect headers

Date
Wed, 19 Jan 2022 18:32:43 GMT
Content-Length
0
Connection
keep-alive
location
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
content-language
en-CA
x-envoy-upstream-service-time
0
server
istio-envoy
config.js
confiant-integrations.global.ssl.fastly.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/ 		110 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef0432d59c83edcd6003aa3dc020cec5a81878fa5379ecf775c1c07566a1f636

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:44 GMT
Content-Encoding
gzip
Age
3152
X-Cache
HIT
Connection
keep-alive
Content-Length
23708
x-amz-id-2
MCsE+CmT/TC6aKQiybs1kCrgpFKyg/WHf6ErULHUavYoHqsTgJQfGD7DCp65kcokmVg1pe0auzA=
X-Served-By
cache-yul12826-YUL
Last-Modified
Wed, 19 Jan 2022 17:38:36 GMT
Server
AmazonS3
X-Timer
S1642617164.084829,VS0,VE0
ETag
"3ae7b2fcdfec4e433bc9a4c5b3f68194"
x-amz-request-id
ZAK3JM7097872J5V
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
18
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
eca3631f140d44043b030fa87263be6f3186d2035578d9bef7feb55895979a0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26991
x-xss-protection
0
server
sffe
etag
"1106 / 171 of 1000 / last-modified: 1642594075"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Jan 2022 18:32:44 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:55:01 GMT
content-encoding
gzip
age
81462
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
13F9V4RY5Q75KDM2H74M
etag
a89a0f9aa62d9c46ee287cd1f0b6423d
vary
Accept-Encoding
x-amz-version-id
GzCVpXkwVbKPnWWiNgpDCABi9Jbs4BMI
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
rXGuTs09WRIvO2_tJiMrixHATf_p34glWtjwXbcPGzoUJZP1sWPytQ==
css2
fonts.googleapis.com/ 		4 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Spectral:wght@400;500;700&display=swap
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0263e1cae993e2ffc249131d904643bc99dfbaaac022fa762a34d9459af4c8f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 17:18:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 18:32:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 18:32:44 GMT
css2
fonts.googleapis.com/ 		8 KB
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&display=swap
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3f93f729909fd4b39390fbd69f6505503d7f9a0fab820907bd88c22f0853ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 16:46:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 18:32:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 18:32:44 GMT
css2
fonts.googleapis.com/ 		2 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5442f87efbd6d519174909df3299423a48540ab21842316daa021299fc65012f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 18:29:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 18:32:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 18:32:44 GMT
ct-framework1182ffa19d76d40ef0af.css
www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-framework1182ffa19d76d40ef0af.css?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1bdee82bd1b2246a29b892c39bbdc2a34897fa62f5db0b12249f53ab38d2ad50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
DAvhjhwoxi9.Q11IiZOr__brl3wyh5bd
content-encoding
gzip
etag
"adc30ac27bb6c09c2eb2d2e4256068de"
x-amz-request-id
BNRW39DMDWD96TMB
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7861
x-amz-id-2
IN8N4rQhNC0ut+BlV1i9fOsaicZBztC6mwileX6yN8RP684C/uz9KsO0KJxl8xHo2Xjlo7KDNS0=
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
date
Wed, 19 Jan 2022 18:32:44 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:32:44 GMT
ct-features1182ffa19d76d40ef0af.css
www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-features1182ffa19d76d40ef0af.css?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
cc290aa434ec98b189698bbfe6f5cdeeaaeaa5beff84143c3b2dac44fbc62f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jBTKtJB2BhY97RyI8VTM4J8SI7hiM47W
content-encoding
gzip
etag
"dbf8e3e8ce856f259a8a8a305476e0b3"
x-amz-request-id
BNRJ8AJHH7QS3968
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3878
x-amz-id-2
c7G2uanJkLGjxUYRGEkvL/cMW+R1sYj2nxIbQfQ80kJPDO2J7ETVXjWw4BRmc7nTiKqG6dWarm8=
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
date
Wed, 19 Jan 2022 18:32:44 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:32:44 GMT
ct-services1182ffa19d76d40ef0af.css
www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-services1182ffa19d76d40ef0af.css?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
71fc3d606de54d75ae0fd2bad54bcd0287a2f647cf77082b8a52e8f064357fa7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
7Wk4.pVy3nyXEIaola26yqn4C0GI8laj
content-encoding
gzip
etag
"76c28c51495edf9ab5b6745b81604da3"
x-amz-request-id
BNRRK06VEBSBFN1M
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3429
x-amz-id-2
UT8bR+gliiXNIKcs0UOk5pMqdimEATcfYYDrHU+1rJzk8J7pxygPg+hmMyoAzyvgDiZQ4YR2BLQ=
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
date
Wed, 19 Jan 2022 18:32:44 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:32:44 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
IVhKS9vCZ6N2xbLKU0Dl/w==
age
7399
vary
Accept-Encoding
content-length
6456
x-ms-lease-status
unlocked
last-modified
Tue, 18 Jan 2022 03:31:35 GMT
server
cloudflare
etag
0x8D9DA3307CEA0BD
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
54c54bef-e01e-0031-3d32-0c8331000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d0225bbac0d4bd6-YUL
loader.js
cdn.taboola.com/libtrc/tribunedigital-network/ 		1 MB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77db1f6f7f1f36fa9bcb99253f1d514e11f13243201d2bd37a9e2f0d4069c4fe

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
tqpyArR.onJP7BbmfTwe4wcqMUat5phr
content-encoding
gzip
etag
"7f1b92646ee17910498202fefbddb91c"
age
21089
x-cache
HIT
content-length
100059
x-amz-id-2
zXwZc+Rd2A17QO0ncd9OJmc3KmWPBnPgAh15Sr2asDzy4fJUvLRFohK8Qb5SDEvPefbwHRkOSrM=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 19 Jan 2022 12:40:51 GMT
server
AmazonS3
x-timer
S1642617164.209622,VS0,VE0
date
Wed, 19 Jan 2022 18:32:44 GMT
vary
Accept-Encoding
x-amz-request-id
9XVK8WVQ5MHK4BG5
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
67
x-cache-hits
92
zephr-browser.umd.js
assets.zephr.com/zephr-browser/1.3.9/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-117.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:15:23 GMT
content-encoding
gzip
last-modified
Tue, 27 Apr 2021 11:02:55 GMT
server
AmazonS3
age
40642
etag
W/"c531ce77a9ff6380e9671dee680a2102"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d77f2f1d7dfcddde244aedf1c9ed7a8e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
RrfxfA79fCGns6tNCsQqlnowSM4TQ24H3Yu-y--fTIgjMaKYW5FudA==
zephr-minify.1.0.1.js
assets.zephr.com/tribune/ 		1 KB
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.zephr.com/tribune/zephr-minify.1.0.1.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-117.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 06:42:10 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 11:32:39 GMT
server
AmazonS3
age
42635
etag
W/"d9f4fec80c2b61c13ef9d38b99f5708c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d77f2f1d7dfcddde244aedf1c9ed7a8e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
IUG7cUgoTq7rKFWh5URbMqL6erwn7WnfmYZMtvmZf9AKJ2Rk3qAx3A==
main.js
tribune-chicagotribuneclassic.zeustechnology.com/ 		235 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-118.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
580b4c3474a67e0248ef88a63aeaff4c3a071323c85240ff6aa54b200d21d8b9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
TM01GzqWCVKTcDrnsB4A9notq_LqbuNH
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 21:13:51 GMT
server
AmazonS3
age
2550
etag
W/"ff768ae7f9ca2422513df64729ca2ba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9ded77b3c7d35f54d8f10a70f8717c86.cloudfront.net (CloudFront)
cache-control
max-age=600,s-maxage=3600
date
Wed, 19 Jan 2022 17:50:15 GMT
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
vFAOw7mbUNZyqGYrjxPux4fUCqBeBAdC8VH5ciiUHV2_PvePIdybow==
ct-metrics1182ffa19d76d40ef0af.js
www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-metrics1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
dad581249db6959518aa23220584a4148dd0b5a87bee48eaa9f4469950458456
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
imEySsxJQzPXHlHfSmpxF_jqwn_tkdCJ
content-encoding
gzip
etag
"2dfc8032c948329949c63965e5e92c9e"
x-amz-request-id
BNRP85BZV54KWCNA
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
11233
x-amz-id-2
qOZdsLf8yoPKX0XRU7BlQByqGIYKY9jLYJBrtT6WZIllTwtlbkYi/+Ws/Nes6ArwLQTZCe0PGOs=
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
date
Wed, 19 Jan 2022 18:32:44 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:32:44 GMT
ct-lib1182ffa19d76d40ef0af.js
www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-lib1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7493364adaa8794b3877396e419c88b3ac793d82ba596b9203fe125779fb7a4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
lUL3shI50Enk7icITZh0J.iqBpTmS_3J
content-encoding
gzip
etag
"61679c840e73df1a4d1148d72ec9d260"
x-amz-request-id
BNRJCY3C52EBAVBW
date
Wed, 19 Jan 2022 18:32:44 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
41465
x-amz-id-2
xnjgox0HdtQ2k0LeRvRiT89/sXXe9sVrobCg+ab8pZbws12ReYoOctVrXbGlDs6JqHmY9OOTkRE=
last-modified
Thu, 09 Dec 2021 17:06:56 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:32:44 GMT
ct-index1182ffa19d76d40ef0af.js
www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-index1182ffa19d76d40ef0af.js?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
feca1468c9947fb8e9c90399078d45e0134e84625ed26b761207810baa9fbf3e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
t9N9.3ABzZAoIKPVHMUZUaOIt5OEhwpm
content-encoding
gzip
etag
"ff248125381e35864af26d842a3f78b9"
x-amz-request-id
BNRT64V6Q0A73PMY
date
Wed, 19 Jan 2022 18:32:44 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10138
x-amz-id-2
TdVqAvcgfHltquw0KNw6vTOYaW0VSxrvyvrH5ITFxBXysIXwzLk6cuehPHOxawyp2Tt1nstIb5M=
last-modified
Thu, 09 Dec 2021 17:06:53 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:32:44 GMT
logo_theater_loop.svg
www.chicagotribune.com/pb/resources/images/ct_icons/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pb/resources/images/ct_icons/logo_theater_loop.svg?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8786744e07b6de2109b10b047a7997c5d0aaf29444ba2fc96bc0e97a3b474c0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
FdGC6PPztj6Bm1Q_lxyDZ6cvuAQVz3s7
content-encoding
gzip
etag
"c5020eb3c655e2c6660c35ee0645823b"
x-amz-request-id
07KMRJBMANF5Z6WE
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5713
x-amz-id-2
YI9qCM7J4n+mtr5FNTrdvNzGAKJaPncfdSZRIZlay3oAaVrHu7ob62EeafZx+j0URJbOA65ZyHE=
last-modified
Thu, 09 Dec 2021 17:06:55 GMT
server
openresty
date
Wed, 19 Jan 2022 18:32:44 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:32:44 GMT
tinygif.gif
www.chicagotribune.com/pb/resources/images/ 		26 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/pb/resources/images/tinygif.gif?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
9T5taX9RwjHrNVNqwC0.yQG5VOUlx6w9
last-modified
Thu, 09 Dec 2021 17:06:55 GMT
server
openresty
x-amz-request-id
3067MF77X92H14DE
etag
"6a43099d5c8fe991a7aa7ebaca53069d"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 19 Jan 2022 18:32:44 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
26
x-amz-id-2
YhMgeb6bgV2WjXf0M7TJCPVBPm/PRA4gPORk/atkovfTK+zPUrI0MHRFD32H1P/h0Fp+C/VRu+I=
expires
Thu, 19 Jan 2023 18:32:44 GMT
embedcode.php
embed.sendtonews.com/player3/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player3/embedcode.php?fk=mvnxxcIU&cid=4591&floatwidth=400&offsetx=0&offsety=50&floatposition=bottom-right
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.97.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-97-153.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5b9e14d715735265ef2a440f07ea9bb0e0738028232e1579de99b13cbce91cc1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:44 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600, no-cache="set-cookie"
Connection
keep-alive
Content-Length
26300
Expires
Wed, 19 Jan 2022 19:32:44 GMT
index.js
tags.remixd.com/player/v5/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.remixd.com/player/v5/index.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-43.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a96447f6c2508fd5d0c5d3a3c7b279c012c6e8125c81847b2eae58daa09dbc9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:05 GMT
content-encoding
gzip
last-modified
Mon, 06 Dec 2021 11:32:22 GMT
server
AmazonS3
age
40
etag
W/"37f89fc1234f602d3b0089ef7717459b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
cache-control
public,max-age=1800
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
_aYgpVFWiWnPT-u481ZLX2r7RZt61WSaqe0eHLoE8lQTtlfOg5NmTA==
render.js
www.chicagotribune.com/pb/gr/p/default/rfuvfF1zh9maLs/ 		297 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pb/gr/p/default/rfuvfF1zh9maLs/render.js?v=299
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
9e92525b4b30c9f2f45893dcf36cffbf77f655699ddaaf48017c6f937d4b6acd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
server
openresty
access-control-allow-origin
*
etag
"6acec"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
x-edgeconnect-cache-status
1
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
191
expires
Thu, 19 Jan 2023 18:32:44 GMT
embed.js
d3mmnnn9s2dcmq.cloudfront.net/shim/ 		1 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3mmnnn9s2dcmq.cloudfront.net/shim/embed.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:6c00:e:f240:cc80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ce9c6aa4e4eaacd6692a77ca792c8869240b0059248a69cdf947346444ec0cbc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:40:03 GMT
content-encoding
gzip
age
3161
x-cache
Hit from cloudfront
content-length
481
last-modified
Tue, 16 Nov 2021 22:20:08 GMT
server
Apache
etag
"4ec-5d0ef53f6d600-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d9d5880faa1278f1716f3a60dd93de56.cloudfront.net (CloudFront)
cache-control
max-age=3600, no-cache="set-cookie"
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
5pliibRO1UTcV0mOnlgWp_N1XRp7xvLAsNpuFqBeF11mTt2kU09irg==
expires
Wed, 19 Jan 2022 18:40:03 GMT
b28a5859-2138-4d32-9d4f-68ed1392f6a3.json
cdn.cookielaw.org/consent/b28a5859-2138-4d32-9d4f-68ed1392f6a3/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b28a5859-2138-4d32-9d4f-68ed1392f6a3/b28a5859-2138-4d32-9d4f-68ed1392f6a3.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8429c3967fdb669fed0ca1b1b1931eec3044b60344942a6e7bc23a371f60bf84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
MMtA9AxhO9kDopDUlH3vww==
age
7121
vary
Accept-Encoding
content-length
1341
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jul 2021 00:52:52 GMT
server
cloudflare
etag
0x8D9516207B8B781
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6f41b13e-a01e-00b5-2d15-b6d519000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d0225bc2e5aca47-YUL
expires
Wed, 19 Jan 2022 22:32:44 GMT
gtm.js
www.googletagmanager.com/ 		202 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXB7PQT
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c77a313693cc0241105c15b2c2bb6a1a7744fbe39c0321809a53155ff819519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63418
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 18:32:44 GMT
gtm.js
www.googletagmanager.com/ 		96 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MCV3C5S
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82a76ee061ef89a78b9b2c25cce8b143fe3befc544a1a27d2a06e94113eea6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35579
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 18:32:44 GMT
9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
c.go-mpulse.net/boomerang/ Frame 4B9D 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/boomerang/9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:6ad::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:44 GMT
Content-Encoding
br
Last-Modified
Mon, 25 Oct 2021 10:54:52 GMT
Server
Akamai Resource Optimizer
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, s-maxage=604800
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
50393
chiarc.min.js
ssor.tribdss.com/reg/tribune/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssor.tribdss.com/reg/tribune/chiarc.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.25.136 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-25-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a2ab2186824a0c23aa7994a32f1a97f4da24a2b8ac23b91c5a58bfa18577bd6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
10138
X-Request-Id
c8c38aca96b9e5e3a72564a5c61982b6
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.010203
X-Content-Digest
a246ca567a702f3411540332c1a709dcd07fa9f4
Last-Modified
Tue, 18 Jan 2022 12:56:56 GMT
Server
Apache
X-Host-Info
f9bfea675db7,; 10b56b3c04e04f39d873d36805a1d94aa5686820 (HEAD -> refs/heads/release/2112.1.1, tag: refs/tags/2112.1.1, refs/remotes/origin/release/2112.1.1) clear subData when c_mid cookie value not exists
ETag
11603924820727537096
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, must-revalidate, max-age=677
Httpd-Identifier
74eb2a21bd43
X-Rack-Cache
fresh
features
zephr.chicagotribune.com/zephr/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/features
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-40.ewr52.r.cloudfront.net
Software
/
Resource Hash
18977e2e60e3aa80ea2c0c96490ab192c47a4eb8334705da0eb41a938965c3bf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:28:44 GMT
content-encoding
gzip
age
240
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
public, max-age=300
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C3
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
EPeYx5IIPlpv9qiFG1VSOKQhbb9C2cXPOEPPA-jxRny5zceVZTn59g==
via
1.1 413e6428a627e53beb32746ed7229af2.cloudfront.net (CloudFront)
x-blaize-request
ffffffffadb97971
DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:b000:4ac::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
br
last-modified
Sun, 05 Dec 2021 05:48:02 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
ad
pubads.g.doubleclick.net/gampad/
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1&pre=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1&pre=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 13:43:38 GMT
x-content-type-options
nosniff
age
362946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 15 Jan 2023 13:43:38 GMT
config.js
confiant-integrations.global.ssl.fastly.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/ 		110 KB
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef0432d59c83edcd6003aa3dc020cec5a81878fa5379ecf775c1c07566a1f636

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:44 GMT
Content-Encoding
gzip
Age
3152
X-Cache
HIT
Connection
keep-alive
Content-Length
23708
x-amz-id-2
MCsE+CmT/TC6aKQiybs1kCrgpFKyg/WHf6ErULHUavYoHqsTgJQfGD7DCp65kcokmVg1pe0auzA=
X-Served-By
cache-yul12826-YUL
Last-Modified
Wed, 19 Jan 2022 17:38:36 GMT
Server
AmazonS3
X-Timer
S1642617164.212503,VS0,VE0
ETag
"3ae7b2fcdfec4e433bc9a4c5b3f68194"
x-amz-request-id
ZAK3JM7097872J5V
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
19
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201121212/ 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201121212/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a15a6c44ba88f460140342742241389ecce4f4992e22b24652393316530d53d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:44 GMT
Content-Encoding
gzip
Age
118
X-Cache
HIT
Connection
keep-alive
Content-Length
60774
x-amz-id-2
07O4c7sLPiW4funZtXW4DsWrGyNQkDFIRVZ0DD4h3qME3ed+kNlyR/rc+IPhvZDM0WyQgV5+IGg=
X-Served-By
cache-yul12826-YUL
Last-Modified
Wed, 12 Jan 2022 17:19:54 GMT
Server
AmazonS3
X-Timer
S1642617164.253138,VS0,VE0
ETag
"cc4d6e3d41962aa4f7392062fe0321f4"
x-amz-request-id
MZS1TWE5VEHYW1V8
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
169
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 02:05:11 GMT
via
1.1 0bb631caf01a1e61a0610f8aef984a00.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
59254
x-cache
Hit from cloudfront
content-length
6482
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
_S4EtvRMKplKuEDaFjDjCMRTfkG4bwRrbR9lB1lwHT4LvMUevdFjGg==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		157 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74b1612d1cb16d432cfd6542a7efe8f9297f1197025e044b9e0d9fa8e54befab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d0225bcf9e7ecf6-YUL
access-control-allow-headers
Content-Type
rnCr-xNNww_2s0amA9M5kng.woff2
fonts.gstatic.com/s/spectral/v7/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v7/rnCr-xNNww_2s0amA9M5kng.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spectral:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d46b9cf533d460ad479908c269a802f8bd08c5b44dfefccff56c0e327ae4ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 06:28:34 GMT
x-content-type-options
nosniff
age
475450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21820
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 22:10:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 06:28:34 GMT
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Jan 2023 17:41:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		355 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.chicagotribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
6aa129fe8f708a7105f4078f4aea66dc20d981216fb9f1b97a445870b476a3dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
167
x-xss-protection
0
expires
Wed, 19 Jan 2022 18:32:44 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-62.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 09:03:43 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
34651
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
t2TfqqkBgMHHpoty6LAI8SsqR_II8_cADG_DYUFlR5SFrHjHYhuyiQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6705
date
Wed, 19 Jan 2022 16:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 19 Jan 2022 18:40:59 GMT
feature-decisions
zephr.chicagotribune.com/zephr/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-40.ewr52.r.cloudfront.net
Software
/
Resource Hash
ed0d56caa6e03c41666af2836bd362028d472f2de3946e6573465d11f4c56072

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-amz-cf-pop
EWR52-C3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
J63Q1PeHYAE-YgHSacVljApcHZQYGdweNq7CYBJUOXYJnyblqEMlDw==
via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
x-blaize-request
fffffffffae61a01
feature-decisions
zephr.chicagotribune.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-40.ewr52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.chicagotribune.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Wed, 19 Jan 2022 18:32:44 GMT
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 413e6428a627e53beb32746ed7229af2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
j_6h9uJuiGhCwX9rryvkjnN8i9SOeda3YEme6-ptBMgUzjJAGeKySg==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.9.0/ 		341 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
56jOXvghU3RiFIKiZ2Zh+g==
age
8015223
vary
Accept-Encoding
content-length
75725
x-ms-lease-status
unlocked
last-modified
Fri, 20 Nov 2020 16:34:12 GMT
server
cloudflare
etag
0x8D88D721D404CB2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43214117-e01e-00f6-286c-c4fff0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d0225bdef214bd6-YUL
1436
check.analytics.rlcdn.com/check/ 		23 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1436
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-23.phl50.r.cloudfront.net
Software
/
Resource Hash
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
80874753-76e9-489e-b80c-d05dd1feb928
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61e8594c-0ab267ca3efd5af34efdf461
x-amz-apigw-id
MNLkAE9vjoEFvvw=
content-length
23
x-amz-cf-id
H8wNj7r_5Nh-3exgp6sbMoQlJHnlWqlIRTEBfNYIMDZPRvrg_cJZnA==
184794-144562113101278.js
js-sec.indexww.com/ht/p/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b44a0f699e1076ed5217e1f5c824fe842e7f5bc9ac0e94fbde2a7c3a4d421027

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 17:35:27 GMT
Server
Apache
ETag
"90575f-9890-5d5f2cfc25214"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=296
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13167
Expires
Wed, 19 Jan 2022 18:37:40 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:14 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300709-1af3-5c4c7cca9e573"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=43032
accept-ranges
bytes
content-type
text/javascript
content-length
2267
expires
Thu, 20 Jan 2022 06:29:56 GMT
sync.js
ib.3lift.com/ 		275 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/sync.js
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-111.ewr52.r.cloudfront.net
Software
/
Resource Hash
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:19:02 GMT
via
1.1 d671204b8bf6c2b9056c338588204020.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jan 2022 18:19:02 GMT
age
822
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
EWR52-C1
content-length
275
x-amz-cf-id
rPY_pFO3OFAMgznV7HT6xISOoI_qcdPoB_4uble5MJsr-XFzgcMjmg==
lt.min.js
tags.crwdcntrl.net/lt/c/13200/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-85.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
091ec084a0358833ca37c3555b08169ec1f856ddcb5d9257310a988b73bddcb1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 19 Jan 2022 09:13:11 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 19:48:04 GMT
server
AmazonS3
age
33574
etag
W/"b43c246fbef50d70d57c3eed77fc1db5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 1dbc16aba8d57ed568542bcd7a1672f2.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
l4YWdVSx8TxvMLAmPgsLhN9w_P-CcenQzBaAFQPfahY3DvSJ0Aowtw==
ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html.js
dyv1bugovvq1g.cloudfront.net/3/www.chicagotribune.com/entertainment/theater/reviews/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/3/www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html.js
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:ba00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd33a0b1fac0beb2036cb287de9d5513055190a3815e2c2849cfc58b02c4fbe

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
EWR52-C3
x-cache
RefreshHit from cloudfront
content-length
489
access-control-allow-origin
https://www.chicagotribune.com
last-modified
Wed, 19 Jan 2022 17:36:21 GMT
server
AmazonS3
etag
"67167c418b3a9e813ea33229e0048f76"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
cache-control
max-age=300
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
Ulsk6yq5I_EjVXG7P95vUsFmyYeHcBm_JgD7bbaO_f0wErt566Y3fg==
/
player.sendtonews.com/version/ 		249 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/version/?jsonp
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.php?fk=mvnxxcIU&cid=4591&floatwidth=400&offsetx=0&offsety=50&floatposition=bottom-right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-64.ewr52.r.cloudfront.net
Software
Apache /
Resource Hash
cc129b705a4e5f1bec06e65e4faf57219d5b34628771d6c3880a8fe19c303f87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:31:35 GMT
content-encoding
gzip
server
Apache
age
69
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600, no-cache="set-cookie"
x-amz-cf-pop
EWR52-C3
content-length
201
via
1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
x-amz-cf-id
kppUa9OTxL1oUNho5pIP4oHm5g6dd0yr9XxplcGk7Sttzs3pnSpxSg==
expires
Wed, 19 Jan 2022 18:41:35 GMT
85bcb0e154c4f7e3d84b168aa3705636f29648d0
insights.zeustechnology.com/www.chicagotribune.com/ 		484 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insights.zeustechnology.com/www.chicagotribune.com/85bcb0e154c4f7e3d84b168aa3705636f29648d0?article_location=www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af02cb1ff9424892ff97abc531a0f6ad7b9a8fb5557289b06514e90827f91303

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
Vary
Origin
X-Amz-Cf-Pop
PHL50-C1
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
484
x-amz-expiration
expiry-date="Tue, 15 Mar 2022 00:00:00 GMT", rule-id="ArticleCleanup"
Last-Modified
Thu, 13 Jan 2022 20:13:21 GMT
Server
AmazonS3
ETag
"1b874f4b0f87946ab2c4ba3f57144cc1"
Access-Control-Max-Age
180
Access-Control-Allow-Methods
GET, HEAD
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
qETj9nux34rNyQAx7_jun71NBCI3D2CbSZIqfwFlKI6nbeuL1AGe2g==
config
c.amazon-adsystem.com/cdn/prod/ 		797 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
2027db5d0eadd49f42a261c36b107d03af905139fd2b59367cd71e34895f8d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 16:19:31 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
server
Server
age
7993
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
JFK51-C1
content-length
797
x-amz-cf-id
U99v_B7vaGzxt9m6g9WTGEW4EROzkNWCl7Gv2xes6oLAeko3yP8dYA==
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.chicagotribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3546522437719344&correlator=4483840905252092&output=ldjh&impl=fifs&eid=44756432&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220119&iu_parts=4011%2Ctrb.chicagotribune%2Cent%2Cstage%2Cblog%2Cchrisjones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=100x36%2C100x36&prev_scp=slot%3Dzeus_spr_1%26pos%3D1%26cnsd%3Dpts_darc_p1_uad%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_spr_1.init.dsk%26optimera%3DNULL%7Cslot%3Dzeus_spr_2%26pos%3D2%26cnsd%3Dpts_darc_p2_uad%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_spr_2.init.dsk%26optimera%3DNULL&eri=1&cust_params=zeus%3Dapplied%26zeus_4011%3Dwww.chicagotribune.com%26epvid%3D1642617164139_651119654%26euuid%3Dpre-cache-no-id-available%26ua%3Dd%26ss%3Dl%26ref%3Dnone%26instart%3Dfalse%26adb%3Dfalse%26apfv%3Dfalse%26apv%3Dfalse%26refresh%3Dfalse%26ptype%3Ds%26site%3Dtrb.chicagotribune%26slug%3Dct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m%26cid%3DOVFQPTECSNBT5OSKYUIOC2QA7M%26at%3DtaxonomyTags%26kw%3Dshow%252Coklahoma%252Ccharacter%252Cmaterial%252Cproduction%252Claurey%252Cmoment%252Cbroadway%252Ctime%252Cpeople%252Cfish%252COklahoma%252Cexperience%252Cchicago%252Ctour%252Ccast%252Cview%252Cpromise%252Cstatehood%252Camericana%252Crodgers%252Cfarmer%252Ctribute%252Cexceptionalism%252Chammerstein%26tg%3DPopCulture%252CVideo%252CTVandMovies%252CTheater%252CDanceandSpokenWord%26design%3Darc%26aux%3D5182%26nopulse%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1642616116&dt=1642617164712&dlt=1642617164027&idt=644&frm=20&biw=1600&bih=1200&oid=2&adxs=908%2C843&adys=120%2C258&adks=3438545435%2C3438544869&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vis=1&scr_x=0&scr_y=0&psz=1x0%7C1x0&msz=1x0%7C1x0&ga_vid=1787282497.1642617165&ga_sid=1642617165&ga_hid=2003451893&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
84205b2c684651045ed4e2b2ab21e007a3180ef39769b05493bc8889a07869e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15586
x-xss-protection
0
google-lineitem-id
5857096278,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376544260,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
63cae183affa97044b8cb5582b7200aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8128 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63cae183affa97044b8cb5582b7200aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 19 Jan 2022 18:32:44 GMT
expires
Thu, 19 Jan 2023 18:32:44 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
read_auth
authenticate.chicagotribune.com/ 		98 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://authenticate.chicagotribune.com/read_auth?callback=jQuery33109075825123967123_1642617164306&product_code=chiarc&master_id=&_=1642617164307
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.12.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-12-17.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
dcac9c1c8438932dba6ff4e8f1222bddfab8ee4b7296de1ce237a60451fe0f05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-request-id
02382b905d7247ab2fcb512aa419b2c3
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.002435
server
Apache
x-host-info
3999b9b71655,; 10b56b3c04e04f39d873d36805a1d94aa5686820 (HEAD -> refs/heads/release/2112.1.1, tag: refs/tags/2112.1.1, refs/remotes/origin/release/2112.1.1) clear subData when c_mid cookie value not exists
etag
"07c67538effd2872a73aacf652d2f214"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, private, max-age=0
httpd-identifier
3999b9b71655
x-rack-cache
miss
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		92 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:2800:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39a716efa199c8c1125712ec1c169579b6191bd33a8f84cf6ff65c9a56823aa4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 22:39:25 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 22:39:19 GMT
server
AmazonS3
age
71600
etag
W/"db3efba86536f0c703fbc410b9bf2c95"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
SFlCh0nrtC_wch2UJ5UXkyvdSq6Ar4W7
via
1.1 f800b68f44c427976fe7546b255b6206.cloudfront.net (CloudFront)
cache-control
max-age=84600
x-amz-cf-pop
JFK51-C1
content-type
application/javascript
x-amz-cf-id
7Yv0KxxQe00udyD749NDrZeYF-wOOl7B_sjKahiLp-5AjKZnoOYu9A==
sha256.min.js
cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6482965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2977
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:50 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec6-2339"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1WniTIJBb4eKX4hZavkK6s9v8FVZqff6hOWRVHC03EqZjWeGupOYhEfn7d85f4zItgpTPHCEcMGN%2BzIJ6zSeePtvkXwNS54gCfDtzwxM8qrmhcxKz%2Bg6%2F4y9mdRMt4tVCaYPvo3%2Bo%2B597Zxi5uIWUuz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d0225c038757144-YUL
expires
Mon, 09 Jan 2023 18:32:44 GMT
ga.min.js
cdn.sophi.io/adapters/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/adapters/ga.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCV3C5S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-36.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f2757beee4375d5cdd8cfae17e838f565ea7b7d6651a4e084a60d7a79bd3b8a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 19 Jan 2022 15:27:19 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 15:25:26 GMT
server
AmazonS3
age
11126
etag
W/"c132bddac6992661e3bdb1af39e33dec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
T4y9Npjvog2S7.Iiri5.3XN07Epqqaxo
via
1.1 784a91ee0539c02263f0e03f7760900c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
content-type
application/javascript
x-amz-cf-id
3zudaYZvkhDE_d3DeZicDowL_s3D80FqOOcZoG9AeD4MdoXbBlwjIA==
prebid
ib.adnxs.com/ut/v3/ 		41 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b97a0672693cc6dc8dcbc8db83fd8fd44f94ca32cbe8c747ffadc9fbb6d5b029
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0f7fcf04-ce21-4508-b4cc-20ce5d3f1ad8
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?ac=j&s=687193&v=7.2&sd=1&r=%7B%22id%22%3A%22345072da-f304-47dc-a50e-1574f307a8e6%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226de69fb2-d495-44e1-a2ac-024c3eb0ee39%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22540805%22%2C%22gpid%22%3A%224011%2Fzeus_c_115%22%7D%7D%2C%7B%22id%22%3A%229420690e-6488-49c9-93a8-76724955144c%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22540805%22%2C%22gpid%22%3A%224011%2Fzeus_c_921%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22%22%7D%7D
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.175.77 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-175-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a83049a3fded5c0dc1a4f1da300745dde9f8c0dc56398a02124d31dacd5c4dbc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.chicagotribune.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
6437
x-ak-client-geo
19
expires
Wed, 19 Jan 2022 18:32:45 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		349 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=379810&tk_flint=custom&slots=2&size_id=15%3B15&alt_size_ids=%3B&zone_id=2103972%3B2103972&rp_floor=0.01
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5242573f326d8744097c6d1630743cf5fa555560999c6db706132525854effdb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
349
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.chicagotribune.com&debug=false
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.1.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-1-63.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
Date
Wed, 19 Jan 2022 18:32:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
bid
c.amazon-adsystem.com/e/dtb/ 		186 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&pid=WEHZRVhN9vGWQ&cb=0&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22zeus_c_115%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%22%7D%2C%7B%22sd%22%3A%22zeus_c_921%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
e367417f5dbe0078f7412f5ae03652c31ed387fc2922e75f63b55e5747e1fc3a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK51-C1
x-amz-rid
99Z080AK9ECMCJ5H3XM4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
186
x-amz-cf-id
bfNhZIo1XQBO54vPbyAwidkvIhbK0hI_q1rAnv-og91YVg0aUeZ-bQ==
p.js
cdn.parsely.com/keys/chicagotribune.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/chicagotribune.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXB7PQT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.40.238 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-40-238.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Wed, 19 Jan 2022 10:25:53 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 19:15:41 GMT
server
nginx
age
29211
etag
W/"61d5ee5d-df47"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6265ab4d72053dc7cb93b359f1255480.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
dWTSWUGSluIuN8J3eS_gtHeYbBq7RntqE3zFRN9s4dO16f3DzrK9ZA==
expires
Thu, 20 Jan 2022 10:25:53 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1642617164809&ns_c=UTF-8&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1642617164809&ns_c=UTF-8&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1642617164809&ns_c=UTF-8&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c9=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
13.225.230.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-62.jfk51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
Kweqxnat_jEDnFOcTq0aKIhQZsW76_gSxQSfGVGSMIiZI1GiPIrafw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 19 Jan 2022 18:32:44 GMT
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1642617164809&ns_c=UTF-8&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c9=
content-length
503
x-amz-cf-id
TNj1eszoSG9NR7Vd8usB0PZRRAtoN90GAfqrkAyMzMxThQbUTY6rBQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1642617164816&ns_c=UTF-8&cv=3.5&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicag...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1642617164816&ns_c=UTF-8&cv=3.5&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chica...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1642617164816&ns_c=UTF-8&cv=3.5&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c9=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
13.225.230.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-62.jfk51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
JyhynqBbMyrejtf1o-sCav2l9Ks_-HGJLXCjmyBcYbKLK2-5gycIuw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 19 Jan 2022 18:32:44 GMT
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1642617164816&ns_c=UTF-8&cv=3.5&c8=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c9=
content-length
516
x-amz-cf-id
5Lf-WyDhllk1An6cEs_lAMwWgj5fJVnNyxp7uH3LtCB5Fb_0M0-jrQ==
en.json
cdn.cookielaw.org/consent/b28a5859-2138-4d32-9d4f-68ed1392f6a3/48cdf60e-5f8a-4bff-abf0-f00d331cc410/ 		216 KB
39 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b28a5859-2138-4d32-9d4f-68ed1392f6a3/48cdf60e-5f8a-4bff-abf0-f00d331cc410/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4b17e7a80ce38d3197dc2bf578bb2100aba88cff88f281fdf3c4fe173234f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
x3ty913hrSg9XgIyztmk6A==
age
6920
vary
Accept-Encoding
content-length
39730
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jul 2021 00:53:07 GMT
server
cloudflare
etag
0x8D951621076902D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
04b2df57-e01e-0135-3b15-b630e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d0225c02a50ca47-YUL
expires
Wed, 19 Jan 2022 22:32:44 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-11.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:57:19 GMT
content-encoding
br
age
52526
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary
Accept-Encoding
x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via
1.1 fb134201578e9706e0dd8abdab0f2abe.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
JFK51-C1
content-type
application/x-javascript
x-amz-cf-id
zPJI7saltCPizZvoBxBBNpnEG0rcdOSTum82UaFGasTe1Xa1UsxLGw==
data
bcp.crwdcntrl.net/6/ 		778 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-1-168.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c74c2a26f0acfd2038a261a507656a6f85d7db5143653431c0fb214377f7aaa2

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
x-server
10.40.45.24
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
778
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6EEC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFDqA24QuH1QXAXGd4GsyaemmEQyufabEViMAoAHYsodkbzOv7n3daFGZy07-9hvXTRCAYXsWLuD8JVVTrJ6tv4ZVDEFpXUjxqMbvTYaZCpWK3jzpH9FY0OUhxg0FMz4IBnqrT0i6FW5uB0divQI7uBEg03DHs_rTE9k407RaUAQ47hZb40dwURdFBsGQlXdy2AqeXvcpfdBNk3zs3gvBWDNWjKsWaJ11_mP7vBOU5MHAXP5WHr829oAebxEQYqhJKtt7lt42QWnGT5QH_90FPZpcmyU7ka5NE2wCrZWQNr0cEKN-bKEYEQEpmqgRXYmQSXHntbcUA5G6KDvlqtJ2scvPfwYWSoFmp&sig=Cg0ArKJSzCDc8vm7I4mLEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame 6EEC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:26:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 6EEC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:29:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EEC 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:32:44 GMT
9388954215777426993
tpc.googlesyndication.com/simgad/ Frame 6EEC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9388954215777426993
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cd8a1d38e0b4ad309352d6c09f88a9d3ab4e722aff6ad4ab6b5ed91ffc83b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 08:27:37 GMT
x-content-type-options
nosniff
age
381907
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5137
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 20:02:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Jan 2023 08:27:37 GMT
rid
match.adsrvr.org/track/ 		109 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184794
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
fa0d4781631334587a7d69cd58e2c687415ea8c6862ba9e0a071e4cedc63e286

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 18 Feb 2022 18:32:44 GMT
any
idx.liadm.com/idex/ie/ 		206 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.156.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-156-15.compute-1.amazonaws.com
Software
/
Resource Hash
46000ec09e1d01b1035c574e9915ceffce6b27c116f5237f4c3455a47eae77b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 19 Jan 2022 18:32:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
https://www.chicagotribune.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
trace-id
cb46c7f8f08a4023
Content-Length
206
identity
api.rlcdn.com/api/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		20 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4f4c254dfcb53069d134d7bbf7ca2d57dcb94de607821d050c424932b75d2912
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cc50f2ca-93b4-422e-a50d-4de00b398a66
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		46 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?ac=j&s=687193&v=7.2&sd=1&r=%7B%22id%22%3A%22d390fa55-123f-471e-be1d-6b01d43ec92a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2277b2973f-3ad6-4c57-a854-fd9a780594d5%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22540806%22%2C%22gpid%22%3A%224011%2Fzeus_cc_948%22%7D%7D%2C%7B%22id%22%3A%222f233091-0848-4acd-aa12-3d32b12a2352%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22540806%22%2C%22gpid%22%3A%224011%2Fzeus_cc_948%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%7D%2C%7B%7D%2C%7B%7D%5D%7D%7D
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.175.77 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-175-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
733fd666dc2991fb256df68dab6493635805bfe66a1e8fb853c726181b964dc5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.chicagotribune.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
66
x-ak-client-geo
19
expires
Wed, 19 Jan 2022 18:32:45 GMT
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=379810&tk_flint=custom&slots=1&size_id=15&alt_size_ids=10&zone_id=2103974&rp_floor=0.01
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
614a8c9aa2bfa3d009761657bf689d82d24e287e6fbf6f865becf81428899bd6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.chicagotribune.com&debug=false
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.1.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-1-63.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
Date
Wed, 19 Jan 2022 18:32:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
bid
c.amazon-adsystem.com/e/dtb/ 		186 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&pid=WEHZRVhN9vGWQ&cb=1&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22zeus_cc_948%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
d359aecf56b0cdaeeab7cee03d687618fff2b0b84412b442c48a7015ba6a8b7a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK51-C1
x-amz-rid
61W24Z26KMV9N380HGTD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
186
x-amz-cf-id
5rrUKPR-NDcSpGDeT6JhzNrTCuPznqVd4qUeZXs6CAuV-I_r0uWwVA==
player.js
player.sendtonews.com/player7/player/65.21.11/ Frame 0E60 		240 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/player7/player/65.21.11/player.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.php?fk=mvnxxcIU&cid=4591&floatwidth=400&offsetx=0&offsety=50&floatposition=bottom-right
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-64.ewr52.r.cloudfront.net
Software
Apache /
Resource Hash
f7a3fd7aeec7713ccb0b87a5d1daecf5f2046f4d9773fc0ddfae01ec4fe7d67a

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:30:30 GMT
content-encoding
gzip
age
134
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 Jan 2022 00:14:06 GMT
server
Apache
etag
"3bfc4-5d4caa1c3cf80-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8d41af75f0c67663aa0315daec98e02c.cloudfront.net (CloudFront)
cache-control
max-age=3600, no-cache="set-cookie"
x-amz-cf-pop
EWR52-C3
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
L_oKg8HCRkh9QIRuJcGTRRhDpgfR4I8LBRij2JNUOUXJVacH4ZjK6g==
expires
Wed, 19 Jan 2022 19:30:30 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C3FE 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=124569
expires
Fri, 21 Jan 2022 05:08:53 GMT
date
Wed, 19 Jan 2022 18:32:44 GMT
vary
Accept-Encoding
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.chicagotribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3546522437719344&correlator=4483840905252092&output=ldjh&impl=fifs&eid=44756432&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220119&iu_parts=4011%2Ctrb.chicagotribune%2Cent%2Cstage%2Cblog%2Cchrisjones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=5x1&prev_scp=pos%3D1%26cnsd%3Dpts_darc_p1_uad%26zeus_rendercount%3D1%26zeus_slot%3D.init.dsk%26optimera%3DNULL&eri=1&cust_params=zeus%3Dapplied%26zeus_4011%3Dwww.chicagotribune.com%26epvid%3D1642617164139_651119654%26euuid%3Dpre-cache-no-id-available%26ua%3Dd%26ss%3Dl%26ref%3Dnone%26instart%3Dfalse%26adb%3Dfalse%26apfv%3Dfalse%26apv%3Dfalse%26refresh%3Dfalse%26ptype%3Ds%26site%3Dtrb.chicagotribune%26slug%3Dct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m%26cid%3DOVFQPTECSNBT5OSKYUIOC2QA7M%26at%3DtaxonomyTags%26kw%3Dshow%252Coklahoma%252Ccharacter%252Cmaterial%252Cproduction%252Claurey%252Cmoment%252Cbroadway%252Ctime%252Cpeople%252Cfish%252COklahoma%252Cexperience%252Cchicago%252Ctour%252Ccast%252Cview%252Cpromise%252Cstatehood%252Camericana%252Crodgers%252Cfarmer%252Ctribute%252Cexceptionalism%252Chammerstein%26tg%3DPopCulture%252CVideo%252CTVandMovies%252CTheater%252CDanceandSpokenWord%26design%3Darc%26aux%3D5182%26nopulse%3Dtrue%26zeus_insights%3Dcf4%252Cio4%252Crda%252Crh6%252Cgqd%252Cjym%252Ct9w%252C8lc%252Cdcs%252Cbs1&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&bc=31&abxe=1&lmt=1642616116&dt=1642617164972&dlt=1642617164027&idt=644&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2545705598&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vis=1&scr_x=0&scr_y=0&psz=1x0&msz=0x0&psts=AGkb-H_y2UZAtB8CNUUCvCLjKKxsCUbofEQJWd1mv9XsHM2fjg0u6BwoGEBDKbGuR098bT9xHaMXBPh5pNYL0__gJy16FVG47HFOAQ%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1787282497.1642617165&ga_sid=1642617165&ga_hid=2003451893&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
155c5eaf88c7ba9eb83567560f6dc5140c38560727adaad1a4f1c44854932aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8428
x-xss-protection
0
google-lineitem-id
596911376
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275206352
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFloatingFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29726e833f4940e76823406599378dfda2812b5c91a6653cec78e722f1e40df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jnIqF1I3VU9Tt9MWO4LDDw==
age
8015045
vary
Accept-Encoding
content-length
2709
x-ms-lease-status
unlocked
last-modified
Fri, 20 Nov 2020 16:34:04 GMT
server
cloudflare
etag
0x8D88D7217F82E19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
19be85df-501e-004e-246c-c41d03000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d0225c15b80ca47-YUL
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.9.0/assets/v2/ 		46 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5dbd2985ef2d22745931d04bb5d212624b46d3f79458331e8625a7c2e61b287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SyeN6ChPWcrwm5vVybzGmw==
age
8015045
vary
Accept-Encoding
content-length
11368
x-ms-lease-status
unlocked
last-modified
Fri, 20 Nov 2020 16:34:05 GMT
server
cloudflare
etag
0x8D88D721902A23F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7cf0d569-f01e-00e9-3d6c-c424e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d0225c15b85ca47-YUL
chicagotribune.js
d1n00d49gkbray.cloudfront.net/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1n00d49gkbray.cloudfront.net/js/chicagotribune.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:cc00:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52a1bcfe57d41720ea9ca3591ee85d582aae3f2ac61d865ae746bf3db06a3998

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 19 Jan 2022 10:11:26 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 14:10:46 GMT
server
AmazonS3
age
30080
etag
W/"71c5820ca0ddb712c402e7a1bc2be005"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7YAZIDnDPqRSzZBsaVP85F5X4QBKrdSS
via
1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
IjENTA5XUPZipBrWCWbG2I741Za8dFBC6pgjqGdwJ2WhWIPend9Hww==
chiarc.min.js
www.tribdss.com/meter/
Redirect Chain
  • https://www.tribdss.com/meter/chiarc.min.js
  • https://www.tribdss.com/meter/chiarc.min.js?disabled=international
37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tribdss.com/meter/chiarc.min.js?disabled=international
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Server
23.217.25.136 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-25-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a258e14757773eba10e7940ffd91a3fb062e8e47fbd08ff1201fea1b37e97220
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
11473
X-Request-Id
e6f11f0f8c5ba81ce9820c25602fbd69
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.014377
X-Content-Digest
65a57c1dacd87b09c2432ac4074f1f3eb0731ee3
Last-Modified
Wed, 19 Jan 2022 14:29:02 GMT
Server
Apache
X-Host-Info
930da3397b09,; afa9101b11ffee6808bc0856b70b40f132c85c98 (HEAD -> refs/heads/release/2111.1.1, refs/remotes/origin/release/2111.1.1) DSS-16578: upgraded tribune_recurly_api gem to 1.0.6
ETag
11622184839271995092R
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, must-revalidate, max-age=93
Httpd-Identifier
930da3397b09
X-Rack-Cache
fresh

Redirect headers

Location
/meter/chiarc.min.js?disabled=international
Date
Wed, 19 Jan 2022 18:32:45 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
ml.br.js
js.matheranalytics.com/static/ltm/ma89701/all/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma89701/197837611/all/sp.js?cb=1587
  • https://js.matheranalytics.com/static/ltm/ma89701/all/15/ml.br.js
146 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma89701/all/15/ml.br.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
292bcd0551ee500b1cc5c1416ce840c056f16075b5f83fb84c3cbcbd422fa5ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 00:22:09 GMT
via
1.1 google
last-modified
Wed, 11 Aug 2021 04:39:34 GMT
server
nginx
age
65436
etag
"6d7605f5ee32490954d7a8f6534eaa33"
vary
Accept-Encoding
x-cache
HIT Wed, 11 Aug 2021 04:49:21 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
content-encoding
br
alt-svc
clear
content-length
43436

Redirect headers

date
Wed, 19 Jan 2022 18:32:45 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma89701/all/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
6-gc-nane1-20928
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=undefined
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f6e6f66884107b36b66f72696d85a0cfad0a58f9f621f46a352978b0fc87ba4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Wed, 19 Jan 2022 18:32:45 GMT
/
www.chicagotribune.com/api/v2/render/feature/
Redirect Chain
  • https://www.chicagotribune.com/api/v2/render/feature?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
  • https://www.chicagotribune.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
1 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f51ee42a58f6e464463793434db9ec9d50d409d5b7c8cfcbb7959a6b3fc34097
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:32:11 GMT
server
openresty
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
private, max-age=60
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
542
expires
Wed, 19 Jan 2022 18:33:45 GMT

Redirect headers

date
Wed, 19 Jan 2022 18:32:45 GMT
server
openresty
x-frame-options
sameorigin
content-type
text/html
location
/api/v2/render/feature/?name=breaking-news-bar&uri=/zzz-breaking-news/&wrapper=false
cache-control
private, max-age=13
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
166
expires
Wed, 19 Jan 2022 18:32:58 GMT
features
www.chicagotribune.com/pb/api/v2/async/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/pb/api/v2/async/features?rid=rfuvfF1zh9maLs&contentUri=/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
2a0370da744467626db6b2310636b1ad718f709ed7a45a62c73e6b7e7c145c49
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=46
content-length
1542
expires
Wed, 19 Jan 2022 18:33:45 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 6EBB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=13200
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-85.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

content-type
text/html
date
Wed, 19 Jan 2022 15:45:08 GMT
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption
AES256
cache-control
max-age: 86400
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1dbc16aba8d57ed568542bcd7a1672f2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
aiH_21sgVU1eWRa6M4UneMeCxHd1ywvSxxqt-WqBMr3zXzQYa0pu-Q==
age
10058
prebid
ib.adnxs.com/ut/v3/ 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
45dcd51afe9f550dc1293e43dcd998dab72a8426445a4d8571f55f3e97722062
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3eee2e3a-2d0e-4d76-a31c-4b6a78a34f25
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		46 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?ac=j&s=687193&v=7.2&sd=1&r=%7B%22id%22%3A%2254c5ff0d-7f1d-44fb-87cb-3b2d2675d5f6%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222c01d865-fa74-426a-83c8-03865e79ae71%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22540813%22%2C%22gpid%22%3A%224011%2Fzeus_mh_ldb_cbo_503%22%7D%7D%2C%7B%22id%22%3A%22e15ade44-9645-4f15-9d3c-ab8a310ede5b%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22540813%22%2C%22gpid%22%3A%224011%2Fzeus_mh_ldb_cbo_503%22%7D%7D%2C%7B%22id%22%3A%22361a17e7-ca48-401e-a98c-11cdc2506d9e%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22540813%22%2C%22gpid%22%3A%224011%2Fzeus_mh_ldb_cbo_503%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c222d7c1-8acc-4e56-b834-86840521a4ea%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-01-19T18%3A32%3A44%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%2C%7B%7D%2C%7B%7D%5D%7D%7D
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.175.77 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-175-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6988ad54a1633d04cd176f32f897e6dc5395d629cb7c28181dbd5aa8506a888

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.chicagotribune.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
66
x-ak-client-geo
19
expires
Wed, 19 Jan 2022 18:32:45 GMT
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=379810&tk_flint=custom&slots=1&size_id=2&alt_size_ids=55%2C57&zone_id=2103986&rp_floor=0.01
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1d35b9bf6969429f0ef82cfc95ee3f13fccb1c7130436d8610dae3cf9fef0b90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
262
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.chicagotribune.com&debug=false
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.1.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-1-63.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
Date
Wed, 19 Jan 2022 18:32:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Server
nginx
Connection
keep-alive
bid
c.amazon-adsystem.com/e/dtb/ 		186 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&pid=WEHZRVhN9vGWQ&cb=2&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22zeus_mh_ldb_cbo_503%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
9608a2b1edb731650d7cde16f6636dc48246b0c0ed5852f2f98fa167d4bfcca0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK51-C1
x-amz-rid
9F2P1G78YGGDFGCQZCE8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
186
x-amz-cf-id
cVADrQauFLnuOLgHbfPzbo3eEmyjpglT7tTh1Kr5X_arljpxtAkuyQ==
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1642617165082&plid=23144732&idsite=chicagotribune.com&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&sref=&sts=1642617165078&slts=0&title=Review%3A+%E2%80%9COklahoma!%E2%80%9D+in+a+radical+new+tour+in+Chicago+-+Chicago+Tribune&date=Wed+Jan+19+2022+18%3A32%3A45+GMT%2B0000+(GMT)&action=pageview&pvid=14677374&u=pid%3Da7c8c1d05af57acb01b5b145e72b3613
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 19-Jan-2022 18:32:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
geo.privacymanager.io/ 		30 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-54.jfk51.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 05:33:15 GMT
via
1.1 d1cde188ada6755fe03b8541b71fce4a.cloudfront.net (CloudFront), 1.1 ab00cdb05d9e58b648b9b6b09875b196.cloudfront.net (CloudFront)
age
46770
x-amzn-requestid
6a518c8e-1ebe-42e3-8361-17ba559b7b25
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61e7a29b-3ab8863b5771e18871d94352;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD89-C1, JFK51-C1
x-amz-apigw-id
MLZYUG18joEFhXg=
content-length
30
x-amz-cf-id
mnoivUa8q-RVOvZXX7kpC602w3xAzO-x5cl8qpMTYRNfcRCF695UVw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
view
securepubads.g.doubleclick.net/pcs/ Frame 6DAD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuts6cZtKCOwmSqqwUztKropEOhieQXOHeg_ZJ0mhz4SKeRCFavPaHevNIRXfPM5tyt7W2nUlaBjFQJgW7PI4xBNipURtyFHy8sDG-x7SkYKOIl3Jm5jCrLfs9q61z1H2o7ZSB80aaLpr-lLuRTXw1VCzoGjaOJMOKGB9pw6lTXJ5MYIpvRDDOE9RtbFmdebJjZ_rI_IMvGgiCSN5nLKHFI8gmyzxup05DY50h0_jkF1VQutoI2RQLuoUxwoc6Uwya7yevUVH4-X-LMlPgGm3L80LULGwkRL3dHDJGFHd9JDJ2aHBlDfMbgLjhO6BEQVu2ROqxg4bnVrbjJXQR0QHos2g8xDZw5aBwHD9AZgLYL&sig=Cg0ArKJSzMouQCVSbslaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tag
a.teads.tv/page/84798/ Frame 6DAD 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/84798/tag
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.253.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
572286d478b5ffd58a5a7807202682602f2b471341ba9a85ad6ec49b5a44ca7b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
2355
expires
Wed, 19 Jan 2022 19:32:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DAD 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:32:45 GMT
embedcode.php
d3mmnnn9s2dcmq.cloudfront.net/player3/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3mmnnn9s2dcmq.cloudfront.net/player3/embedcode.php?fk=mvnxxcIU&cid=4591&floatwidth=400&offsetx=0&offsety=50&floatposition=bottom-right
Requested by
Host: d3mmnnn9s2dcmq.cloudfront.net
URL: https://d3mmnnn9s2dcmq.cloudfront.net/shim/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:6c00:e:f240:cc80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
5b9e14d715735265ef2a440f07ea9bb0e0738028232e1579de99b13cbce91cc1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
server
Apache
x-amz-cf-pop
JFK51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 d9d5880faa1278f1716f3a60dd93de56.cloudfront.net (CloudFront)
cache-control
max-age=3600, no-cache="set-cookie"
content-length
26300
x-amz-cf-id
wH0Lo1SkE9XLdm1VcQohrpTLsxzQT964ozetDnb6530G49PCrWnKZg==
expires
Wed, 19 Jan 2022 19:32:45 GMT
pixel
protected-by.clarium.io/ Frame 6DAD 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_bE4zbkRJN0RYRzlwQVdBcW1mSE43NjlTS3o4LzMwOTk0NzMzNjo1eDE=&v=5&s=v31fpppplav&id=eyJkZnAiOnsiYWQiOjM0NTA4NTM3NiwiYyI6MTM4Mjc1MjA2MzUyLCJsIjo1OTY5MTEzNzYsIm8iOjMwOTk0NzMzNiwiQSI6Ii80MDExL3RyYi5jaGljYWdvdHJpYnVuZS9lbnQvc3RhZ2UvYmxvZy9jaHJpc2pvbmVzIiwieSI6MCwiY28iOjAsInMiOiJ6ZXVzX3RlYWRzIn19&sb=undefined&cb=3550522&h=www.chicagotribune.com&d=eyJ3aCI6ImJFNHpia1JKTjBSWVJ6bHdRVmRCY1cxbVNFNDNOamxUUzNvNEx6TXdPVGswTnpNek5qbzFlREU9Iiwid2QiOnsibyI6MzA5OTQ3MzM2LCJ3IjoiNSIsImgiOiIxIn0sIndyIjoyfQ==
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.250.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-250-212.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:45 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
js
www.google-analytics.com/gtm/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PNLWD5P&t=trb&cid=1787282497.1642617165
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e41ca8071170f4b05270ad898caf7281fc709fb1f4c8282b280fa1f240487ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35289
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 18:32:45 GMT
XNR3OADCDNFTXELXSKVKFSM2OM.jpg
www.chicagotribune.com/resizer/GBtJby1eiCYJz2rr0NRc66bZrVI=/72x72/top/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/GBtJby1eiCYJz2rr0NRc66bZrVI=/72x72/top/cloudfront-us-east-1.images.arcpublishing.com/tronc/XNR3OADCDNFTXELXSKVKFSM2OM.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c946c94e8fb7f04cfdeaec4a5ec381fd91e8b329c051dfc0c0734ffba4da8439
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
x-check-cacheable
YES
x-serial
8
etag
"bfd2ba0b5fb0e410315c903a178c4a5f8e5a546f"
content-type
image/jpeg
cache-control
private, no-transform, max-age=30499169
last-modified
Fri, 07 Jan 2022 18:33:37 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=341
content-length
2711
server
Akamai Image Manager
expires
Sat, 07 Jan 2023 18:32:14 GMT
ISLBIVWY6JGPLC6AQ46L4ESSIQ.jpg
www.chicagotribune.com/resizer/a6D0Q7S9kFWixXxV2GMTeyXxoWY=/72x72/top/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagotribune.com/resizer/a6D0Q7S9kFWixXxV2GMTeyXxoWY=/72x72/top/cloudfront-us-east-1.images.arcpublishing.com/tronc/ISLBIVWY6JGPLC6AQ46L4ESSIQ.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fa46ac01d783ae2ce5b6ddda82b7686955a53d0cdc88d24c5ae7f7ceaf7fe072
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
x-check-cacheable
YES
x-serial
600
etag
"96b92cec5d7280501cee6d4075836cd6473fa05b"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31023700
last-modified
Thu, 13 Jan 2022 20:14:23 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=410
content-length
2415
server
Akamai Image Manager
expires
Fri, 13 Jan 2023 20:14:25 GMT
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D3%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-120.compute-1.amazonaws.com
Software
/
Resource Hash
4713f88e60b533702faa797c3e3a33f40621379636afa3c00f835e280099eb96

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 Jan 2022 18:32:45 GMT
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId
3e63c8d5-5de5-534c-b002-92b70668d464
Content-Length
378
Content-Type
text/xml
view
securepubads.g.doubleclick.net/pcs/ Frame 6EEC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCCaaMM-iX1IhEh3b3v3goAlvVdcywFm2mydUvKpS62QxAuPE4G42Or1CPRBxoSQB0jMJ8Vm2Ap9LfRz9RUAZEOsRuHd2wLIKleY3DKYOACB1F0qv4UoovFG1EKQebIwk2_DqV2ihrlSK_t8_8EptcfNZ73wZIEB_mJU2Jqjk0U1cAox2HYtmuxvZr8_zKM2MqbLZthqPor6UdcbSuoTqJ8JN_7xuxjNLh-jgyFvZp-Cor9ezz5I3EsGoBn656nkNyhghKk5Vgay4lkoq_5yOkexaGL3zK37TUPifaPE4mfW-1tUnUWONYE6cC5IwhFzmoawM0Nc9TTfAuS0ibZwfTisCbFpMUfP72DR0&sig=Cg0ArKJSzA7p8X9MsrBjEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 18:32:45 GMT
truncated
/ Frame 6EEC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b70a92c89770489de4c36712a56086122ada635e94c48670854fd6c08bb78bb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
headerstats
as-sec.casalemedia.com/ 		0
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=339473&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184794-144562113101278.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:45 GMT
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.chicagotribune.com
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
19
Expires
Wed, 19 Jan 2022 18:32:45 GMT
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame C78B
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&dcc=t
267 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9c67c6ca53fca0eef341d51edaec7d3e4111b3260bc0dfab22407901a9246ec3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:45 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
267
Connection
keep-alive
x-amz-rid
V5HFEM13WDF7PVK5TKZ0
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:45 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
WVY6HPRCWGNJFJN6CN57
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
PugMaster
image6.pubmatic.com/AdServer/ Frame C3FE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85730770&p=159890&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b6d047a865505d2d83a4337a07187288f67193f087a87613f3e7d0890050f5bb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
187621-164323601241456.js
js-sec.indexww.com/ht/p/ Frame 0E60 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 18:01:43 GMT
Server
Apache
ETag
"da4acc-9a4f-5d5f32dacec48"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2003
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13270
Expires
Wed, 19 Jan 2022 19:06:08 GMT
data_read.php
embed.sendtonews.com/player4/ Frame 0E60 		35 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=2V78V_VWRlwMjkF0&instance=301471&version=65.21.11&age=220119&ESG_key=mvnxxcIU&type=float&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&ogSet=1
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.97.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-97-153.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3056fe8925744c3c29212a1134944df956bf4744ef944759729d20c6819a16dc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1, no-cache="set-cookie"
Connection
keep-alive
Content-Length
7459
Expires
Wed, 19 Jan 2022 18:32:46 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0E60 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4136d0d7197a842bce2936755c964243a25e0420f15071c8ee9493822aaf8c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 18:32:45 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 0E60 		524 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
604123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
123688
timing-allow-origin
*
last-modified
Tue, 26 Jan 2021 19:48:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6010721a-8304e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKRdfbQCP%2BROCJ7e1PDsSzmB4dBfrukt4rN6Pju4i%2FAechBFRYoTS0ThuxD7zLPD5%2FpXp0isyb88P13hilR4duwT%2FbY8I%2F59ehKNicY99VspHjcEeD98AJAYhiVh7ZUXgU2PXPE5Tduh2SEyS4TPI8kt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d0225c51f16ece6-YUL
expires
Mon, 09 Jan 2023 18:32:45 GMT
iscroll.min.js
cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/ Frame 0E60 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/iscroll.min.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3541390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7559
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-80dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c96Qd%2BK%2F0U0H3i4sI9wGy0m49WpicYKeIYWiLDNMB7EsKfCQqts7JmW1uXz2G0r%2F4VGHutITUBdKG89NpB7nfmO2frh0ZsJ8xK9vFo17oxnGrb8xz3eWb9%2BsXt9O9m29Xo%2FTVQR3YkcxD03bmYvWHtnF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d0225c51f18ece6-YUL
expires
Mon, 09 Jan 2023 18:32:45 GMT
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 0E60 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 04:47:05 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
age
49541
etag
"4a51b8991a6b67323936c2eb62e3518e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
342796
x-amz-cf-id
39s5tN1xUDk_Ri5PQBgG8eIgHYrN41W3xLACuVqLM9uAVjesiC7SiA==
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/ Frame 0E60 		324 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
356b62a0395aa56a302efad78666b9a5895aff01a3a6f7a9f4a027835108ab8c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 11:45:43 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 01:03:50 GMT
server
AmazonS3
age
24423
etag
W/"c7b42b817dce54504af788130b1b9d34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
_I8zFGMHA7_Z7nseg_Sw3A_-I4Zwjhz4nMYzSWPiHm-b53YLYBAKBQ==
css
fonts.googleapis.com/ Frame 0E60 		5 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 18:27:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 18:32:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 18:32:45 GMT
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 0E60 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video-js.min.css
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
167284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9062
timing-allow-origin
*
last-modified
Tue, 26 Jan 2021 19:48:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6010721a-9c87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKG1OnfGlvryPYaJTYbl9oMiA5truH26ej0e6Zmr4PTom8XxZG498IT%2Bpf1cH%2B8A7Pu%2BjwxQAMIBGm2dq%2FBDLtyvWHE2Ulf4Gv9%2B9n2ZoXsFDw2h5P7dGMC9sc%2Fg%2BytSu2e%2BNGMSTGbUtkgHAPguCO4l"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d0225c51f14ece6-YUL
expires
Mon, 09 Jan 2023 18:32:45 GMT
stn_trk.gif
s2l.sendtonews.com/ Frame 0E60 		26 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=2V78V_VWRlwMjkF0&instance=301471&version=65.21.11&age=220119&cmd=PRE_INIT&key=mvnxxcIU&order=1&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&canonical=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.207.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-207-8.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ 		351 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 05:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141749
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 05:12:46 GMT
config.json
c.go-mpulse.net/api/ Frame 4B9D 		625 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=DA9NK-5NF4A-5FWA6-EFVPV-RL87Z&d=www.chicagotribune.com&t=5475391&v=1.720.0&if=&sl=0&si=c777b885-9b5d-4607-b644-9308fcd052cd-r5yzik&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=544467
Requested by
Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:13:6ad::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5212fad71bff9515ab18e998bf38cbfdf2403a8dc0a2ebe77d3dafdd43d8674f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 Jan 2022 18:32:45 GMT
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
625
Content-Type
application/json
SmarterHandler.ashx
tr2.smarterhq.io/app1/ 		298 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=1695231906&i=yb1rdoghkc-1&cb=_smtr.postprocess&cu=true&bv=2.7.17&utc=0&pt=0&href=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&hostn=www.chicagotribune.com&pathn=%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html
Requested by
Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/chicagotribune.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.165.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-165-252.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
22b740da7a21ff66361a410f2cec7590948b3f5d9217618f8603f7141f6f42d4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
298
content-type
text/javascript
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.chicagotribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		88 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3546522437719344&correlator=4483840905252092&output=ldjh&impl=fifs&eid=44756432&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220119&iu_parts=4011%2Ctrb.chicagotribune%2Cent%2Cstage%2Cblog%2Cchrisjones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%2C300x250&prev_scp=slot%3Dzeus_c_1%26pos%3D1%26cnsd%3Dpts_darc_p1_uad%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_c_1.init.dsk%26amznbid%3D1%26amznp%3D1%26optimera%3DZ%2CA6%2CSA1%2CM3%2CL7%2CL1%2CTG9%2CB%26zeus_ix%3D4%26zeus_auctionid_ix%3D6de69fb2-d495-44e1-a2ac-024c3eb0ee39%26zeus_appnexus%3D5%26zeus_auctionid_appnexus%3D1744341151885782514%7Cslot%3Dzeus_c_2%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_c_2.init.dsk%26amznbid%3D1%26amznp%3D1%26pos%3D2%26cnsd%3Dpts_darc_p2_uad%26optimera%3DZ%2CA6%2CSA1%2CM3%2CL7%2CL1%2CJ1%2CA5%2CTH0%2CB%26zeus_appnexus%3D5%26zeus_auctionid_appnexus%3D4489379186338503328&eri=1&cust_params=zeus%3Dapplied%26zeus_4011%3Dwww.chicagotribune.com%26epvid%3D1642617164139_651119654%26euuid%3Dpre-cache-no-id-available%26ua%3Dd%26ss%3Dl%26ref%3Dnone%26instart%3Dfalse%26adb%3Dfalse%26apfv%3Dfalse%26apv%3Dfalse%26refresh%3Dfalse%26ptype%3Ds%26site%3Dtrb.chicagotribune%26slug%3Dct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m%26cid%3DOVFQPTECSNBT5OSKYUIOC2QA7M%26at%3DtaxonomyTags%26kw%3Dshow%252Coklahoma%252Ccharacter%252Cmaterial%252Cproduction%252Claurey%252Cmoment%252Cbroadway%252Ctime%252Cpeople%252Cfish%252COklahoma%252Cexperience%252Cchicago%252Ctour%252Ccast%252Cview%252Cpromise%252Cstatehood%252Camericana%252Crodgers%252Cfarmer%252Ctribute%252Cexceptionalism%252Chammerstein%26tg%3DPopCulture%252CVideo%252CTVandMovies%252CTheater%252CDanceandSpokenWord%26design%3Darc%26aux%3D5182%26nopulse%3Dtrue%26zeus_insights%3Dcf4%252Cio4%252Crda%252Crh6%252Cgqd%252Cjym%252Ct9w%252C8lc%252Cdcs%252Cbs1%26ccaud%3D497489%252C498725%252C475005%252C747175%252C473081%252C500100%252C514644%252C460948%252C465541%252Call%26lpid%3D22e505047af2ac4526390b3d8af5fbe&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&bc=31&abxe=1&lmt=1642616116&dt=1642617165658&dlt=1642617164027&idt=644&frm=20&biw=1600&bih=1200&oid=2&adxs=1206%2C1206&adys=756%2C1068&adks=3312930438%2C3312938924&ucis=4%7C5&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vis=1&scr_x=0&scr_y=0&psz=300x250%7C300x250&msz=1x0%7C1x0&psts=AGkb-H_y2UZAtB8CNUUCvCLjKKxsCUbofEQJWd1mv9XsHM2fjg0u6BwoGEBDKbGuR098bT9xHaMXBPh5pNYL0__gJy16FVG47HFOAQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_7fID0KXNqqlH_-EsBF_YzQkLP7C35NiEbA4zry8nQ5ym3kS2bpFnQctIIPs7uoc8qCYTVPq1-OSoKP9Ww80qNTi3qjJxISEM_Qf57J2WZ&ga_vid=1787282497.1642617165&ga_sid=1642617165&ga_hid=2003451893&ga_fc=true&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
0fc34bddc73c9b7b1bfed7ade59c0228dc514339027a4ad46da7c669ba328d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20810
x-xss-protection
0
google-lineitem-id
5858338558,5885038473
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376544308,138377983139
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
swg.js
news.google.com/swg/js/v1/ 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d346288a7a4521aff0802cfd44fdd0d4429ea44c96e6d149d0fa4544b1a3a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:21:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44780
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 19:11:46 GMT
chiarc-reaction-1q2w3-14928297824093199.min.js
www.tribdss.com/meter/assets/
Redirect Chain
  • https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-14928297824093199.min.js
  • https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-14928297824093199.min.js?disabled=international
67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-14928297824093199.min.js?disabled=international
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Server
23.217.25.136 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-25-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20f374999252598f9cd80fa7212e45b5eefa92b99086307535b564701e99ddc4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
14846
X-Request-Id
da0f0d1c7176e8092bd42001502ceeae
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.007024
X-Content-Digest
f94ae92245660ce5e1bbe1cf3efdb67092989288
Last-Modified
Wed, 19 Jan 2022 14:29:02 GMT
Server
Apache
X-Host-Info
43823b578725,; afa9101b11ffee6808bc0856b70b40f132c85c98 (HEAD -> refs/heads/release/2111.1.1, refs/remotes/origin/release/2111.1.1) DSS-16578: upgraded tribune_recurly_api gem to 1.0.6
ETag
14928297824093199
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31521371
Httpd-Identifier
43823b578725
X-Rack-Cache
fresh

Redirect headers

Location
/meter/assets/chiarc-reaction-1q2w3-14928297824093199.min.js?disabled=international
Date
Wed, 19 Jan 2022 18:32:45 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:26:16 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 02:25:57 GMT
server
nginx
age
389
etag
W/"61e0df35-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 fd6ee8ff46440f33e22da71450793e70.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
5Sn7Phj48Lvv67pfQVU3yK023-ZTAKPzPiIjvejD5pPqsLdhVlMZdw==
expires
Wed, 19 Jan 2022 20:26:16 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
195
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d0225c62bf5714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Jan 2022 18:32:45 GMT
v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih
smoggysnakes.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
05745b4cf6f956c780806fd0c49f589b0fb56eb8203f46ea0653adf06d451a97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-us-east1
etag
"12ef5df18e1d162520cfcc2658da5997a77f80a27295e4e41102d6ed55c5472e"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-qndz
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 19 Jan 2022 18:32:45 GMT
timing-allow-origin
*
feature-decisions
zephr.chicagotribune.com/zephr/ 		27 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-40.ewr52.r.cloudfront.net
Software
/
Resource Hash
6cd5675b2b3e888eb7551ce1ee4a443f5bbb7de2d344b9d3d22f0db0cf01f420

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
x-amz-cf-pop
EWR52-C3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
imxKbas8yFxVKEYrJ670230-pQq5oUp_oXnU2O6s-nFXC4T8ZCUcGg==
via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
x-blaize-request
101e182c
feature-decisions
zephr.chicagotribune.com/zephr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-40.ewr52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.chicagotribune.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Wed, 19 Jan 2022 18:32:45 GMT
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 413e6428a627e53beb32746ed7229af2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
6dUIMQBqLsbpH9EkJscy0c_27ZS-XQFoxTem7w7K6fEUzSJ_HJS_gQ==
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&wrdcnt=833&sec=entertainment&prem=metered&paracnt=18&ptype=story&pnum=1&mediat=reference&hier=entertainment%7Ctheater%7Creviews&chrcnt=5008&auth=Chris%20Jones&artupt=1642109242&arttype=stories&artsrc=chicago-tribune&artpubt=1642104629&artid=OVFQPTECSNBT5OSKYUIOC2QA7M&metered=1%7C2&metername=Prod%20CT%20Meter%20%7C%2060%20Days%20Rolling%20%7C%20Anonymous%20%7C%202%20Unique%20Views&metertype=meter&tv=js-3.0.138&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=5a44fba3-3f29-448c-9d53-279a57e94eba&pid=9df577c4-a656-45e8-b168-4009e35c2650&dtm=1642617165743&qnm=_matherq&visible=1&tabid=5d8dc246-f416-4fc8-8fbc-d49cb081ae1f&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vp=1600x1200&ds=1600x4533&tofa=1642617166&vid=1&lvidt=1642617166&duid=e9cba18674025235&fp=3441833202&cid=ma89701&mrk=197837611&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0MjYxNzE2MzYwMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMi43bWIiLCJoZWFwVCI6IjE0LjNtYiIsImZzdFBhaW50IjoiNjExIiwiZmV0Y2hTIjoiMjciLCJkb21haW5TIjoiMjgiLCJkb21haW5FIjoiMTYwIiwiY29ublMiOiIxNjAiLCJjb25uRSI6IjIyOSIsInNzbFMiOiIxODAiLCJyZXF1UyI6IjIyOSIsInJlc3BTIjoiNDIyIiwicmVzcEUiOiI0NDUiLCJkb21Mb2FkIjoiNDI2IiwiZG9tSW50ZXIiOiIxNDM0IiwiZG9tTG9hZFMiOiIxNDM1IiwiZG9tTG9hZEUiOiIxNDUzIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTc4NzI4MjQ5NyIsInJlZlRpbWUiOiIxNjQyNjE3MTY1NzQyIn1dLCJhdWRpZW5jZSI6W3sicHJvdmlkZXIiOiJ1c2VyREIiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiI5ZGY1NzdjNC1hNjU2LTQ1ZTgtYjE2OC00MDA5ZTM1YzI2NTAifSx7InByb3ZpZGVyIjoiaVNlZ3MiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiI5ZGY1NzdjNC1hNjU2LTQ1ZTgtYjE2OC00MDA5ZTM1YzI2NTAifV19
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.113.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-113-69.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:45 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2003451893&t=pageview&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&ul=en-us&de=UTF-8&dt=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&sd=24&sr=1600x1200&vp=1600x1200&je=0&_u=6ChAAEADQAQCAC~&jid=1950141560&gjid=1185516174&cid=1787282497.1642617165&tid=UA-6459251-3&_gid=128415961.1642617165&_r=1&cd41=Portrait&cd44=%3E1224&cd140=false&cd142=(none)&cd1=chicagotribune&cd2=entertainment%3Atheater%3Areviews&cd3=%2F4011%2Ftrb.chicagotribune%2Fent%2Fstage%2Fblog%2Fchrisjones&cd4=ct%3Act-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m%3Astory.&cd5=arc&cd6=story&cd7=story&cd8=story&cd9=ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m&cd10=ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m&cd12=Review%3A%20This%20is%20not%20your%20homespun%20%E2%80%98Oklahoma!%E2%80%99%20Come%20ready%20for%20a%20radical%20new%20musical.&cd13=Chris%20Jones&cd14=Chris%20Jones&cd15=01-13-2022%2015%3A27&cd16=01-13-2022%2015%3A27&cd17=chicago-tribune&cd18=Chicago%20Tribune&cd19=OVFQPTECSNBT5OSKYUIOC2QA7M&cd20=OVFQPTECSNBT5OSKYUIOC2QA7M&cd21=(none)&cd22=(none)&cd29=(none)&cd30=5008&cd32=(none)&cd33=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd98=(none)&cd99=(none)&cd100=(none)&cd101=(none)&cd102=(none)&cd103=(none)&cd119=default&cd124=(none)&cd125=(none)&cd127=reference&cd135=stories&cd31=1&cd97=0&cd95=(none)&cd96=signed-out&cd42=1900%20-%201999&cm81=1&cm4=3&cd137=MATHER_U9_FIRSTTIMEMET2_20191016&z=1756195737
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.js
player.sendtonews.com/bidderFiles/ Frame 0E60 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-64.ewr52.r.cloudfront.net
Software
Apache /
Resource Hash
9b035024d78ce5199c1ea0dbe7c7a2a33e096d4235145be6373b4d3319765c7e

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:46:58 GMT
content-encoding
gzip
age
2747
x-cache
Hit from cloudfront
content-length
1197
access-control-allow-origin
*
last-modified
Wed, 05 Jan 2022 00:19:19 GMT
server
Apache
etag
"c62-5d4cab46bcfc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 8d41af75f0c67663aa0315daec98e02c.cloudfront.net (CloudFront)
cache-control
max-age=3600, no-cache="set-cookie"
x-amz-cf-pop
EWR52-C3
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
xiQbfrl_zqTQmk0BJAZ5mS2uxfF1g_QoeUgTywIEfcuGDrn_FhLmUg==
expires
Wed, 19 Jan 2022 18:46:58 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 0E60 		0
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
6d0225c70de25467-YYZ
date
Wed, 19 Jan 2022 18:32:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0E60 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:55:01 GMT
content-encoding
gzip
age
81463
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
13F9V4RY5Q75KDM2H74M
etag
a89a0f9aa62d9c46ee287cd1f0b6423d
vary
Accept-Encoding
x-amz-version-id
GzCVpXkwVbKPnWWiNgpDCABi9Jbs4BMI
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
eVlldkhLy3wgkMk5p0fW04wyogSO3uC4Iden7Ai3PQq2Ee06YRKW4Q==
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/84798/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:18f::26e5 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12908fba830466a63d701246d2ab82c2728d680f333e7b32dd09eb8ad7b0a413

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:45 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
7JF0SXSEB2YAAGZ7
content-length
134179
x-amz-id-2
orvjHgTPNu030kbyblmXabu6KEEfPZ1q/ED+TzHwPiPhYoms7udD07EJX57alpGtN9xqlI8iwPg=
last-modified
Thu, 16 Dec 2021 15:16:54 GMT
etag
"0f6efc47ad711e0c01b740309e970dbf"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
0
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Jan 2022 19:02:45 GMT
/
id.sv.rkdms.com/identity/ Frame 0E60 		66 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.chicagotribune.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.87.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-87-39.compute-1.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e22d5e7782be3137b8d7beccf72fdf074fbc86ddac23a30c632c7b791d3390c7

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:45 GMT
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
66
vary
Origin
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3546522437719344&correlator=4483840905252092&output=ldjh&impl=fifs&eid=44756432&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220119&iu_parts=4011%2Ctrb.chicagotribune%2Cent%2Cstage%2Cblog%2Cchrisjones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x600%7C300x250&prev_scp=slot%3Dzeus_cc_1%26pos%3D3%26cnsd%3Dpts_darc_p3_uad%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_cc_1.init.dsk%26amznbid%3D2%26amznp%3D2%26optimera%3DZ%2CA6%2CSA1%2CM3%2CL7%2CL1%2CJ1%2CA5%2CA4%2CSA5%2CB3%2CM4%2CL8%2CL2%2CJ2%2CB2%2CB1%2CB0%2CTH2%2CB%26zeus_appnexus%3D8%26zeus_auctionid_appnexus%3D7278994259670535145&eri=1&cust_params=zeus%3Dapplied%26zeus_4011%3Dwww.chicagotribune.com%26epvid%3D1642617164139_651119654%26euuid%3Dpre-cache-no-id-available%26ua%3Dd%26ss%3Dl%26ref%3Dnone%26instart%3Dfalse%26adb%3Dfalse%26apfv%3Dfalse%26apv%3Dfalse%26refresh%3Dfalse%26ptype%3Ds%26site%3Dtrb.chicagotribune%26slug%3Dct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m%26cid%3DOVFQPTECSNBT5OSKYUIOC2QA7M%26at%3DtaxonomyTags%26kw%3Dshow%252Coklahoma%252Ccharacter%252Cmaterial%252Cproduction%252Claurey%252Cmoment%252Cbroadway%252Ctime%252Cpeople%252Cfish%252COklahoma%252Cexperience%252Cchicago%252Ctour%252Ccast%252Cview%252Cpromise%252Cstatehood%252Camericana%252Crodgers%252Cfarmer%252Ctribute%252Cexceptionalism%252Chammerstein%26tg%3DPopCulture%252CVideo%252CTVandMovies%252CTheater%252CDanceandSpokenWord%26design%3Darc%26aux%3D5182%26nopulse%3Dtrue%26zeus_insights%3Dcf4%252Cio4%252Crda%252Crh6%252Cgqd%252Cjym%252Ct9w%252C8lc%252Cdcs%252Cbs1%26ccaud%3D497489%252C498725%252C475005%252C747175%252C473081%252C500100%252C514644%252C460948%252C465541%252Call%26lpid%3D22e505047af2ac4526390b3d8af5fbe&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&bc=31&abxe=1&lmt=1642616116&dt=1642617165857&dlt=1642617164027&idt=644&frm=20&biw=1600&bih=1200&oid=2&adxs=1206&adys=1380&adks=2521087775&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=1x0&psts=AGkb-H_y2UZAtB8CNUUCvCLjKKxsCUbofEQJWd1mv9XsHM2fjg0u6BwoGEBDKbGuR098bT9xHaMXBPh5pNYL0__gJy16FVG47HFOAQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_7fID0KXNqqlH_-EsBF_YzQkLP7C35NiEbA4zry8nQ5ym3kS2bpFnQctIIPs7uoc8qCYTVPq1-OSoKP9Ww80qNTi3qjJxISEM_Qf57J2WZ&ga_vid=1787282497.1642617165&ga_sid=1642617165&ga_hid=2003451893&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
4f528df21233bd9d866cedd222df5ed38555e828bf42d630943ed6688e5c08e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18974
x-xss-protection
0
google-lineitem-id
5878444259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377321330
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab5547fe103db6c64.awsglobalaccelerator.com
Software
sophi /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.chicagotribune.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
5
date
Wed, 19 Jan 2022 18:32:46 GMT
server
sophi
vary
Accept-Encoding
content-length
0
tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/adapters/ga.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab5547fe103db6c64.awsglobalaccelerator.com
Software
sophi /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
server
sophi
vary
Accept-Encoding
p3p
policyref="", CP="This is not a P3P policy"
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
content-length
2
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3546522437719344&correlator=4483840905252092&output=ldjh&impl=fifs&eid=44756432&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220119&iu_parts=4011%2Ctrb.chicagotribune%2Cent%2Cstage%2Cblog%2Cchrisjones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&prev_scp=slot%3Dzeus_mh_ldb_cbo_1%26pos%3D1%26cnsd%3Dpts_darc_p1_uad%26optimera%3DZ%2CI3%2CC0%2CD4%2CSA1%2CM6%2CM0%2CL4%2CJ5%2CTG8%2CE1%2CM7%2CM1%2CL5%2CJ0%2CB%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_mh_ldb_cbo_1.init.dsk%26amznbid%3D2%26amznp%3D2%26zeus_appnexus%3D7%26zeus_auctionid_appnexus%3D5898342350379132722&eri=1&cust_params=zeus%3Dapplied%26zeus_4011%3Dwww.chicagotribune.com%26epvid%3D1642617164139_651119654%26euuid%3Dpre-cache-no-id-available%26ua%3Dd%26ss%3Dl%26ref%3Dnone%26instart%3Dfalse%26adb%3Dfalse%26apfv%3Dfalse%26apv%3Dfalse%26refresh%3Dfalse%26ptype%3Ds%26site%3Dtrb.chicagotribune%26slug%3Dct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m%26cid%3DOVFQPTECSNBT5OSKYUIOC2QA7M%26at%3DtaxonomyTags%26kw%3Dshow%252Coklahoma%252Ccharacter%252Cmaterial%252Cproduction%252Claurey%252Cmoment%252Cbroadway%252Ctime%252Cpeople%252Cfish%252COklahoma%252Cexperience%252Cchicago%252Ctour%252Ccast%252Cview%252Cpromise%252Cstatehood%252Camericana%252Crodgers%252Cfarmer%252Ctribute%252Cexceptionalism%252Chammerstein%26tg%3DPopCulture%252CVideo%252CTVandMovies%252CTheater%252CDanceandSpokenWord%26design%3Darc%26aux%3D5182%26nopulse%3Dtrue%26zeus_insights%3Dcf4%252Cio4%252Crda%252Crh6%252Cgqd%252Cjym%252Ct9w%252C8lc%252Cdcs%252Cbs1%26ccaud%3D497489%252C498725%252C475005%252C747175%252C473081%252C500100%252C514644%252C460948%252C465541%252Call%26lpid%3D22e505047af2ac4526390b3d8af5fbe&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&bc=31&abxe=1&lmt=1642616116&dt=1642617165872&dlt=1642617164027&idt=644&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=250&adks=1189824159&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vis=1&scr_x=0&scr_y=0&psz=1200x127&msz=1x0&psts=AGkb-H_y2UZAtB8CNUUCvCLjKKxsCUbofEQJWd1mv9XsHM2fjg0u6BwoGEBDKbGuR098bT9xHaMXBPh5pNYL0__gJy16FVG47HFOAQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_7fID0KXNqqlH_-EsBF_YzQkLP7C35NiEbA4zry8nQ5ym3kS2bpFnQctIIPs7uoc8qCYTVPq1-OSoKP9Ww80qNTi3qjJxISEM_Qf57J2WZ&ga_vid=1787282497.1642617165&ga_sid=1642617165&ga_hid=2003451893&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
9c2ec7d5ff9fb725d7b33f32264297b6720da89f8ea715770bb9d32371c06272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15621
x-xss-protection
0
google-lineitem-id
5876839852
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377435795
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6DAD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuR63as4x0kVEyIle9T97uePJJvuRlxHUcZXshNw__5c0W8MADZoP5kKjw17ZrSaD6K7SWIKiyq7LBAYsQ1o5Z3Z17vR5cGErIVIldih9U-t45k1eESIqS9fvBw_IJWGc--ac9JQCyLpx8OtIct18fx-R7Xonj0a-j9k_QWwumF44jokWNrWkBhuAZ5jZXjpU9vcOMJIdN_CeAV00CfmIB-wVlLKBFsrdGavl00ebJOkeSM7IMzPIUEtjC3rNltW6jHuN8wAnHeiVY_Fsi9PtEyl7ns9q1QLtQX5VO2cCVgJIhcHYuHqfELAQN-d2yiczxFgSPzPENH_PrpMzX0s9GRAQp6m84H7B7vEFO-zotG3Fg&sig=Cg0ArKJSzDsGWrBqjWZ1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 18:32:45 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6459251-3&cid=1787282497.1642617165&jid=1950141560&gjid=1185516174&_gid=128415961.1642617165&_u=6ChAAEACQAQCAC~&z=1693312172
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 19 Jan 2022 18:32:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 0E60 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 13:43:38 GMT
x-content-type-options
nosniff
age
362947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 15 Jan 2023 13:43:38 GMT
py5srvxk7cu3g9k61gi39m3dn1z1w7wz.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/py5srvxk7cu3g9k61gi39m3dn1z1w7wz.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41a6dcafeaf8911227dafb124e8b23ea8b786a5ce25fce1a5e33534f315f71fc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 16:13:15 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:35:15 GMT
server
AmazonS3
age
8371
etag
"c3a74a946d116fbc27138122234c35fa"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
2045
x-amz-cf-id
eSuILU3V1-zcvW6rF9VCg-AtuffzBP_X_PuhKvswyIXt2AbCtgp9ug==
eanlsofe2st3u8qrezfjzrovyxuqim61.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/eanlsofe2st3u8qrezfjzrovyxuqim61.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c89d3edd5838560bf4e4aa0b6b50afaa0c8b3f6f4d34c23e23a907c78d490d66

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 02:32:09 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:20:17 GMT
server
AmazonS3
age
57637
etag
"64f2e97ac12ba19c34f8bd9f47494223"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
2331
x-amz-cf-id
U2i710Yup_eQLRpxJ6_ruOtd5j12fBUGnvyKffV7LRDDiA97Ed5xag==
htnsel1526uhktcmdkuvuc2o25hy6oju.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/htnsel1526uhktcmdkuvuc2o25hy6oju.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d9f635db32caf65f5ad91298a4dffc3195ef6d4ad1235a04593c3db9749a190

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 01:22:17 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 02:50:46 GMT
server
AmazonS3
age
61829
etag
"e8a193a1a4587a147f2eb3983e6e5eca"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
1349
x-amz-cf-id
9sxhxsEpTc4CkEnbHhxsJsLrI1dMjaFVmvsDIckxx3oucaENwWdJNA==
u6q9q9b4a3mrxaszs6z37ikzvi3mycge.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/u6q9q9b4a3mrxaszs6z37ikzvi3mycge.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d44e09ffe9cd7c33f2ccaade8f874bffde15319f6e6530a62a76e32c95c0f23

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 01:22:17 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Mon, 09 Aug 2021 19:20:04 GMT
server
AmazonS3
age
61829
etag
"e35b59955df280c154e97f73db3317f4"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
2338
x-amz-cf-id
EUy_6_vYWhX--MwKtHa9NAe4jBxec3R1Ca8Fitwko6AbY7mYtO8SwQ==
u7s34hod5qf1p5w80c1g5f11g13uuv2i.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/u7s34hod5qf1p5w80c1g5f11g13uuv2i.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2508ec3c93e05cb54a1b7d723ab514da5aa327f05887d234adf377b9349ee36

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 04:12:35 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:13:39 GMT
server
AmazonS3
age
51611
etag
"fdba8cdeab9e3bf866c3feb95fbedae6"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
2206
x-amz-cf-id
NuH-2vgz0gzpPnJl1RjgLLWO0wexzAXEbEpn_ThL4SE-NRvIzZyQaw==
m368540yzya3lydj7t7vi4ovfzbbark7.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/m368540yzya3lydj7t7vi4ovfzbbark7.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1ab7c15e7bc09bd9a36851cc67246cad70381d95ed839cd5fd629db42de8be2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 04:46:55 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Tue, 17 Dec 2019 19:59:15 GMT
server
AmazonS3
age
49550
etag
"2711803f32b8d3628e4eac64b7c322fd"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
1683
x-amz-cf-id
RhhMyxAzF-FGeON9zdN8Ve2tOFFL8g87AJebCz3VMVWvYzozOnsGHw==
wn8rc4zm6rb5qq5e8askqshx9dmovrq7.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/wn8rc4zm6rb5qq5e8askqshx9dmovrq7.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
decd969e47a0378a9b6fff5fb8dc2ce8f60a09bbde0a35c4fc3632fc598878f3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 04:55:11 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Mon, 31 Aug 2020 15:27:03 GMT
server
AmazonS3
age
49055
etag
"d2a0dd8e1932bde880788c0764a52222"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
2543
x-amz-cf-id
12-D6wxXMgEGxAdDyPF4k4aXSbmCVYmsw8v_-J1TLmGXLzWzUiM84A==
2yoicoxsgxkaza3odw2j7oekxzozuene.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/2yoicoxsgxkaza3odw2j7oekxzozuene.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b85641108961858527d6ae42cc27acdd6f6bf724fd40b49f4d1652e9a9ac616d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 04:12:35 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Wed, 18 Mar 2020 22:19:10 GMT
server
AmazonS3
age
51611
etag
"35a44e35e874efe0ed840ec620cced1c"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
1974
x-amz-cf-id
n2pwIfakqjUolt8HI9SAAh5pgixZ8nh_c_wMb6SE1YzjqnyoXugUuw==
8ok3zlsn13ztmqdmifynh7vvdopu14e9.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 0E60 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/8ok3zlsn13ztmqdmifynh7vvdopu14e9.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ab0551586971ad8cb22e94983fda6914257297643c0526864a9acd0f6416c72

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 04:55:11 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 03:45:38 GMT
server
AmazonS3
age
49055
etag
"ef1d5b9ccc21b7c20230582ac5ba71a7"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
1274
x-amz-cf-id
Onmf4SI2XFXN9CWOhFDflZUgajQ4i8JDPmBXu-G886OyrjqvT8CBgQ==
truncated
/ Frame 0E60 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 0E60 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 13:43:38 GMT
x-content-type-options
nosniff
age
362947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 15 Jan 2023 13:43:38 GMT
data_stn_l.php
timber.sendtonews.com/timber/ Frame 0E60 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=mvnxxcIU&ES_key=mvnxxcIU&ES_ID=24576&S_RKEY=0&USR_ID=214301471&ST_usrKey=2V78V_VWRlwMjkF0&SM_ID=0&C_ID=4591&C_companyName=Tribune%20-%20Chicago&version=650210110&sC_ID=0&AC_ID=2008&TYPE=FLOAT&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&PLAYERWIDTH=740&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-0-108.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:46 GMT
Server
Apache
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1
Connection
keep-alive
Content-Length
0
Expires
Wed, 19 Jan 2022 18:32:47 GMT
stn_trk.gif
s2l.sendtonews.com/ Frame 0E60 		26 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=2V78V_VWRlwMjkF0&instance=214301471&version=65.21.11&age=220119&cmd=GET&key=mvnxxcIU&c_id=4591&seq=0&order=2&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&playerCfg=FL&canonical=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.207.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-207-8.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ Frame 0E60 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=mvnxxcIU&ES_key=mvnxxcIU&ES_ID=24576&S_RKEY=0&USR_ID=214301471&ST_usrKey=2V78V_VWRlwMjkF0&SM_ID=0&C_ID=4591&C_companyName=Tribune%20-%20Chicago&version=650210110&sC_ID=0&AC_ID=2008&TYPE=FLOAT&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&PLAYERWIDTH=740&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-0-108.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:46 GMT
Server
Apache
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1
Connection
keep-alive
Content-Length
0
Expires
Wed, 19 Jan 2022 18:32:47 GMT
stn_trk.gif
s2l.sendtonews.com/ Frame 0E60 		26 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=2V78V_VWRlwMjkF0&instance=214301471&version=65.21.11&age=220119&cmd=RTP&key=mvnxxcIU&c_id=4591&seq=0&order=3&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&playerCfg=FL&status=LVFNLNIY&ac_id=2008
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.207.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-207-8.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame 637A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:46 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 19 Jan 2022 18:32:46 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 48B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YehZTgAABTHFZgAZ&gdpr=0&gdpr_consent=&_test=YehZTgAABTHFZgAZ
1 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YehZTgAABTHFZgAZ&gdpr=0&gdpr_consent=&_test=YehZTgAABTHFZgAZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:46 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va1pug013:0:744
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YehZTgAABTHFZgAZ&gdpr=0&gdpr_consent=&_test=YehZTgAABTHFZgAZ
accept-ranges
bytes
date
Wed, 19 Jan 2022 18:32:46 GMT
via
1.1 varnish
x-served-by
cache-yul12820-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1642617166.061111,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 02AF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc1361e8-594e-4000-912e-fc1e60f60433&gdpr=0&gdpr_consent=
42 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc1361e8-594e-4000-912e-fc1e60f60433&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug011:0:1577
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master ord-pixel-x12 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc1361e8-594e-4000-912e-fc1e60f60433&gdpr=0&gdpr_consent=
Expires
Wed, 19 Jan 2022 18:32:45 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 35BB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQi1FN0QwTE1BQUVIUmhFbTk3QQ&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABB-E7D0LMAAEHRhEm97A&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB-E7D0LMAAEHRhEm97A
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB-E7D0LMAAEHRhEm97A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:504
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 19 Jan 2022 18:32:46 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABB-E7D0LMAAEHRhEm97A
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C3FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZKSejSy0ReSHoyGU2MdOPw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=124567
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Fri, 21 Jan 2022 05:08:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame C3FE
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDY0QTQ5RThELTJDQjQtNDVFNC04N0EzLTIxOTREOEM3NEUzRhAAGg0IzrKhjwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8203de639d35df1943bfe47ec789202dbd861b466d1e8019ed987ac283524934791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4MjAzZGU2MzlkMzVkZjE5NDNiZmU0N2VjNzg5MjAyZGJkODYxYjQ2NmQxZTgwMTllZDk4N2FjMjgzNTI0OTM0NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4MjAzZGU2MzlkMzVkZjE5NDNiZmU0N2VjNzg5MjAyZGJkODYxYjQ2NmQxZTgwMTllZDk4N2FjMjgzNTI0OTM0NzkxNDI2YjU0MTdkY2UyMRAAGgwIzrKhjwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c1428f21-a461-433d-9441-471e4cb14c42
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=c1428f21-a461-433d-9441-471e4cb14c42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=c1428f21-a461-433d-9441-471e4cb14c42
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame C3FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ab0161e8-594e-4b00-90fe-576cb3984342
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ab0161e8-594e-4b00-90fe-576cb3984342
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 19 Jan 2022 18:32:46 GMT
Server
MT3 4133 baa842e master ord-pixel-x50 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ab0161e8-594e-4b00-90fe-576cb3984342
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 Jan 2022 18:32:45 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C3FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjRBNDlFOEQtMkNCNC00NUU0LTg3QTMtMjE5NEQ4Qzc0RTNG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug015:0:779
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C3FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAKlFOpTZcCm6QSXx5aDNks&google_cver=1
42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAKlFOpTZcCm6QSXx5aDNks&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:450
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAKlFOpTZcCm6QSXx5aDNks&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C3FE
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug012:0:1018
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 18 Jan 2022 18:32:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C3FE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8234736566488735343&gdpr=0&gdpr_consent=&us_privacy=
1 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8234736566488735343&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:55:12 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug003:0:595
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8234736566488735343&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C3FE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c222d7c1-8acc-4e56-b834-86840521a4ea
42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c222d7c1-8acc-4e56-b834-86840521a4ea
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:55:42 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug010:0:371
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c222d7c1-8acc-4e56-b834-86840521a4ea
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C3FE 		43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/64A49E8D-2CB4-45E4-87A3-2194D8C74E3F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:7530:e049:6d41:d338 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame C3FE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JEgl569E2uUqIZznAD771OOt.P1Fh7k-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JEgl569E2uUqIZznAD771OOt.P1Fh7k-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JEgl569E2uUqIZznAD771OOt.P1Fh7k-~A&gdpr=0&gdpr_consent=
date
Wed, 19 Jan 2022 18:32:46 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
SmarterHandler.ashx
tr2.smarterhq.io/app1/ 		298 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=436197000&i=yb1rdoghkc-1&cb=_smtr.postprocess&t=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&cid=reviews&cn=theater&bv=2.7.17&utc=0&pt=3&href=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&hostn=www.chicagotribune.com&pathn=%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&modalc=637782139656884005^017e739c-d778-4203-a953-7d96721f67e8^017e739c-d778-4cd6-b6b8-d8c38360cd5b^0^149.56.153.187
Requested by
Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/chicagotribune.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.165.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-165-252.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
24ff83a982170f3c31a232cf5f6bfa33f09ef23ff97a12896817d377c1fc5487

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
298
content-type
text/javascript
SmarterHandler.ashx
tr2.smarterhq.io/app1/ 		298 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=471637763&i=yb1rdoghkc-1&cb=_smtr.postprocess&t=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&pid=4fccefce9058c3f8ac2e38bb5a7ef3c9&bv=2.7.17&utc=0&pt=0&href=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&hostn=www.chicagotribune.com&pathn=%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&modalc=637782139656884005^017e739c-d778-4203-a953-7d96721f67e8^017e739c-d778-4cd6-b6b8-d8c38360cd5b^0^149.56.153.187
Requested by
Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/chicagotribune.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.165.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-165-252.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
988f49713b4e6d097ee78b2287463d47e764bee1f21c34694ec34106dfa1a3f6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
298
content-type
text/javascript
smtr1x1.gif
tr2.smarterhq.io/app1/ 		43 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr2.smarterhq.io/app1/smtr1x1.gif?r=1953880726&action=product_scrape&i=yb1rdoghkc-1&modalc=637782139656884005%5E017e739c-d778-4203-a953-7d96721f67e8%5E017e739c-d778-4cd6-b6b8-d8c38360cd5b%5E0%5E149.56.153.187&scraped_products=%5B%7B%22productId_scraped%22%3A%224fccefce9058c3f8ac2e38bb5a7ef3c9%22%2C%22percent_complete%22%3A0%2C%22article_slug%22%3A%22ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m%22%7D%5D&bv=2.7.17
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.165.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-165-252.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
43
content-type
image/gif
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame C6C7 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 01:48:06 GMT
expires
Sun, 15 Jan 2023 01:48:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
405880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0E60 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 18:32:46 GMT
py5srvxk7cu3g9k61gi39m3dn1z1w7wz.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 0E60 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/py5srvxk7cu3g9k61gi39m3dn1z1w7wz.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50f185635a2b8a1d9eddc2f6086f3d5e8bb2fc9b3784b4374c4573ad1c8429ed

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 02:49:00 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:35:15 GMT
server
AmazonS3
age
56627
etag
"a95a6ccdfce9854cd7fe298e2b602218"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
27645
x-amz-cf-id
I3rxlQrAmX_ytmyx20zzfcyoHwDpEp7YhrIh4GM9RtGZzqLfK1CZ1A==
pixels
bcp.crwdcntrl.net/ Frame 990B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=13200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-1-168.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
51509702e237f631eb0b9c2023e86e19fadee71428085f137fa25ba3f9ebfbf0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-type
text/html
content-length
1896
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.40.38.209
server
Jetty(9.4.38.v20210224)
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame E63A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2b726738f3e7aded2bdbc9c57e27086583974f79f8da3e0ec4fea3889bb42468
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&dcc=t

Response headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
1970
Connection
keep-alive
x-amz-rid
YGVJ7XNEB3WM005CC8YC
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 19:57:30 GMT
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
age
5265317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
2ptV7q5sE0zZj78Mgrfkj6KgOVDe-dz50u4Ecl7pCuRNvO_wIBHPIw==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6459251-3&cid=1787282497.1642617165&jid=1950141560&_u=6ChAAEACQAQCAC~&z=749170461
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6459251-3&cid=1787282497.1642617165&jid=1950141560&_u=6ChAAEACQAQCAC~&z=749170461
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
daca88b0-7550-42e1-a349-595f2352a47b
https://www.chicagotribune.com/ Frame 0E60 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/daca88b0-7550-42e1-a349-595f2352a47b
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 0E60 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 09:01:36 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
34271
etag
"cb93bb50e5d021cc38de445a672c18a2"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
1094
x-amz-cf-id
eHqcnXRWk9TMOEm6fgBA7Nm3OOg5LtgoxejNMFZKsHIATG2x8IB48w==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 0E60 		322 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:16:04 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
40603
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
322
x-amz-cf-id
RrJYqPlqjp4CiCZmqWEYPweC5lAqcUGGdu4u1MUNfLVjypSDxJeDtA==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 0E60 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:46:25 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
35182
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
832
x-amz-cf-id
FWP-yGfm0YN1Il9d4w1b-wf1A4oxyXBFoAguOnjRsV1-Mm8pgKVzxg==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 0E60 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 09:08:38 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
33849
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
773
x-amz-cf-id
b18SSpAyMF9LnhKLI9lz67L9EUtfFS0ILDFrh1K05mORx1am-jzAlg==
view
securepubads.g.doubleclick.net/pcs/ Frame DCA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst98kFf0pUZVbqfc9uOYbZKNZe-6OsEQeiOfYrKLXC3i-8colPOBXq6jRvCRb3YF5f6QkW2UmxtrGXnKCpW4HeS7t9K_tEIsdRiJzjjsBa95OAKtLDiSeZBxi-MptkdB0C5zSQD1P1_sPXytOxIDoECWA1XS3f_T0ObOH5siXMzjN06gSYVsINfaWKCttJi91zIHr1twfpbX4DpzuCwD12oRZmi6j0sSNiTs-2acE7EitqoYcCaW2gDOkEVLQwzfg4Os5t0zczKRy7MnleMgFnjYkuHaa3iD_dwopgczO_bhLTXwzlXVb19EWY4OiT4BOCQm_E39QVyo8z7kPYHsvHMCqCw_YJ8u0YG&sig=Cg0ArKJSzKW3904f42XZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame DCA9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:26:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame DCA9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:29:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DCA9 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:32:46 GMT
l
www.google.com/ads/measurement/ Frame DCA9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrtjteFDP9SplDVSJAxq-l09kXjhgS6-KHcRhbK4i9NBNE8cpbgTWwHVnbsnYX0s1jvDrmpE0DmqRioXcmxt7f-eCuBA
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
14278666949496800690
tpc.googlesyndication.com/simgad/ Frame DCA9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14278666949496800690
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feb0b87806971fc6a6816c673865ba4c6167552ced2fde7463a5388be93a74e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 05:51:33 GMT
x-content-type-options
nosniff
age
391273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25766
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 20:03:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Jan 2023 05:51:33 GMT
auction
tlx.3lift.com/header/ Frame 0E60 		19 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.5.0&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.1.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-1-63.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 0E60 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 0E60 		185 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.41.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-41-144.compute-1.amazonaws.com
Software
/
Resource Hash
5e866094e65c416b49e81b370293c612c80d6d62e7f887fe1ef45f62494a8942

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
tag
pi979-10rsz.ads.tremorhub.com/ad/ Frame 0E60
Redirect Chain
  • https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=740&playerHeight=416&srcPageUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahom...
  • https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=740&playerHeight=416&srcPageUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahom...
949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=740&playerHeight=416&srcPageUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&supplyCode=pi979-10rsz&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&transactionId=040086f4-2471-4640-a56d-7a7a9c9f7258&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&hb=1&fmt=json&_tur=T
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
2600:1f18:612b:4216:369e:8f18:e653:ef27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_SUPPLY_DOMAIN
content-type
text/html;charset=utf-8
content-length
949

Redirect headers

location
https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=740&playerHeight=416&srcPageUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&supplyCode=pi979-10rsz&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&transactionId=040086f4-2471-4640-a56d-7a7a9c9f7258&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&hb=1&fmt=json&_tur=T
date
Wed, 19 Jan 2022 18:32:46 GMT
access-control-allow-credentials
true
server
Apache-Coyote/1.1
access-control-allow-origin
https://www.chicagotribune.com
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 0E60 		0
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
x-spotx-timing-transform
0.000366
x-spotx-timing-spotmarket
0.035200
x-spotx-timing-page-require
0.000435
x-fe
141
x-spotx-timing-page-misc
0.032584
x-spotx-timing-page-cookie
0.000046
x-spotx-timing-page
0.070102
pragma
no-cache
x-spotx-timing-page-context
0.000398
last-modified
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.035200
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000018
x-spotx-timing-page-mux
0.001054
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 0E60 		37 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22115579b6fb217c5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2%22%2C%22domain%22%3A%22chicagotribune.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22chicagotribune.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.5.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221241f9f7ac1208%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A740%2C%22h%22%3A416%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%2C%22sizes%22%3A%5B%5B740%2C416%5D%5D%2C%22playerSize%22%3A%5B%5B740%2C416%5D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22g4nkrAVSzVCp8H-G4jRi5w%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c222d7c1-8acc-4e56-b834-86840521a4ea%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-01-19T18%3A32%3A44%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.39.175.77 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-175-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f5b7c42e442751a5e0ab3656d433067c30bf7d6577da809c8bda38f24bb813a6

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Wed, 19 Jan 2022 18:32:46 GMT
avjp
sendtonews-d.openx.net/v/1.0/ Frame 0E60 		106 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sendtonews-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=040086f4-2471-4640-a56d-7a7a9c9f7258&nocache=1642617166358&schain=1.0%2C1!sendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A740%2C%22h%22%3A416%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%7D%7D%5D%7D&auid=540931806&vwd=740&vht=416&aucs=kylvul3z.To7E35
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 0E60 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SendtonewsDirect
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.12.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-12-126.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 0E60 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8065e67ca329afb1a2cf53016a56586663f42d9ee41b180b605310c50c9a11e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:46 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c7689e0f-131d-4cc2-a4f5-b39478ce83b7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%20-%20Chicago%20Tribune&metername=Prod%20CT%20Meter%20%7C%2060%20Days%20Rolling%20%7C%20Anonymous%20%7C%202%20Unique%20Views&metertype=meter&metered=1%7C2&tv=js-3.0.138&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=9af21b7e-0667-40bd-b872-e76fa3ce5855&pid=9df577c4-a656-45e8-b168-4009e35c2650&dtm=1642617165755&qnm=_matherq&visible=1&tabid=5d8dc246-f416-4fc8-8fbc-d49cb081ae1f&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vp=1600x1200&ds=1600x4533&tofa=1642617166&vid=1&lvidt=1642617166&duid=e9cba18674025235&fp=3441833202&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoiY29udGVudCIsImRhdGEiOnsib3V0Y29tZXMiOlt7ImZlYXR1cmVMYWJlbCI6IlByb2QgQ1QgTWV0ZXIiLCJvdXRjb21lSWQiOiJ0cmFuc2Zvcm1hdGlvbi82Iiwib3V0Y29tZUxhYmVsIjoiV2l0aGluTGltaXQifV0sIm1ldGVycyI6W3sidXNlZEluRGVjaXNpb24iOiIxIiwiZGVjcmVtZW50ZWRJbkRlY2lzaW9uIjoiMSIsInRvdGFsQ3JlZGl0cyI6IjIiLCJyZW1haW5pbmdDcmVkaXRzIjoiMSIsImVudGl0bGVtZW50SWQiOiJtMTU0RU8ifV0sInRyaWFsVHJhY2tpbmdEZXRhaWxzIjpbeyJjcmVkaXRzVXNlZEtleSI6IlByb2QgQ1QgTWV0ZXIgfCA2MCBEYXlzIFJvbGxpbmcgfCBBbm9ueW1vdXMgfCAyIFVuaXF1ZSBWaWV3cyIsImVudGl0bGVtZW50SWQiOiJtMTU0RU8iLCJlbnRpdGxlbWVudFR5cGUiOiJtZXRlciJ9XSwidGVzdEdyb3VwcyI6eyI1ZTE0NGQxYi05ODU0LTQ3ZTMtODA0ZC0zYjM0ZTI4MDJiNjMiOiJBIiwiOGM1NTMyZWMtMjIxYy00NmEzLTljMzAtNzA0ZTM5ZTM0NWJiIjoiQSIsImNiMzNkZTBlLTFjMWItNDhmNS1iNTFhLTQzOTczODgxMWFiZCI6IkEiLCIwZjhjODM3ZC1lOWU4LTRkZjAtOGM0OS0yNWJjN2RjODQ5ODciOiJCIiwiMTQyY2UzOTMtMGM2YS00MDNhLTkwNWEtYTY0OGMwZTY2NDk1IjoiQiIsIjE4OGMzYzYyLTUyZTctNDkxNC05ODUyLTY4NzFkODIxZDBlYiI6IkIiLCI4ZTIyMjRjOC00ODUwLTQyMjYtOGZkYy1jNTA5YjdiMjBhM2QiOiJCIiwiZTc1OGVkZjItYjhjMC00MDNmLTkyODQtZWM2NTEyMmMxNmEwIjoiQiIsImYxZGJlMDc2LWQyMmQtNDAwNy04NmVlLTJiMjBkMDg1MGQwYSI6IkEifSwib3V0Y29tZUxhYmVsIjoiV2l0aGluTGltaXQifSwidmVuZG9yIjoiemVwaHIiLCJ0eXBlIjoidW5rbm93biJ9LCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjE3ODcyODI0OTciLCJyZWZUaW1lIjoiMTY0MjYxNzE2NTc1NCJ9XSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiOWRmNTc3YzQtYTY1Ni00NWU4LWIxNjgtNDAwOWUzNWMyNjUwIn0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiOWRmNTc3YzQtYTY1Ni00NWU4LWIxNjgtNDAwOWUzNWMyNjUwIn1dfQ
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.113.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-113-69.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:46 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EEC 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0C2A2vaHkPdi_Yla5mJ3tQtVRYQozs15P4HFhq_ZHkiTApdpl2v45xQNz-xoKezVXsK3CUIJUHzRzF-OWCVt-N53vVitqWfZh1Fp61RPykxA4BEpr&sig=Cg0ArKJSzKf9n7fsjut0EAE&id=lidar2&mcvt=1149&p=105,858,141,958&mtos=1149,1149,1149,1149,1149&tos=1149,0,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3438545435&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642617164859&rpt=351&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
headerstats
as-sec.casalemedia.com/ Frame 0E60 		0
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:46 GMT
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.chicagotribune.com
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
19
Expires
Wed, 19 Jan 2022 18:32:46 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
196
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d0225ca0e2b4bb9-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Jan 2022 18:32:46 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=chicagotribune.com&p=%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&u=DknGO_BOAqk_CiUOs_&d=chicagotribune.com&g=3906&g0=entertainment%2Ctheater%2Creviews&g1=Chris%20Jones&n=1&f=00001&c=0&x=0&m=0&y=4740&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2801&_s=%7B%22epvid%22%3A%221642617164139_651119654%22%7D&t=B51cLDXKj38CFTsgSBtWXqHBKUQYM&V=129&i=Review%3A%20This%20is%20not%20your%20homespun%20%E2%80%98Oklahoma!%E2%80%99%20Come%20ready%20for%20a%20radical%20new%20musical.&tz=0&_acct=anon&sn=1&sv=D7hwgDDYxJoFDAExfdBrToDziWCTa&sd=1&im=067b0ef3&_
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.94.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-94-94.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 19:17:44 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame 5FB0 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7e9e7aaa25cad2e2ae46e5b175a0aac69f9dd691c6e1ae5ee033bcf3199516d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jKyH6M3TLyhANszWO1TdPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-jKyH6M3TLyhANszWO1TdPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 19 Jan 2022 18:32:46 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-jKyH6M3TLyhANszWO1TdPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-jKyH6M3TLyhANszWO1TdPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:26:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 19:16:22 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2946 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:58:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E60A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugq2ptNuZkjeYzf5HY518b6p-yVYpaS8rlbiUqJCNnXPLBD0_aJrNl7-nXeWhHpILDdm1Fcaf0Ucu3rraltg2InXLvi8K43OYaNW3FkgLTWmtODnDxXjjMYNXP1WNe7zHODACXSsSbxqxI9QlM58_CmCXD5byfzK6xIqcBK-FVEKfkapH7DdozEpdchL0xFcU5_4XRdGJ0Kft7sh7y-0gwUUDDjybZoifgg9Gv5y4bbFdQdKoiaSC-5KqibTi3JPtK0lFmQlG8Vgv7X76GAvsXZ0864HWJ7mIPXifAx9GtpwcDLWZN7aQe5kchJV2eGjHztZ2KQw-KXlbLmAldU5GNYH3e0PrhlXcqou0N&sig=Cg0ArKJSzLr0sHJuIPuREAE&uach_m=[UACH]&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame E60A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:26:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame E60A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:29:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E60A 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:32:46 GMT
l
www.google.com/ads/measurement/ Frame E60A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT52wgC3apWklpDiGWaYoE-Fx6yRfDFYR7iPi1gsXk0dntY79FFNg_wz_KDiydCKS6f6Esilta5tq8TUaErb07trvC6UQ
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
895276760768854789
tpc.googlesyndication.com/simgad/ Frame E60A 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/895276760768854789
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e56eb824ff3ca591260475caea689584cd402e45e5da4d90b8e7c1c1644744a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:02:33 GMT
x-content-type-options
nosniff
age
217813
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40093
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 21:42:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Jan 2023 06:02:33 GMT
entitlements
news.google.com/swg/_/api/v1/publication/chicagotribune.com/ 		2 B
55 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/chicagotribune.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 0E60 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.chicagotribune.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 15:45:04 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
server
Server
age
10061
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
w_pu4x5KallY6izEZov0_zKOKkvDcSj66ojGxJ_BvgPKThztJaoh2g==
bid
c.amazon-adsystem.com/e/dtb/ Frame 0E60 		160 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&pid=BEwjcCKSfGMPN&cb=0&ws=740x477&v=7.72.0&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&schain=1.0%2C1!sendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%2C1%2C70dc9920-e969-4d60-b0ca-d4ac60b00dff%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
Server /
Resource Hash
29fbc17868e9644622bb67bc81adff298e042b1b32a9a84fbeffe6d8d00ce009
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
via
1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK51-C1
x-amz-rid
KTXF3W3QZJM40RNDHBSP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
160
x-amz-cf-id
0TTEphK6AzVgW8rswXeeZ5KrO-XlsgliMFrfQaEU7OIUr-xjWBlcBQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0E60 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.222.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-222-69.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 02:05:11 GMT
via
1.1 0bb631caf01a1e61a0610f8aef984a00.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
59256
x-cache
Hit from cloudfront
content-length
6482
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
QTh6t_NhpycVWCkcNmgWVUNwmvdQiBtxurMftgiL7BBXqNnfQ8G2Rw==
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=739c1ecd-3041-4fe3-b5e9-51779a7facb1&pageId=84798&pid=91828&debug_metadata=uaQTB1XsKp&fv=931&ts=1642617166597&f=1&referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=739c1ecd-3041-4fe3-b5e9-51779a7facb1&pageId=84798&pid=91828&slot=native&fv=931&ts=1642617166607&f=1&referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=b2b2b20a-555f-4290-bb6a-63f9e6caab4a&pageId=84798&pid=91829&debug_metadata=UUyl25XJTK&fv=931&ts=1642617166612&f=1&referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=b2b2b20a-555f-4290-bb6a-63f9e6caab4a&pageId=84798&pid=91829&slot=multislot&fv=931&ts=1642617166617&f=1&referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/84798/ 		537 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/84798/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&page=%7B%22id%22%3A84798%2C%22placements%22%3A%5B%7B%22id%22%3A91828%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A788%2C%22height%22%3A443%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=739c1ecd-3041-4fe3-b5e9-51779a7facb1&formatVersion=931&env=js-web&netBw=10&ttfb=193
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.253.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b012a1266a30659c75a4b302358a189ae59b83782146ca879a37a5fb846e9ee1

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
384
expires
Wed, 19 Jan 2022 18:32:46 GMT
ad
a.teads.tv/page/84798/ 		537 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/84798/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&page=%7B%22id%22%3A84798%2C%22placements%22%3A%5B%7B%22id%22%3A91829%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A788%2C%22height%22%3A443%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=b2b2b20a-555f-4290-bb6a-63f9e6caab4a&formatVersion=931&env=js-web&netBw=10&ttfb=193
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.253.139 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60ce250983d50c530dcc3942dd7a8c05dd1c40a6e68456eeba10f8685fd35c06

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
380
expires
Wed, 19 Jan 2022 18:32:46 GMT
g.json
aa.agkn.com/adscores/ Frame 990B 		103 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.154.202.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:46 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
application/json
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
103
Expires
0
tpid=YehZTHaLvzfc9K6Athf.PwAA%26997
sync.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 990B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183715&cb=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D6725%2Ftp%3DINDX%2Ftpid%3D__UID__
  • https://sync.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YehZTHaLvzfc9K6Athf.PwAA%26997
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YehZTHaLvzfc9K6Athf.PwAA%26997
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
H2
Server
18.233.240.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-240-143.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.45.103
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YehZTHaLvzfc9K6Athf.PwAA%26997
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
265
Expires
Wed, 19 Jan 2022 18:32:46 GMT
tpid=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 990B
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
H2
Server
18.233.240.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-240-143.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.38.204
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:45 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=19612126-2264-4870-abc8-417840092cbd
sync.crwdcntrl.net/map/c=8157/tp=NLDN/ Frame 990B
Redirect Chain
  • https://jadserve.postrelease.com/dmp/5?vk=22e505047af2ac4526390b3d8af5fbe&ntv_r=https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=NTV_USER_ID
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=19612126-2264-4870-abc8-417840092cbd
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=19612126-2264-4870-abc8-417840092cbd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
H2
Server
18.233.240.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-240-143.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.130
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
server
nginx/1.12.1
location
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=19612126-2264-4870-abc8-417840092cbd
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
utsync.ashx
ml314.com/ Frame 990B 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=22e505047af2ac4526390b3d8af5fbe&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-103-61.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:46 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Thu, 20 Jan 2022 13:32:46 GMT
tpid=18f9ec1b-1eb1-06ed-3749-64ad8da96771
sync.crwdcntrl.net/map/c=194/tp=OPNX/ Frame 990B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=18f9ec1b-1eb1-06ed-3749-64ad8da96771
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=18f9ec1b-1eb1-06ed-3749-64ad8da96771
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
H2
Server
18.233.240.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-240-143.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.6.134
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=18f9ec1b-1eb1-06ed-3749-64ad8da96771
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usermatch.gif
beacon.krxd.net/ Frame 990B 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=22e505047af2ac4526390b3d8af5fbe
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.245.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-245-180.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1642617166
x-served-by
beacon-n025-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 990B
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=22e505047af2ac4526390b3d8af5fbe
  • https://thrtle.com/insync?vxii_pdid=22e505047af2ac4526390b3d8af5fbe&vxii_pid=12&vxii_pid1=10014&vxii_rcid=379cc914-9980-4990-8fc1-1d005d814424
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pdid=22e505047af2ac4526390b3d8af5fbe&vxii_pid=12&vxii_pid1=10014&vxii_rcid=379cc914-9980-4990-8fc1-1d005d814424
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
H2
Server
52.200.157.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-157-223.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
server
p3p
CP="NOI OUR BUS UNI COM NAV"
content-length
43
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?vxii_pdid=22e505047af2ac4526390b3d8af5fbe&vxii_pid=12&vxii_pid1=10014&vxii_rcid=379cc914-9980-4990-8fc1-1d005d814424
date
Wed, 19 Jan 2022 18:32:46 GMT
server
content-type
text/html; charset=utf-8
content-length
177
strict-transport-security
max-age=63072000; includeSubDomains
p3p
CP="NOI OUR BUS UNI COM NAV"
token
token.rubiconproject.com/ Frame 990B 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=22e505047af2ac4526390b3d8af5fbe&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ps.eyeota.net/match/bounce/ Frame 990B
Redirect Chain
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=22e505047af2ac4526390b3d8af5fbe
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=22e505047af2ac4526390b3d8af5fbe
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=22e505047af2ac4526390b3d8af5fbe
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=8%2C67%2C33%2C86%2C61%2C58%2C80%2C125%2C31%2C49&c=13200
Protocol
HTTP/1.1
Server
18.207.77.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-77-150.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=51mdg9u&uid=22e505047af2ac4526390b3d8af5fbe
Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 5FB0 		0
22 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GI92pdAODaw7Ppse+VZqpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-GI92pdAODaw7Ppse+VZqpQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-GI92pdAODaw7Ppse+VZqpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-GI92pdAODaw7Ppse+VZqpQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		2 KB
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3be09b57f4ddbc74f8d4e72fea0807bf03ac934a74d71e841309558aefde7b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 16:33:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 18:32:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 18:32:46 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:55:06 GMT
x-content-type-options
nosniff
age
452260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 12:55:06 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:30:29 GMT
x-content-type-options
nosniff
age
554537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 13 Jan 2023 08:30:29 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 07:31:32 GMT
x-content-type-options
nosniff
age
385274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 15 Jan 2023 07:31:32 GMT
v2rzkVmVkhL_bRexAzfixHUQ348RZsRUQxyKlzLMnvNI-PtfYdZRNuGDX0EPR7-pzKdpfrDWcduH2BhvDxQ
smoggysnakes.com/ 		201 B
613 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smoggysnakes.com/v2rzkVmVkhL_bRexAzfixHUQ348RZsRUQxyKlzLMnvNI-PtfYdZRNuGDX0EPR7-pzKdpfrDWcduH2BhvDxQ
Requested by
Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
51c3a1cc05ece372e5772e194f0e937fda42b662682417bf3a1cf9a68ae53246
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-us-east1
date
Wed, 19 Jan 2022 18:32:46 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-us-east1-qndz
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
201
expires
Wed, 19 Jan 2022 18:32:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0ADF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCyoWiFTa8RBH02LrrZ3qH1SwmGbLcxI3GCLk6bQE3Z1vI_M8x87h7k5W7SSmF_Nbk-HZIAKF-z_1EhKdWrAt41DicbZxsUIQrvSWyB0JcnEhruu0MDNBw_R30_uYWPJrSo9sQfO2EfD08Y8DUIxhS4UeOqJzJXFXLxG8O4-0bv_fRTKw38BmtAWoyOc0YS4m6_3wk_hvvdevrY3hL-PvdBg-oSos_FPKamGFET8QqRyWXu8zcQG_2a6yYba6QRw0fcirfBr3RYhBZX6OvNyoMXgdBHMk5QSUHdH4XPO3u9Xq-H3gMdPLmTVjWP6vXUO51GxoqoQHrCBsxR1jiemZTvn0IM5Rt61tKyrAc&sig=Cg0ArKJSzLDd14vR5P2DEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame 0ADF 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:26:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 0ADF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:29:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0ADF 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:32:46 GMT
l
www.google.com/ads/measurement/ Frame 0ADF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjXNK38LDiQ_v5w4GkVR6mr7S2QoVFXFAmEGKCOzRGPaTwxOazkXAVC9sMsngvXtNnYABKp-eJ-c_uEdJRebifM-RKoA
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
14271084143385003247
tpc.googlesyndication.com/simgad/ Frame 0ADF 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14271084143385003247
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885a0370d66dce2bbb28da1a0cd90d8a3a2489de1d5021690cd765592273e41f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 08:12:16 GMT
x-content-type-options
nosniff
age
469230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131644
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 22:29:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Jan 2023 08:12:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB89 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG8n-8_DnmP9-vO7gwgjSiOC1Wt0UNDgR1D44Lriqm_oGT77CqenJ25PEkSQanplY9lwD3RvqtVRRYRTsgZDLHFLwe32acsq1zCFbNbQAuvz62XiVhW42ZhvzrrCdsbTKDzz89xLsmqNuk8GLAXd-wzoQ_fjkbK4iK07fQ8VtotE7LauWN9S5v4UXt4DC8dQ9paRHYcTGvJU93jFVIeZfAFr_JtxqpxE98acY2N761AIfSYwx-nzIAWVL5g-TZOFxul9ajD0G7CxDN3vbBpGy5VjebgCmz4dWgzukLnwWZYrfXfkzVQALoLLJQ0QIM4OgreFeRGfkvDq09KX1K4KlE_CPe6zotJ4mK&sig=Cg0ArKJSzLpAjdNbQRbrEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame CB89 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:26:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame CB89 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 18:29:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB89 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:32:46 GMT
l
www.google.com/ads/measurement/ Frame CB89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxh-KBsOeulHpTBKgVsd2cJXH8XopjzqGx6qycaclcpVgJXdto3DsE8F9Oq_xhlXHfeIu2mcnlGkEZZVNQfE4bOVVgQQ
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
969439125598603234
tpc.googlesyndication.com/simgad/ Frame CB89 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/969439125598603234
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0878ac9d72ab07cb40807864943f8d8e79fc6bf1bff174b5f280dbdf4c45935c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 06:24:31 GMT
x-content-type-options
nosniff
age
216495
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32380
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 21:06:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Jan 2023 06:24:31 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=739c1ecd-3041-4fe3-b5e9-51779a7facb1&pageId=84798&pid=91828&slot=native&vid=05a5ddca-5454-4e5d-b728-c8d5b8e1be57&fv=931&ts=1642617166781&f=1&referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
connatix.player.js
cds.connatix.com/p/146566/ Frame CF0B
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/146566/connatix.player.js
1 MB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/146566/connatix.player.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df7146a147e356dcd91fda7cc92d50ebcf2b6e080667d3f426e06b7236fd1dd0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
br
last-modified
Wed, 19 Jan 2022 15:02:30 GMT
age
12417
etag
"b770492801146b308594bc42750e973d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
241130

Redirect headers

location
https://cds.connatix.com/p/146566/connatix.player.js
date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=b2b2b20a-555f-4290-bb6a-63f9e6caab4a&pageId=84798&pid=91829&slot=multislot&vid=95708d94-b808-445e-a2f8-e7fac4e14b84&fv=931&ts=1642617166790&f=1&referer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame A448 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e5d942221e5e5d42b6bf14ba6ce865881770cd344f51d53d6ff4329d285bb4c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|45|152|156|3|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 19 Jan 2022 18:32:46 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Length
1616
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 36BF 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=124567
expires
Fri, 21 Jan 2022 05:08:53 GMT
date
Wed, 19 Jan 2022 18:32:46 GMT
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame FF1F 		886 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-139-57.compute-1.amazonaws.com
Software
/
Resource Hash
04ab6bcb12a8a4f8289456b474b9b3d49a9cd81a4336279bb0ebc23c34d666d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
usync.html
eus.rubiconproject.com/ Frame 0BB5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 18:32:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame E598
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1DQ2J6REJkRTJ1S1ZRQTdkSW11a2lEWTVNVUpacE5xTH5B
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1DQ2J6REJkRTJ1S1ZRQTdkSW11a2lEWTVNVUpacE5xTH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
TMXQWJ56HN923XV164BK
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1DQ2J6REJkRTJ1S1ZRQTdkSW11a2lEWTVNVUpacE5xTH5B
age
0
server
ATS/9.1.0.33
cm
u.openx.net/w/1.0/ Frame D059 		722 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
70e4fc2a8979459134e1227b13e622f4fdf763ca397c53cc23e20b5ec11f2d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 19 Jan 2022 18:32:46 GMT
content-type
text/html
content-length
461
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dinitsync
crb.kargo.com/api/v1/ Frame FE9F 		0
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/dinitsync?partners=A9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.163.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-163-148.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Date
Wed, 19 Jan 2022 18:32:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Content-Length
0
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame 6BF1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
V655K1QGMVKQT0GW052S
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Wed, 19 Jan 2022 18:32:46 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=appnexus.com
AN-X-Request-Uuid
a6ae2356-d7ff-4a42-bd77-b292da728356
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 7FCA
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4673296360271624245
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4673296360271624245
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_ym_rbd_n-vmg_ox-db5_kg_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:47 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
SKETQ04KY4ZE1TX7AAZ9
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4673296360271624245
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/3f49be5a-bc89-48d8-b745-f51873a6c36f/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/3f49be5a-bc89-48d8-b745-f51873a6c36f/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7588b18d78fe7296996b2d76ce84458f66b4658078d891835907e88b5a5477d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2010
cf-polished
origSize=5659
status
200 OK
x-envoy-upstream-service-time
19
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
126f72ee-fc09-4736-9b36-c9557ed7d8c6
x-runtime
0.018467
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"14167002b77aa09a15ed70fe6de869a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6d0225ccee68714a-YUL
access-control-allow-headers
SDK-Version
expires
Wed, 19 Jan 2022 19:32:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DCA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1oyTaEgU546s98AxjyNbSbAPaE0ChX4wzMFORU71b-lW_h2AdCgzQXUPCdTmk8A9lttUIesTtuNMtY3JverzDszO_O8Bp2w-45GLRk5JhxMktx8B7s7UzAzn0iU08i2ajjerxl2TD2aehVrmUBW7Way_PsJVIOK8WWfbuouASD77nqJJ1zCBkGijgy-BaHJHeA76jEkjtDtvQo_Onz6AC6s42su4XUO2V8K_mXEZPwYgBGPAP05kSG3-wb4MLPm3-q0pVX6io4nsPFL0FonVe-BpJhcV9iRQxjVn8JxG4jjA1gtaAobUB2F8R57eZaTdV6GKRiOM80DdnjNIs1scC0NAt1h7hD0hgINo&sig=Cg0ArKJSzGqDAElH94B6EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 18:32:46 GMT
truncated
/ Frame DCA9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e103728733a60be279827e2e2fa2118f0370f48e09e9ee61e7c5d8f45b828058

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
swg-button.css
news.google.com/swg/js/v1/ Frame 5FB0 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 19:17:44 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=A... Frame 5FB0 		160 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
588c087a9f0927174091373b182e608acae9dc844426367290a3b9536a5590db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57503
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 08:50:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Tue, 17 Jan 2023 18:55:36 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0E60 		2 KB
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/92056281,4011/54098006&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=1248815&cust_params=sessionKey=214301471-2V78V_VWRlwMjkF0%26schain=sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w%26content=9687%26placementType=Premium%26embed=mvnxxcIU%26domain=chicagotribune.com%26player_size=large%26player_width=740%26player_height=416%26player_type=float%26version=65.21.11%26player_status=LVFNLNIY%26play_code=2008%26view100=1%26excl_cat=stl_id00189%26rand=13%26devicetype=desktop%26iris_context=undefined
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ce69a290657a84acc2fc481c50a39807521d77430e0c284e4eb83ba2726dfe39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
930
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E60A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-gr8xg2ZiA1x__SoK_XiQAGckZ-6P6Uuq_LJX-PI2L4zp73e5idd6PqtvbXYiNYtSZp4AcWJGG4eJlbRr3HWtvRsvsqiFFZBqN7AoOagO-1K5b5SH2wDwD-Sw0Xt46K6K9ebnHmo875F_0pm8s7l92g3oei1Aqbx9qdi9vmwKC3CjWRWoK2vc8edv5W78gKgxRpBA4CBqWT5_lCXpeca8CvhaIIjzPgxLwjtdJZXruoqVOy-uf_0b8NuT1_K7rUo9HJ52tp9cdBUzVYxGHaE-nLgu8cklWeFZKg6hsQcHaXaxTHvlOMvzzFvj-jQtd6-MgeAJdBVTRPAU26FIgfBlhcWFMc3u13jdwx9_FHo&sig=Cg0ArKJSzAi4LtCQ1ZhwEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 18:32:46 GMT
truncated
/ Frame E60A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56adbe07c82c9139b343257a7e0035220c0c0ace2e9ad38ebf8aea67fd88d725

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
iu3
s.amazon-adsystem.com/ Frame AACE 		275 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_an-db5_dmx_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f67f66cc748f595fa1a16ffa26cd6813fbcbc65cf901a421ff7b242a6febacb2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:47 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
275
Connection
keep-alive
x-amz-rid
GWDM1DE51TF2ZEMKTEGW
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
integrator.js
adservice.google.com/adsid/ Frame 0E60 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.chicagotribune.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
v2bejF9wZqpXmKHSHwXVTOf8W4GhOdPMyz-P7WcUikHL224XKsllThdfWy24wFmzUv0tDdJQ7gxdRM3QzRw
smoggysnakes.com/ 		3 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smoggysnakes.com/v2bejF9wZqpXmKHSHwXVTOf8W4GhOdPMyz-P7WcUikHL224XKsllThdfWy24wFmzUv0tDdJQ7gxdRM3QzRw
Requested by
Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.103.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-us-east1
date
Wed, 19 Jan 2022 18:32:47 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-us-east1-qndz
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
ecm3
s.amazon-adsystem.com/ Frame D059 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=52594d75-38e5-8b51-910d-15c1763ca3b5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W87JSHZMSBEHMFRX3FH5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D059
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YehZTgAABTHFZgAZ
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YehZTgAABTHFZgAZ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642617167.091218,VS0,VE0
x-served-by
cache-yul12820-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YehZTgAABTHFZgAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
9e48574c-b4e3-a2e2-60d4-81a3e158a51c
pr-bh.ybp.yahoo.com/sync/openx/ Frame D059 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/9e48574c-b4e3-a2e2-60d4-81a3e158a51c?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:7530:e049:6d41:d338 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame D059
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=0a8f3108-244f-30ab-5103-97561e0f6855&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c222d7c1-8acc-4e56-b834-86840521a4ea&ttd_puid=0a8f3108-244f-30ab-5103-97561e0f6855
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c222d7c1-8acc-4e56-b834-86840521a4ea&ttd_puid=0a8f3108-244f-30ab-5103-97561e0f6855
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c222d7c1-8acc-4e56-b834-86840521a4ea&ttd_puid=0a8f3108-244f-30ab-5103-97561e0f6855
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame D059 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjZlMGUyYzItZWQzOC02ZTBmLTQ0ZTMtY2RlZmQ0ZWRhNjM1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D059
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFKgMXlJgttIhwAc12q7yyM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFKgMXlJgttIhwAc12q7yyM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFKgMXlJgttIhwAc12q7yyM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 0BB5 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a148a5ed05b066010db63ac8960223775c52e0edea2967e5ae0168d3072214c7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33924
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Thu, 20 Jan 2022 03:58:11 GMT
rum
dsum-sec.casalemedia.com/ Frame A448
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c222d7c1-8acc-4e56-b834-86840521a4ea&expiration=1645209167&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c222d7c1-8acc-4e56-b834-86840521a4ea&expiration=1645209167&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c222d7c1-8acc-4e56-b834-86840521a4ea&expiration=1645209167&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame A448 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1KHF6EE2N0Q4DMKV90DE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A448
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC12LNl6GwAx8NLQrHlLbsA&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC12LNl6GwAx8NLQrHlLbsA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC12LNl6GwAx8NLQrHlLbsA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A448
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YehZTHaLvzfc9K6Athf.PwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGwZ2O0HUWWRXimUfV-I-iQ&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGwZ2O0HUWWRXimUfV-I-iQ&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGwZ2O0HUWWRXimUfV-I-iQ&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A448
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=237cc8d2-55aa-424f-9f19-cb7cfccf0873
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=237cc8d2-55aa-424f-9f19-cb7cfccf0873
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:47 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=237cc8d2-55aa-424f-9f19-cb7cfccf0873
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum.casalemedia.com/ Frame A448
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=968068c7-148e-4ffc-b8eb-2a78cfaf20ae
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=968068c7-148e-4ffc-b8eb-2a78cfaf20ae
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:47 GMT

Redirect headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:46 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=968068c7-148e-4ffc-b8eb-2a78cfaf20ae
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame A448
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ab0161e8-594e-4b00-90fe-576cb3984342
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ab0161e8-594e-4b00-90fe-576cb3984342
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:47 GMT

Redirect headers

Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
MT3 4133 baa842e master ord-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ab0161e8-594e-4b00-90fe-576cb3984342
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 Jan 2022 18:32:46 GMT
crum
dsum-sec.casalemedia.com/ Frame A448
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABB-E7D0LMAAEHRhEm97A&expiration=1643826767
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABB-E7D0LMAAEHRhEm97A&expiration=1643826767
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABB-E7D0LMAAEHRhEm97A&expiration=1643826767
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame A448 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WK5V2G8EQWFSQ0G4GV95
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0ADF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiPcL3fRAd3-ox-JZffZCrG0KuWXm6w1Aodht24Fhpx1xW-ioJNhVQs1fyWsswStD_vHCP1jAUxxAMRSf1afvr-qd0HYR1YORFxsHTDQ6z8dg-Mex-EY-Xm2CQ4FqtIOoM3o01xUbLqyzgnqIYiane9qJBOp2To8QtlKIKcfglTaKq-6T8LCapSUy8I1OnjwV3lrtrIWkwllv4-ei9-Goyfs6dWmFY3snm5BoyGK_zwK0QtzfLsXvpT3oB7ZK2Wl804RMlqW0DgJYgqU7cYKdyhCr1HmcxvuHnEz_Ub5vqpRwHaJqFL61D-2z-VGHUz-LN9l3ZVvdnMaxONI0OqgknBV4g-mtrsXMOW8Fe7EY&sig=Cg0ArKJSzGq9k1EvwrXPEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 18:32:47 GMT
truncated
/ Frame 0ADF 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f72f5b1326930b667eab20288f76b0ddfb0646ba79a8b33274fcf2fb619e552f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5FB0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:41:34 GMT
x-content-type-options
nosniff
age
111073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 11:41:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB89 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZdrIYPAuiLOf2L7EOsBKdnbz0GvsNMWByvaq49Vpbc8JlgTfbwh5wHCxGFFhY7pqwven39n-oWAZNPP_yMGdA5LqheHLWhLv0UE-ZJqLs1Avb61ua8OLZLSK-wGlGRdq5GcPfIImqj_Hc33eMQ4RZ6e9ZKka_9kKzwHH7XUtUSK5aU940iuhYsER6r3yZi_EfKzhgpCVM-cvH_utWJmjoi_XmUMv1k4V2aNRpOqrYLP7TYQgOOoiT6G9_ZHWZnh-zAuygCPZbQISAdOpymhMCkytGMTxSPdVb2ew-KslJ-EObY41oyCJLVMZqeshfNUY7d4zgLjcDj5ECTyFS2ku_JjqCyYpUtEqJD4Y&sig=Cg0ArKJSzIykcDqsR2R8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 18:32:47 GMT
truncated
/ Frame CB89 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c9fcb4cd145028b548ae0f64f0ca7cdcf13bee2df97bbba3c6c00c5603aecdc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame FF1F 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g83f266c2bdfa7a09754
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4GA8MG7T9Z1Y22YKWQJB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame FF1F
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=3616449762476959287&pn_id=an
0
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=3616449762476959287&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a681132c-2e1d-437b-8bc9-337db171e273
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
489c88f9-22ef-4854-8e26-35b6c9096a94
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=3616449762476959287&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame FF1F
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=yieldmo&ssp_user_id=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119561&expires=5&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=c537c1a7-8b12-48ac-8876-293826cb2880&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=c537c1a7-8b12-48ac-8876-293826cb2880&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.214.225.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-225-122.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=c537c1a7-8b12-48ac-8876-293826cb2880&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Wed, 19 Jan 2022 18:32:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame FF1F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=c222d7c1-8acc-4e56-b834-86840521a4ea
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=c222d7c1-8acc-4e56-b834-86840521a4ea
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.214.225.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-225-122.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=c222d7c1-8acc-4e56-b834-86840521a4ea
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame FF1F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=XNW61SFrQnxUHBiGnrx50ZU4mbs
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=XNW61SFrQnxUHBiGnrx50ZU4mbs
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.214.225.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-225-122.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=XNW61SFrQnxUHBiGnrx50ZU4mbs
Date
Wed, 19 Jan 2022 18:32:47 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame FF1F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=swO3BX3KC4Qh&ev=1&pn_id=pp&pid=561118
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=swO3BX3KC4Qh&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.209.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-139-57.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync-pp.ads.yieldmo.com/sync?userid=swO3BX3KC4Qh&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-775b5b88b7-s6czq
expires
-1
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L... Frame 5FB0 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L.B1.O/am=BAAQ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5AoLuD-W40xgL2bw6jCcSmvOucbw/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6e899a3d465133c5d1f2aa8bfcbf5dc1d27e78338e1090d45697325c81c6821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 04:53:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Tue, 17 Jan 2023 18:55:39 GMT
ecm3
s.amazon-adsystem.com/ Frame 0BB5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KYLVUKBY-X-FLXH
  • https://s.amazon-adsystem.com/ecm3?id=KYLVUKBY-X-FLXH&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KYLVUKBY-X-FLXH&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1J9D1RNF9S7VAKH09YSY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KYLVUKBY-X-FLXH&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,KUM7Z,ZfAoz,xQtZb,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L... Frame 5FB0 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L.B1.O/am=BAAQ/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5AoLuD-W40xgL2bw6jCcSmvOucbw/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,KUM7Z,ZfAoz,xQtZb,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
083b9eba039025fa98bb9203240e445c96785a091c507d9efaa317c1d2199c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38378
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 04:53:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Tue, 17 Jan 2023 18:55:39 GMT
player.css
cds.connatix.com/p/146566/ 		54 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/146566/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cc9f616bd372ae964eec0a11061ac73c070372be1f6442dda535b69b12cb28d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
br
last-modified
Wed, 19 Jan 2022 15:02:30 GMT
age
12417
etag
"de6f3533fb435fa3f7d0104764b594b6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8462
pr
s.amazon-adsystem.com/v3/ Frame BA06 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_an-db5_dmx_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
27c71dd1c6e6c880c9b09ddcdaec5d15c47904f3e52e23c1105f7af7e5b735a6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_an-db5_dmx_n-Outbrain

Response headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:47 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
1258
Connection
keep-alive
x-amz-rid
EEMQ9M16DNW1E3JMCJCE
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pls
capi.connatix.com/core/ Frame CF0B 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f882794de0be4e98685ad6394703e7f828b72adba0da7c839c0d6d684fecf7b4

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2646
tap.php
pixel.rubiconproject.com/ Frame 0BB5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ab0161e8-594e-4b00-90fe-576cb3984342&expires=28
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ab0161e8-594e-4b00-90fe-576cb3984342&expires=28
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Content-Type
image/gif

Redirect headers

Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
MT3 4133 baa842e master ord-pixel-x6 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ab0161e8-594e-4b00-90fe-576cb3984342&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 Jan 2022 18:32:46 GMT
tap.php
pixel.rubiconproject.com/ Frame 0BB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qCzMze_e1BR7LfL8so8f1w?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1581051695442616395
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1581051695442616395
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Content-Type
image/gif

Redirect headers

date
Wed, 19 Jan 2022 18:32:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1581051695442616395
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 0BB5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YehZTgAABTHFZgAZ
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YehZTgAABTHFZgAZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642617167.364526,VS0,VE0
x-served-by
cache-yul12820-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YehZTgAABTHFZgAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0BB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lMVlVLQlktWC1GTFhI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lMVlVLQlktWC1GTFhI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lMVlVLQlktWC1GTFhI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 0BB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYLVUKBY-X-FLXH&sigv=1&esig=2~0f51b59e827d1c03800141d2db700dfb8c3eed06
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYLVUKBY-X-FLXH&sigv=1&esig=2~0f51b59e827d1c03800141d2db700dfb8c3eed06
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYLVUKBY-X-FLXH&sigv=1&esig=2~0f51b59e827d1c03800141d2db700dfb8c3eed06
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0BB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWY1OWRhZTE0Mzc1Y2RhMDQyNTBiN2U4NWIwYWZhYTczZmYwZTFlNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWY1OWRhZTE0Mzc1Y2RhMDQyNTBiN2U4NWIwYWZhYTczZmYwZTFlNw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWY1OWRhZTE0Mzc1Y2RhMDQyNTBiN2U4NWIwYWZhYTczZmYwZTFlNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 0BB5 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tap.php
pixel.rubiconproject.com/ Frame 0BB5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c222d7c1-8acc-4e56-b834-86840521a4ea&gdpr=0&gdpr_consent=&expires=30
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c222d7c1-8acc-4e56-b834-86840521a4ea&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c222d7c1-8acc-4e56-b834-86840521a4ea&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
py5srvxk7cu3g9k61gi39m3dn1z1w7wz.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 0E60 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/py5srvxk7cu3g9k61gi39m3dn1z1w7wz.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50f185635a2b8a1d9eddc2f6086f3d5e8bb2fc9b3784b4374c4573ad1c8429ed

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 02:49:00 GMT
via
1.1 d3dab9ae8fe665c4fe0504e86b4de2fe.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:35:15 GMT
server
AmazonS3
age
56628
etag
"a95a6ccdfce9854cd7fe298e2b602218"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
27645
x-amz-cf-id
2XQm-Z5vXx1wO6TC1L8Nmlfpswpnt8MHp8fOn82WjPR7HHccjrYSig==
stn_trk.gif
s2l.sendtonews.com/ Frame 0E60 		26 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=2V78V_VWRlwMjkF0&instance=214301471&version=65.21.11&age=220119&ldt=IMA&key=mvnxxcIU&seq=1&order=4&recoveryMethod=SSAI&imaVersion=3.495.1&blocked=false&recovered=false
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.207.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-207-8.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
/
s.ad.smaato.net/c/ Frame BA06 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:5600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
YgvUB9YdYKNT6CVQ7TJlHhRJ4IlaMUUod0yBayXG-vGl3Oe_Z2LA5A==
x-cache
FunctionGeneratedResponse from cloudfront
ecm3
s.amazon-adsystem.com/ Frame BA06
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=AFA610033CEC41D099D2903D4862471D&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AFA610033CEC41D099D2903D4862471D&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HGKZWJN35F87KQGS1A50
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 19 Jan 2022 18:32:47 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=AFA610033CEC41D099D2903D4862471D&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 18 Jan 2022 18:32:47 GMT
q1915r4sp9672219s3sp06n5064o0s7pplaylist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ Frame 0E60 		291 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/q1915r4sp9672219s3sp06n5064o0s7pplaylist.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3df4337e1e17c20ba59a5551604f3d49df19ee829f46eed154f966055bb9af3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-cache
RefreshHit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Thu, 08 Apr 2021 04:34:46 GMT
server
AmazonS3
etag
"a29e85541e9c80aae51b6568dfc92eaf"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
xuTKFBVWHe-dZQvpPu0YGVo2LWWMX6rKVwmoLTzl4ysrWzPeipjZ2g==
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 5FB0 		369 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-7018638569743961705&bl=boq_subscribewithgoogleclientserver_20220117.13_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=66768&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e172099f3fb15b56035f7e15b6d5ac930ce8393b999d438173dc1385f5c69a1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1662 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 18:32:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame B7F9 		732 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
2a89e52f88d6e4b6c27bf7b6592e0f2858436a2ca39219e2fc62a92d1bc0d727

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 19 Jan 2022 18:32:47 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 93D0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
  • https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=districtm
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Wed, 19 Jan 2022 18:32:47 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
A87ARKTCGH9HA6FXDK8M
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Wed, 19 Jan 2022 18:32:47 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=3616449762476959287&ex=districtm
AN-X-Request-Uuid
01b8ef36-3eb6-4b14-924c-8897c300f857
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
index.html
cdn.districtm.io/ids/ Frame C84A
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-type
text/html
cf-ray
6d0225d1dd143ff7-YYZ
age
37484
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 966823a7f28e7642e7c3183040158274.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
CQMKP2axT6Ag-M7hG1z-R7Q7ng4av5zdKmEBCDdvlR67wR1YzHRFiA==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Wed, 19 Jan 2022 18:32:47 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6d0225d0cb4c3ff7-YYZ
cache-control
max-age=3600
expires
Wed, 19 Jan 2022 19:32:47 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L... Frame 5FB0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.kyxh-dd536U.L.B1.O/am=BAAQ/d=1/exm=COQbmf,DfBslb,KG2eXe,KUM7Z,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xQtZb,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5AoLuD-W40xgL2bw6jCcSmvOucbw/ee=cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5d3b280099658f3729cd13965738963c2d86fcc624912a7f9fdd8db269c52f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7278
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 04:53:36 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Tue, 17 Jan 2023 18:55:39 GMT
b05bb689-c3c8-43d9-8b65-01a0d3661666
https://www.chicagotribune.com/ Frame 0E60 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/b05bb689-c3c8-43d9-8b65-01a0d3661666
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
266f341b-a9b4-4358-bfe5-e94b7cdacb65
https://www.chicagotribune.com/ Frame 0E60 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/266f341b-a9b4-4358-bfe5-e94b7cdacb65
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
c1e879a9-6281-4952-92c0-1c084af727c9
https://www.chicagotribune.com/ Frame 0E60 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.chicagotribune.com/c1e879a9-6281-4952-92c0-1c084af727c9
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
ads
pubads.g.doubleclick.net/gampad/ Frame C6C7 		64 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2F54098006&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214301471-2V78V_VWRlwMjkF0%26schain%3Dsendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%26content%3D9687%26placementType%3DPremium%26embed%3DmvnxxcIU%26domain%3Dchicagotribune.com%26player_size%3Dlarge%26player_width%3D740%26player_height%3D416%26player_type%3Dfloat%26version%3D65.21.11%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00189%26rand%3D13%26devicetype%3Ddesktop%26iris_context%3Dundefined&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=60000&vrid=1254170&hl=en&cmsid=2460952&vconp=2&video_doc_id=1248815&vpa=auto&vpmute=true&cnc=4011&kfa=0&tfcd=0&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3012200687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=D0EA3C02-5FAB-4CD8-A40F-80C572FEF406&nel=1&eid=44738437&dt=1642617167438&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&correlator=3963842499980981&scor=2196138315269042&ged=ve4_td2_tt0_pd2_la2000_er793.224.1209.964_vi0.0.1200.1600_vp98_eb23275
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
405df4948e1f3bf99effba360c508b5f832dfddcb54963abf00509df103de4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5787
x-xss-protection
0
google-lineitem-id
5528052620,4909907024,5594600763
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138324621919,138256253392,138337489545
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sr
capi.connatix.com/tr/ Frame CF0B 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
sffe /
Resource Hash
eca3631f140d44043b030fa87263be6f3186d2035578d9bef7feb55895979a0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26991
x-xss-protection
0
server
sffe
etag
"1106 / 611 of 1000 / last-modified: 1642594075"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Jan 2022 18:32:47 GMT
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2_media.bin
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		520 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/2_media.bin?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3fa83cb7e565862aca7c40718b96a2befae23f74dd84709ae159809b4819614d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 14:20:22 GMT
age
735928
etag
"47d4be93320f33e9a469d8aed3242fda"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
378
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CF0B 		377 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4136d0d7197a842bce2936755c964243a25e0420f15071c8ee9493822aaf8c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 18:32:47 GMT
1.png
img.connatix.com/86a47210-1aa7-459f-bf13-d3e0a5356ab1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/86a47210-1aa7-459f-bf13-d3e0a5356ab1/1.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43fbbe355f40735e833eb1acd033f1cec8e3d31a8531c1ca1e7b0a1c6e5a66fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
br
age
2358348
etag
"gAc/2Gc+fM9aq8w88fxHelKEyBKnYhPyN9WrKOAo8uQ"
access-control-max-age
86400
fastly-io-info
ifsz=47782 idim=1200x472 ifmt=png ofsz=19690 odim=1200x472 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
18916
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3df021565052754a778cf6ebe173497f87%26pname%3dBeeswax%26cid%3d4364f889-b376-11e9-b4d2-06948...
  • https://cks.connatix.com/cks?pid=15&ev=f021565052754a778cf6ebe173497f87&pname=Beeswax&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=AABB-E7D0LMAAEHRhEm97A
132 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=f021565052754a778cf6ebe173497f87&pname=Beeswax&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=AABB-E7D0LMAAEHRhEm97A
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d59f78249615f8cc8b7f29deed1574a3196ecd89f6bf378b79a59871d3a05ec0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
132
retry-after
0

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=f021565052754a778cf6ebe173497f87&pname=Beeswax&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=AABB-E7D0LMAAEHRhEm97A
Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://cks.connatix.com/cks?pid=19&uid=c222d7c1-8acc-4e56-b834-86840521a4ea&ttl=1645209167
146 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=c222d7c1-8acc-4e56-b834-86840521a4ea&ttl=1645209167
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5890823e225cc14b81fd6fd92d66b2d4985093512dd7a8646c025e370295f3bb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cks.connatix.com/cks?pid=19&uid=c222d7c1-8acc-4e56-b834-86840521a4ea&ttl=1645209167
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3df021565052754a778cf6ebe173497f87%26pname%3dAppNexus%26cid%3d4364f889-b376-11e9-b4d2-06948452ae1a%26uid%3d%24UID
  • https://cks.connatix.com/cks?pid=6&ev=f021565052754a778cf6ebe173497f87&pname=AppNexus&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=3616449762476959287
128 B
162 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=f021565052754a778cf6ebe173497f87&pname=AppNexus&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=3616449762476959287
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
680d52d4b962b9cb99efcf5a65629bdf50b9edf6a177df10a1b61c3714a70f0a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
128
retry-after
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f9ee1f67-539b-4b21-8289-6cba2e3dbb17
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cks.connatix.com/cks?pid=6&ev=f021565052754a778cf6ebe173497f87&pname=AppNexus&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=3616449762476959287
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3df021565052754a778cf6ebe173497f87%26pname%3dSpotX%26cid%3d4364f889-b376-11e9-b4d2...
  • https://cks.connatix.com/cks?pid=10&ev=f021565052754a778cf6ebe173497f87&pname=SpotX&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=3298609f-7956-11ec-992c-18f0df000003
146 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=10&ev=f021565052754a778cf6ebe173497f87&pname=SpotX&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=3298609f-7956-11ec-992c-18f0df000003
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b8f8f90930f67c0db40f428dc26b0e92e018f9410276e001b9da0b30f5cc7619

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

Date
Wed, 19 Jan 2022 18:32:47 GMT
Server
nginx
Location
https://cks.connatix.com/cks?pid=10&ev=f021565052754a778cf6ebe173497f87&pname=SpotX&cid=4364f889-b376-11e9-b4d2-06948452ae1a&uid=3298609f-7956-11ec-992c-18f0df000003
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
242
Connection
keep-alive
Content-Length
0
envelope
api.rlcdn.com/api/identity/ 		0
13 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1436
Requested by
Host: tribune-chicagotribuneclassic.zeustechnology.com
URL: https://tribune-chicagotribuneclassic.zeustechnology.com/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
q1915r4sp9672219s3sp06n5064o0s7p.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 0E60 		539 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/q1915r4sp9672219s3sp06n5064o0s7p.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
951187dfd48bc4b69e7184db9465f6f2579025c0ac22fdee670c0640c716feab

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-cache
RefreshHit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
539
last-modified
Thu, 08 Apr 2021 04:35:06 GMT
server
AmazonS3
etag
"62ab64fd40c35f06d4edf2a9b4c33817"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
89DV-rE048saqy3nXSUXIIa4XjwJSMtF9Alw_oPJ-7pQj48PY1SBXA==
log
play.google.com/ Frame 5FB0 		131 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 5FB0 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 19 Jan 2022 18:32:47 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 5FB0 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 19 Jan 2022 18:32:47 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 5FB0 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.6n0aLqJ1fQE.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6Dm4MB3rmHMPEQTYVj8X7rX6xj1g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 19 Jan 2022 18:32:47 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ao
capi.connatix.com/tr/ Frame CF0B 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
g
capi.connatix.com/rtb/ Frame CF0B 		124 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
904c0259b4288465428ba044c7bea47f726db94beada0c833f3d25859a379354

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
132
ps
capi.connatix.com/tr/ Frame CF0B 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
1_th.jpg
img.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/1_th.jpg?crop=550:309,smart&width=550&height=309&format=jpeg&quality=60&fit=crop
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa88731d3dfcba3466dd05250f89afb97ea729d2787d08929e41d23b23184ff0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
br
age
907100
etag
"ex354f7syFr/P56CDjh+QQbIWdgH4rDowfDQyg1LBU8"
access-control-max-age
86400
fastly-io-info
ifsz=11736 idim=375x212 ifmt=jpeg ofsz=9039 odim=375x211 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
8667
usync.js
eus.rubiconproject.com/ Frame 1662 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a148a5ed05b066010db63ac8960223775c52e0edea2967e5ae0168d3072214c7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33924
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Thu, 20 Jan 2022 03:58:11 GMT
ecm3
s.amazon-adsystem.com/ Frame B7F9 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=52594d75-38e5-8b51-910d-15c1763ca3b5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
512TR6WRAQHN7JKCN7WM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame B7F9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=244bb281-fc25-0ae2-0224-565c89ac9c3c
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=244bb281-fc25-0ae2-0224-565c89ac9c3c&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=244bb281-fc25-0ae2-0224-565c89ac9c3c&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
0
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=244bb281-fc25-0ae2-0224-565c89ac9c3c&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=244bb281-fc25-0ae2-0224-565c89ac9c3c&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
date
Wed, 19 Jan 2022 18:32:47 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame B7F9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=5f494e6e-e908-06cb-0e7a-17a52794098d
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=5f494e6e-e908-06cb-0e7a-17a52794098d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=5f494e6e-e908-06cb-0e7a-17a52794098d
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=5f494e6e-e908-06cb-0e7a-17a52794098d
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame B7F9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3616449762476959287
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3616449762476959287
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
581d09c9-a41b-4bdb-8757-46f2c9fa165b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3616449762476959287
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B7F9 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=52594d75-38e5-8b51-910d-15c1763ca3b5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KY0QCK6M0RQNCB55HKFA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B7F9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8234736566488735343&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8234736566488735343&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8234736566488735343&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ads
pubads.g.doubleclick.net/gampad/live/ Frame C6C7 		156 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F3379%2Fvideosyndication.dart%2Fpremium%2FSendToNews&description_url=chicagotribune.com&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&env=vp&output=xml_vast4&ad_rule=0&correlator=3963842499980981&tfcd=0&npa=0&gdfp_req=1&sz=640x480&cmsid=1495&unviewed_position_start=1&vid=56aaa19b94c05f333a000000&min_ad_duration=00000&max_ad_duration=30000&cust_params=syndication_url%3Dchicagotribune.com&cust_params=syndication_url%3Dchicagotribune.com&vconp=2&vpa=auto&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3012200687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=D0EA3C02-5FAB-4CD8-A40F-80C572FEF406&nel=1&eid=44738437&dt=1642617167725&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&scor=2196138315269042&fbidx=-1&ged=ve4_td3_tt1_pd3_la3000_er793.224.1209.964_vi0.0.1200.1600_vp98_ts1_eb23275
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid4.43.0-4.js
cds.connatix.com/p/plugins/ Frame A215 		381 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
48690aaa6fff4d84b3d1de64a8ec77ed01ca244492e10fb776c794ba6c171639

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 15:13:51 GMT
age
3677930
etag
"e0908e656154cdf7c73f3852e04c6ceb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
105742
q1915r4sp9672219s3sp06n5064o0s7p-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 0E60 		560 KB
561 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/q1915r4sp9672219s3sp06n5064o0s7p-00001.ts
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7266a97365b32d93471ea7b4bb67e55de3e81baf143aff04121194f819837fb9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-disposition
attachment
content-length
573776
last-modified
Thu, 08 Apr 2021 04:35:05 GMT
server
AmazonS3
etag
"26ef3e4b535c68406f1bc3e9c42aba35"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
wl2VTs4LoOT8AabRwZSU8S_NuQWlBu89EODIP1L2xhiQnLPjZgxNOg==
playlist.m3u8
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		309 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/playlist.m3u8?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 19:48:13 GMT
age
3586680
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame C84A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
via
1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
57426
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
IAD89-C2
cf-ray
6d0225d27eb13ff7-YYZ
x-amz-cf-id
1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires
Fri, 21 Jan 2022 18:32:47 GMT
us
capi.connatix.com/core/ Frame CF0B 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
us
capi.connatix.com/core/ Frame CF0B 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
0.m3u8
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/0.m3u8?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db9e0c4651c1e479da83b85c6cc2745131ed2fb0f865ebdea39259bf12c49fc2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 19:48:13 GMT
age
731330
etag
"aba2f15420e7700e6fc27d6c78723e4a"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1102
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 64A3 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 01:48:06 GMT
expires
Sun, 15 Jan 2023 01:48:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
405881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame CF0B 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 18:32:47 GMT
integrator.js
adservice.google.com/adsid/ Frame CF0B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame E185 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 01:48:06 GMT
expires
Sun, 15 Jan 2023 01:48:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
405881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame E1DF 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 01:48:06 GMT
expires
Sun, 15 Jan 2023 01:48:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
405881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0.mp4
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/0.mp4?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e74b4a43cf679980ff1ddf614a8f75621937e4bb44e030bd9adda76278b8a9d8

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-1330

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
last-modified
Fri, 03 Apr 2020 19:48:12 GMT
age
3345560
etag
"32bcf7dade23da81883f94cd87bdc84f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1330/11027461
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1331
us
capi.connatix.com/core/ Frame CF0B 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
us
capi.connatix.com/core/ Frame CF0B 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.chicagotribune.com%2F&domain=www.chicagotribune.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.chicagotribune.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
2179
date
Wed, 19 Jan 2022 18:32:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame A215
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.chicagotribune.com%2F&domain=www.chicagotribune.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=d_hRSnw2eTRXSlRzWGZTZWxsQ0UyaUdid2hNK3FTWFZPQVdkU3d5eFZ3NVkyOHZ3Z1RDUHJFdThhZHo1NndNL1lCOHJRamF0TVBJQkxmc2h4WE1JTWhMMWl2TUdMbjgrRVIwcG9nYVlNMHZGTHRmZHNSbFpKVTZHRmVPck...
355 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=d_hRSnw2eTRXSlRzWGZTZWxsQ0UyaUdid2hNK3FTWFZPQVdkU3d5eFZ3NVkyOHZ3Z1RDUHJFdThhZHo1NndNL1lCOHJRamF0TVBJQkxmc2h4WE1JTWhMMWl2TUdMbjgrRVIwcG9nYVlNMHZGTHRmZHNSbFpKVTZHRmVPckEyVDBRZm1wakRtZE1kV0RKUThoQWhQNzIxTjhydy9TSVlacVM2b1hmb2ZveThpMGUyYkpxTWdNQm0vc3RpZ25RMGw5M0VUcFJVOTZ0eDZ1dTVscFVaMlR2SEx4R1FYQTB0bzJXN20rc2VRQm9FTC9qNXRqOVIrNHBHRlN6dlQ1aG94b2kzclQ3fA&cppv=2
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
b09381440d0772c2389d038fd14d5eed2557ab4f8b49c59ba8a92a8aabd968f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2997
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
location
https://mug.criteo.com/sid?cpp=d_hRSnw2eTRXSlRzWGZTZWxsQ0UyaUdid2hNK3FTWFZPQVdkU3d5eFZ3NVkyOHZ3Z1RDUHJFdThhZHo1NndNL1lCOHJRamF0TVBJQkxmc2h4WE1JTWhMMWl2TUdMbjgrRVIwcG9nYVlNMHZGTHRmZHNSbFpKVTZHRmVPckEyVDBRZm1wakRtZE1kV0RKUThoQWhQNzIxTjhydy9TSVlacVM2b1hmb2ZveThpMGUyYkpxTWdNQm0vc3RpZ25RMGw5M0VUcFJVOTZ0eDZ1dTVscFVaMlR2SEx4R1FYQTB0bzJXN20rc2VRQm9FTC9qNXRqOVIrNHBHRlN6dlQ1aG94b2kzclQ3fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2380
content-length
509
expires
0
mvo
tag.1rx.io/rmp/230257/0/ Frame A215 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame A215 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame A215 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/230257/0/ Frame A215 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/230257/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
buyers
dmx.districtm.io/s/v1/ Frame C84A 		504 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eda494584c9f29d8d5eb0e34b7ae64ea4ed785b690de8d436adaaac43713fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d0225d3e97e3ff7-YYZ
access-control-allow-headers
Origin, Content-Type
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A352 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:58:55 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 46F3 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:58:55 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FB8A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:58:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DCA9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWLctKUvwl6raOyZsVNTflbAHUWePnOI1XJdpiyXE3eevRdT9nnGHt-8xftxPJ5X3wEkxPNYGLTpRGKVy65qidXYgNisB_AyMdDbfq7Z6GPUDxgNsD&sig=Cg0ArKJSzGReLmG1k3EpEAE&id=lidar2&mcvt=1051&p=748,1056,998,1356&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3312930438&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642617166318&rpt=547&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.mp4
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		116 KB
116 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/0.mp4?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09914fb1e88b57561d64915978b0a6064c3e964e3e68dd33e0d006f52c3272e7

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1331-120290

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
last-modified
Fri, 03 Apr 2020 19:48:12 GMT
age
3345560
etag
"32bcf7dade23da81883f94cd87bdc84f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1331-120290/11027461
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
118960
SPug
simage4.pubmatic.com/AdServer/ Frame C3FE 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159890&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159890&s=&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame E60A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2klhyPfuISpVV0E2POkgePdX_bv-xFpzxWYBXC_EPIcipxkHawUl3v33TSer5-tu3TOifL27dP4R2cFGxELpQ-smr__lfLSnS7a3FxuJPMP9LXZE6&sig=Cg0ArKJSzBXRJMmwQrYXEAE&id=lidar2&mcvt=1016&p=1072,1056,1322,1356&mtos=0,0,1016,1016,1016&tos=0,0,1016,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=0.51&app=0&itpl=3&adk=3312938924&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642617166461&rpt=504&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
dmx.districtm.io/s/10001/ Frame C84A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://dmx.districtm.io/s/10001/abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
106 B
176 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2327e157e0a35b98e49e5e3cc190d494f1308f74b4d013500f132f37339df17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 19 Jan 2022 18:32:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d0225d4dbea3ff7-YYZ

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
y-WnnyR39E2uG7KgxehjTlOkWP1Hl_jrF5AqgL1Pw-~A
dmx.districtm.io/s/10057/ Frame C84A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://dmx.districtm.io/s/10057/y-WnnyR39E2uG7KgxehjTlOkWP1Hl_jrF5AqgL1Pw-~A
100 B
155 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-WnnyR39E2uG7KgxehjTlOkWP1Hl_jrF5AqgL1Pw-~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db24d9fda9ac59e3c2d919d0d5e78fa9adc765566bfdee74aa1fa0d5b8ac8832
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 19 Jan 2022 18:32:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d0225d4ec013ff7-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10057/y-WnnyR39E2uG7KgxehjTlOkWP1Hl_jrF5AqgL1Pw-~A
date
Wed, 19 Jan 2022 18:32:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
56b36cc4-6da5-4c7e-944c-a67b1c0f5738
dmx.districtm.io/s/10059/ Frame C84A
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/56b36cc4-6da5-4c7e-944c-a67b1c0f5738
92 B
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/56b36cc4-6da5-4c7e-944c-a67b1c0f5738
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0192b32f7dede66f038286641d89b7254738b847ce0b4151bdcbb5c4ac332606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 19 Jan 2022 18:32:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d0225d5dd933ff7-YYZ

Redirect headers

location
https://dmx.districtm.io/s/10059/56b36cc4-6da5-4c7e-944c-a67b1c0f5738
date
Wed, 19 Jan 2022 18:32:48 GMT
content-length
0
c537c1a7-8b12-48ac-8876-293826cb2880
dmx.districtm.io/s/10009/ Frame C84A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=23valvCWDbkcpseyhnzgBmkTb37
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=districtm&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=districtm&gdpr=0&user_id=JQjKHCYAmhQ-DZxCcFuCHSVbnR0-CZYRdwxEMqo4
  • https://dmx.districtm.io/s/10009/c537c1a7-8b12-48ac-8876-293826cb2880
92 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/c537c1a7-8b12-48ac-8876-293826cb2880
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20bc275111a5ae7955099dcc60403f8e432642886dae6e6f1ad452d30cec73c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 19 Jan 2022 18:32:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d0225d67ec13ff7-YYZ

Redirect headers

Location
//dmx.districtm.io/s/10009/c537c1a7-8b12-48ac-8876-293826cb2880
Date
Wed, 19 Jan 2022 18:32:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
641253725093
dmx.districtm.io/s/10022/ Frame C84A
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
  • https://dmx.districtm.io/s/10022/641253725093
68 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10022/641253725093
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae8649a0b56e9d46ab21a754038f2f8d7dadd18c426efe3f38dd398c1710dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Wed, 19 Jan 2022 18:32:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d0225d5edc43ff7-YYZ

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dmx.districtm.io/s/10022/641253725093
0.mp4
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		221 KB
221 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/0.mp4?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ff73cad857395688f746b261fc822517535fe99ea76d723b0e0ae754540fe62

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=120291-346682

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
last-modified
Fri, 03 Apr 2020 19:48:12 GMT
age
3345560
etag
"32bcf7dade23da81883f94cd87bdc84f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 120291-346682/11027461
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
226392
truncated
/ Frame C6C7 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=d_hRSnw2eTRXSlRzWGZTZWxsQ0UyaUdid2hNK3FTWFZPQVdkU3d5eFZ3NVkyOHZ3Z1RDUHJFdThhZHo1NndNL1lCOHJRamF0TVBJQkxmc2h4WE1JTWhMMWl2TUdMbjgrRVIwcG9nYVlNMHZGTHRmZHNSbFpKVTZHRmVPckEyVDBRZm1wakRtZE1kV0RKUThoQWhQNzIxTjhydy9TSVlacVM2b1hmb2ZveThpMGUyYkpxTWdNQm0vc3RpZ25RMGw5M0VUcFJVOTZ0eDZ1dTVscFVaMlR2SEx4R1FYQTB0bzJXN20rc2VRQm9FTC9qNXRqOVIrNHBHRlN6dlQ1aG94b2kzclQ3fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1128
date
Wed, 19 Jan 2022 18:32:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6C7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BAVzTT1noYe6AHYTWogaIlawY1PqrkUYAAAAQASDRvbc9OAFY3_SopoMEYMkGsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gH3AWh0dHBzOi8vd3d3LmNoaWNhZ290cmlidW5lLmNvbS9lbnRlcnRhaW5tZW50L3RoZWF0ZXIvcmV2aWV3cy9jdC1lbnQtb2tsYWhvbWEtYnJvYWR3YXktdG91ci1jaGljYWdvLXJldmlldy0yMDIyMDExMy1vdmZxcHRlY3NuYnQ1b3NreXVpb2MycWE3bS1zdG9yeS5odG1sP3NwTWFpbGluZ0lEPTc4MzkxMjQmc3BVc2VySUQ9TkRZMU1UVTVNak0xT0RVeVMwJnNwSm9iSUQ9MTQyMDY1NzQxNyZzcFJlcG9ydElkPU1UUXlNRFkxTnpReE53UzKYAuBdwAIC4AIA6gISLzkyMDU2MjgxLzU0MDk4MDA2-AL_0R6QA6QDmAPQBagDAeAEAdIFBhCMx_3LFJAGAaAGJKgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx7SCAcIgGEQARgd2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=CczDca20Zwc&label=videoplayfailed303&acvw=[VIEWABILITY]&sdkv=h.3.495.1&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1MjgwNTI2MjBA3AFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
643298
vid.springserve.com/vast/ Frame C6C7 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/643298?url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2&cb=2142615739&desc=Jennifer+Lawrence+Is+a+Surprisingly+Good+Mime&ic=IAB17&ap=0&vid=1248815&did=&r=13&keyword=&content=9687&w=740&h=416&bid=&adunitid=92113961&play_code=2008&player_size=large&level1=general&level2=entertainment&player_type=float&owner=conde_nast&ad_rule=0&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&ad_key=&stn_domain=chicagotribune.com&iris_context=undefined&iris_id=&conde_nast_contentid=56aaa19b94c05f333a000000&gdpr=&consent=&us_privacy=${US_PRIVACY}&coppa=0&gdpr=&consent=&us_privacy=&coppa=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.14.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-14-89.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bb9e9435d0cc948f3a1fc9728eb49542f481e0b1686f68d3ac6670dbf500f2b9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Wed, 19 Jan 2022 18:32:48 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame CB89 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudiJuVQ21KR7mvQ8IkTewaKCKCzaFiHsx5U2zCXxnxV_KvPdZtr2sNImuCCa8DI2QF4pVeF0M9QZJIeRwMjNfV7uNbBapnSMXygFqoA4my3NbWGb7f&sig=Cg0ArKJSzFeh1JuMGW8QEAE&id=lidar2&mcvt=1114&p=246,436,336,1164&mtos=1114,1114,1114,1114,1114&tos=1114,0,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1189824159&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642617166753&rpt=377&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C6C7 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kylvulzy&c=4731811772614&slotId=2365905886307&qqid=CK7kk-a5vvUCFQSryAodiAoLAw&gqid=T1noYf2JHMe-yQOzp5eQCA&fb=ima_html5-lima&sdkv=h.3.495.1&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44738437&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6C7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BL4jFT1noYdaVIoTWogaIlawYk4PO7UUAAAAQASDRvbc9OAFY0IPchYMEYMkGsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gH3AWh0dHBzOi8vd3d3LmNoaWNhZ290cmlidW5lLmNvbS9lbnRlcnRhaW5tZW50L3RoZWF0ZXIvcmV2aWV3cy9jdC1lbnQtb2tsYWhvbWEtYnJvYWR3YXktdG91ci1jaGljYWdvLXJldmlldy0yMDIyMDExMy1vdmZxcHRlY3NuYnQ1b3NreXVpb2MycWE3bS1zdG9yeS5odG1sP3NwTWFpbGluZ0lEPTc4MzkxMjQmc3BVc2VySUQ9TkRZMU1UVTVNak0xT0RVeVMwJnNwSm9iSUQ9MTQyMDY1NzQxNyZzcFJlcG9ydElkPU1UUXlNRFkxTnpReE53UzKYApAowAIC4AIA6gISLzkyMDU2MjgxLzU0MDk4MDA2-AL_0R6QA6QDmAPQBagDAeAEAdIFBhDQ-JylEpAGAaAGJKgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx7SCAcIgGEQARgd2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=l4Ckopl6sUg&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.495.1&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C6C7 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0ckNsNLYMIF1Gb-Q7H5W3max5b-b3y-FP13YCqoapUvceInIU_7c-bDBUkEkhlsFx8_yZhTChiu2sUJ8IFuX1Z5RUwFF5G1JMqM3wfSM9cLcNnBbEezoD4F3QphtzP73hmcvWfxqNDoapJNjAQ3TLVppDsqYRnnpaVT8sCc4PSzm5Ase9dWusE-2I5M1D814A0Ux3ZmoEqHJLmopH1Ay0ItEz34RsKE7L9DIV9RxQYWN2mZH7eX63pjRmDlH-sfhI-5rKtw5Jw-52pc7zy4YTct87sucrMiJ55uobvSGv6mql_8-K_VpqUp0JNuYU2wE&sig=Cg0ArKJSzAIU-0Elsf0UEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.495.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjQ5MDk5MDcwMjQyDDEzODI1NjI1MzM5MkDcAQpPCAESE3ZpZC5zcHJpbmdzZXJ2ZS5jb20aC1NwcmluZ1NlcnZlIAMqBVZQQUlEQLUBUh0lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 80AF 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd099208b93569f53d0436fdac3b7536b17dfcff8a69af65e5b776bc8a570206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18581
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 19:35:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:34:46 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 64A3 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8749%2C4011%2FTribune&description_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1690632939365795&sdkv=h.3.495.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1464894132&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=87E805D4-E43A-4A6C-8F8C-B9C7142DD7F8&nel=1&eid=44737475%2C44744588&top=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&loc=about%3Ablank&dt=1642617168374&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&scor=3715288965455471&ged=ve4_td1_tt0_pd1_la1000_er2336.441.2494.747_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
9cff98dc251e9b39b595276929c85b751c7fab28a8b077374632c1901fc7a9a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7468
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.mp4
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		150 KB
150 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/0.mp4?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
207a80f66469eeeecfb0555abf54eb5f40efa921903c0f2e129cf0955fb98268

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=346683-499810

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
last-modified
Fri, 03 Apr 2020 19:48:12 GMT
age
3345561
etag
"32bcf7dade23da81883f94cd87bdc84f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 346683-499810/11027461
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
153128
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
198
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6d0225d68f754bb9-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 18 Feb 2022 18:32:48 GMT
vpaid_99304143.js
vpaid.springserve.com/production/ Frame 80AF 		499 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_99304143.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:da00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05759c56fd37bf9c521547bd3ece71410a9410379afa4a1d72efe91ce638ab32

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:00:43 GMT
content-encoding
br
last-modified
Fri, 14 Jan 2022 15:52:40 GMT
server
AmazonS3
age
102726
etag
W/"11eb39eae297f2408c060c04a8104958"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4667374d732461e741437d79cda68ba0.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
ejkUcY28jZnaAt3u30Hg02oYocDjBsXhDOI4rKd8fzYVXEFXZE92Fw==
0.mp4
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		44 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/0.mp4?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68186ed6736de5e1bded858e95fe66bc7942b8243e5127947bfefa46cfca907a

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=499811-544468

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
last-modified
Fri, 03 Apr 2020 19:48:12 GMT
age
3345561
etag
"32bcf7dade23da81883f94cd87bdc84f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 499811-544468/11027461
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
44658
0.mp4
vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ Frame CF0B 		217 KB
218 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/0.mp4?playerId=86a47210-1aa7-459f-bf13-d3e0a5356ab1
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
486df4dc8b49fe2995950a5f0b60c6356d531486ee4b218412d71e28ac3f2d95

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=544469-767111

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
last-modified
Fri, 03 Apr 2020 19:48:12 GMT
age
3345561
etag
"32bcf7dade23da81883f94cd87bdc84f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 544469-767111/11027461
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
222643
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
users
dmx.districtm.io/s/v1/ Frame C84A 		0
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d0225d7b94c3ff7-YYZ
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
cf-ray
6d0225d72c411788-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
229636
search.spotxchange.com/openrtb/2.3/dados/ Frame 80AF 		0
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229636
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
x-spotx-timing-transform
0.000370
x-spotx-timing-spotmarket
0.057909
x-spotx-timing-page-require
0.000584
x-fe
009
x-spotx-timing-page-misc
0.007712
x-spotx-timing-page-cookie
0.000029
x-spotx-timing-page
0.068650
pragma
no-cache
x-spotx-timing-page-context
0.000451
last-modified
Wed, 19 Jan 2022 18:32:48 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.057909
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000018
x-spotx-timing-page-mux
0.001576
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ Frame 80AF 		2 KB
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F92056281%2FSTN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill&type=all
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c27b1292e8242baa87e1b5a5a6d4aeeb76618fadc97c715b5d0249e803cf8768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
812
x-xss-protection
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 80AF 		288 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.41.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-41-144.compute-1.amazonaws.com
Software
/
Resource Hash
49ba0de84483504c384641f4cd8bd04988377587639b935f53681b75b1adcd85

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
246
expires
0
translator
hbopenbid.pubmatic.com/ Frame 80AF 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
as-sec.casalemedia.com/ Frame 80AF 		46 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?fn=indexResponsefb8fd86f27&v=8.8&s=305079&r=%7B%22id%22%3A%22fb8fd86f27%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A740%2C%22h%22%3A416%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A7%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22g4nkrAVSzVCp8H-G4jRi5w%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%22%24%7BUS_PRIVACY%7D%22%7D%7D%7D
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4ee5647d5c3226ab9b4eb16f26ccc14aa8243f45c45b7e250aa5154d0da88ecd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:48 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58
X-AK-CLIENT-GEO
19
Expires
Wed, 19 Jan 2022 18:32:48 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 80AF 		165 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3edaf427cc899b4afa99dcdc1c01dd8966b27f3bc1066490f62e53e2abfcca88
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:48 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5db84e14-27da-4569-bbf5-c1cc0426c63d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
165
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
sendtonews-d.openx.net/v/1.0/ Frame 80AF 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sendtonews-d.openx.net/v/1.0/avjp?auid=540141285&url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vht=416&vwd=740&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A740%2C%22h%22%3A416%7D%7D%5D%7D&be=true&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&us_privacy=${US_PRIVACY}&c.p=general&c.p2=entertainment&c.schain=1.0%2C1!sendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%2C1%2C%2C%2C
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame BFB6 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66edb824bc7ae85906a0d36ddad0a4022527ddeb318870732609a71d85b4213a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16294
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 19:35:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:47:48 GMT
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
cf-ray
6d0225d82e291788-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
users
dmx.districtm.io/s/v1/ Frame C84A 		0
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d0225d88ad33ff7-YYZ
access-control-allow-headers
Origin, Content-Type
ecm3
s.amazon-adsystem.com/ Frame C84A
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qTjJZV3gyUTFkRVltdGpjSE5sZVdodWVtZENiV3RVWWpNMyJ9.khIU9gQAojtN87qLFeaT_g...
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qTjJZV3gyUTFkRVltdGpjSE5sZVdodWVtZENiV3RVWWpNMyJ9.khIU9gQAojtN87qLFeaT_g0GsD_QMt9DQAxOODWwfGkOo8xCYPAF82O094a3YmmtGWoZT3A8uWEmvH7PHu472A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_n-simpli.fi_rbd_ox-db5_dm_dmx_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9DTVNSH34XE25CX4T4G5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 19 Jan 2022 18:32:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qTjJZV3gyUTFkRVltdGpjSE5sZVdodWVtZENiV3RVWWpNMyJ9.khIU9gQAojtN87qLFeaT_g0GsD_QMt9DQAxOODWwfGkOo8xCYPAF82O094a3YmmtGWoZT3A8uWEmvH7PHu472A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d0225d82a1a3ff7-YYZ
access-control-allow-headers
Origin, Content-Type
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BFB6 		377 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4136d0d7197a842bce2936755c964243a25e0420f15071c8ee9493822aaf8c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 18:32:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BFB6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.8130890953803576&wt=1642617168707&sdkv=h.3.495.1&xai=undefined&url=3,https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame C106 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 01:48:06 GMT
expires
Sun, 15 Jan 2023 01:48:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
405882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame BFB6 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 18:32:48 GMT
integrator.js
adservice.google.com/adsid/ Frame BFB6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.chicagotribune.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B1FC 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:58:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e22df4207409d7ca862a0d6ccec223fef2aae82791751e1ba15b60c5267fe93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9262
x-xss-protection
0
chicagotribune.com
pubcast-files.remixd.com/player-configs/ 		24 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubcast-files.remixd.com/player-configs/chicagotribune.com
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ee7d8c947b23e0c4589efbe5f0ec8bd02c4b3166631c41f75cdaefe1d3705530

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:36:09 GMT
age
3399
x-guploader-uploadid
ADPycdvFhFnyl_Eotr73ZMd94QzVcbAho0b81hBv-A65BTHFtjVQGxR1vXilfW4WdqNqUfT0SRpKtt6E_tUNAQ3K6KY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24725
last-modified
Wed, 01 Dec 2021 18:44:45 GMT
server
UploadServer
etag
"960d92a3a7a21aec0079dde37360fb4f"
x-goog-hash
crc32c=2kZuhw==, md5=lg2So6eiGuwAed3jc2D7Tw==
x-goog-generation
1638384285504312
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-meta-cache-control
public, no-cache, must-revalidate
x-goog-stored-content-length
24725
accept-ranges
bytes
content-type
application/json
expires
Wed, 19 Jan 2022 18:36:09 GMT
/
zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com/SIE/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3mJ4UJ3nXSLnMih
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a107208fcd8cefc2db5f3dfff2101269118d8cf0e404fc2605579249517d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
52459
cf-polished
origSize=8435
cf-ray
6d0225da7ae88c60-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
4
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-YmmixlZrN+qedSYFyUPaNDX7Tl4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
sync
eb2.3lift.com/ Frame 8BF4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/sync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
4850230c5b30c91c650dfc9bba8072fef62960e6671854c5e70e04e97829ffcd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

date
Wed, 19 Jan 2022 18:32:48 GMT
content-type
text/html; charset=utf-8
content-length
460
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
optimus_rules.json
tags.crwdcntrl.net/lt/c/13200/ 		2 KB
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/13200/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-85.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa8acae55af2687e4def8fd9c2ab60ddb636c6895b70304fb0d295fcedf453ed

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 15:51:59 GMT
content-encoding
gzip
age
9651
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 23 Nov 2021 19:48:04 GMT
server
AmazonS3
etag
W/"44d6c694be30f47a3ffaa002a09e9835"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 1dbc16aba8d57ed568542bcd7a1672f2.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
qhlLD2jRhLIhHJfe7eDQ6plW7gGmz7RSEmge1R6oj744hsKpeo6jVQ==
load.js
widget.perfectmarket.com/tribunedigital-network/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/tribunedigital-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fb26c7aa8a0f21eb4cf37124706d49b568d5417e06c39bfa755b1613a1f8373

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
zPPBPNVuQIKx9mFZx7n5m0zCpM.9fGQ1
content-encoding
gzip
etag
"e698d193db1b2fd0631ec46c1dc8a8fa"
age
60
x-cache
HIT, HIT
content-length
1424
x-amz-id-2
4lE2dZWb/cm89dsjCrAdXbGK/N3i+IXtp17zmhCNTqlAS8hCSQO5cWTAF1PLxN73PLCglajxXQA=
x-served-by
cache-sna10727-LGB, cache-yul12824-YUL
last-modified
Thu, 17 Dec 2020 11:02:50 GMT
server
AmazonS3
x-timer
S1642617169.986387,VS0,VE0
date
Wed, 19 Jan 2022 18:32:48 GMT
vary
Accept-Encoding,,
x-amz-request-id
VJ8M90RDP64202WV
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 2
impl.20220119-16-RELEASE.js
cdn.taboola.com/libtrc/ 		613 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d00ded7dae774cd8c135cc51657503e66ff219761ebadec07a3b451bbf727591

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
4sMf9eOzJqzBq6nOeW.P7FGhkYsHJzug
content-encoding
br
etag
"9265711baac30c73dbddd02644b04fc3"
age
24256
x-cache
HIT
content-length
129276
x-amz-id-2
mytiGgE0TIvlUjvyB2d/1s1xS4JZ3w94nZh7UVynwwipqhzOHJq+TIn36AQKY+G5sxw97v6XIS8=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 19 Jan 2022 11:48:26 GMT
server
AmazonS3-br
x-timer
S1642617169.961821,VS0,VE0
date
Wed, 19 Jan 2022 18:32:48 GMT
vary
Accept-Encoding
x-amz-request-id
5XW7M6GJQRGEFCJB
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
68
x-cache-hits
86977
sophi.min.js
cdn.sophi.io/latest/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/latest/sophi.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-36.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32c7d8467ebdc79ef911338d57c01b0e8ac31741378b738884a102603f9de276

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
AFJr1akUKDNyd94M8ZEbOEDOzxaSbf86
content-encoding
gzip
etag
W/"5937821f9bf249fabdda3bd4200fdf9e"
last-modified
Mon, 17 Jan 2022 14:18:31 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 784a91ee0539c02263f0e03f7760900c.cloudfront.net (CloudFront)
cache-control
max-age=0
date
Wed, 19 Jan 2022 18:32:50 GMT
x-amz-cf-id
7RxKiMXVoTE9M7aktA60e-DtHnoTnP_DoTVkyy2kac-CWd0SLC-Jww==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6036462/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.225.230.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-62.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:23:39 GMT
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
5hDKSt3NeRW3tBAh-6ymOcCAYthtJlKH3H_6qpF5tlJKAj14_np1-Q==

Redirect headers

date
Wed, 19 Jan 2022 18:32:49 GMT
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
q9jCAT7xafaeUrqKaXtTKDJ9U0qciZ2NCN0ngkN6PW81rjUNFJFlKg==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:32:49 GMT
i.js
tag.wknd.ai/2051/ 		532 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.wknd.ai/2051/i.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
de0b4e640fb9c9982a8743c69e8b035f4b96f7993eebe745657bd8ab10249ecd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:31:49 GMT
via
1.1 google
server
fasthttp
age
60
etag
bc3e730ff9d18
content-type
text/plain; charset=utf-8
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
content-encoding
gzip
cache-control
public,max-age=60
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
219128
ads
pubads.g.doubleclick.net/gampad/ Frame C106 		156 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2FSTN_6_Audience_extension&description_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&tfcd=0&npa=0&sz=480x270&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2507469231298194&ord=1642617168235&ndfp=1&cmsid=2460952&vid=1248815&cust_params=play_code%3D2008%26domain%3Dchicagotribune.com%26content_cid%3D9687%26excl_cat%3Dstn_backfill&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.495.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3942877064&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=945DC4AE-091D-4FF7-9332-0D84D06A0CBF&nel=1&eid=44752711&dt=1642617169051&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&scor=1158838588036851&ged=ve4_td0_tt0_pd0_la0_er732.224.732.224_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 8BF4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c222d7c1-8acc-4e56-b834-86840521a4ea&dongle=0cfd
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=c222d7c1-8acc-4e56-b834-86840521a4ea&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=c222d7c1-8acc-4e56-b834-86840521a4ea&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
xuidmid=7976&xuid=gzHH8124M&dongle=u6nf
eb2.3lift.com/ Frame 8BF4
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=gzHH8124M&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=gzHH8124M&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=gzHH8124M&dongle=u6nf
date
Wed, 19 Jan 2022 18:32:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 8BF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELLbcVTqfSAkGuQ_ZXxXbJ0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELLbcVTqfSAkGuQ_ZXxXbJ0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELLbcVTqfSAkGuQ_ZXxXbJ0&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8BF4
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDY3MzI5NjM2MDI3MTYyNDI0NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDY3MzI5NjM2MDI3MTYyNDI0NQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDY3MzI5NjM2MDI3MTYyNDI0NQ%3D%3D
date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 8BF4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4673296360271624245&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4673296360271624245&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bbc9c1d6-1d35-4fef-b6d7-7a902ff8b88c&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bbc9c1d6-1d35-4fef-b6d7-7a902ff8b88c&_noobservation=1&_expected_cookie=2503b2d...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bbc9c1d6-1d35-4fef-b6d7-7a902ff8b88c&_noobservation=1&_expected_cookie=2503b2dd4f439a771f8197ca57085f88
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d0225ddc99654d9-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bbc9c1d6-1d35-4fef-b6d7-7a902ff8b88c&_noobservation=1&_expected_cookie=2503b2dd4f439a771f8197ca57085f88
date
Wed, 19 Jan 2022 18:32:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6d0225dd287d54d9-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 8BF4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4673296360271624245?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_OZguTdE2oQeNmXvHm2PNZZTj9KlJ1QVj0A7aCcpqw--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_OZguTdE2oQeNmXvHm2PNZZTj9KlJ1QVj0A7aCcpqw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 19 Jan 2022 18:32:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_OZguTdE2oQeNmXvHm2PNZZTj9KlJ1QVj0A7aCcpqw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 8BF4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4673296360271624245&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=cdf5c145-0ef1-456c-b6ed-852e66eab5ae&ssp=triplelift&expires=30&user_group=5&bsw_param=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c537c1a7-8b12-48ac-8876-293826cb2880&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=c537c1a7-8b12-48ac-8876-293826cb2880&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=c537c1a7-8b12-48ac-8876-293826cb2880&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 19 Jan 2022 18:32:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 8BF4 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4673296360271624245&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:48 GMT
etag
"89b446b6cf8d81:0"
last-modified
Thu, 13 Jan 2022 22:48:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DBA58C0D75A64479B63757044DBEF6DB Ref B: YTO01EDGE0721 Ref C: 2022-01-19T18:32:49Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 8BF4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4673296360271624245
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 8BF4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=dqJbbnEkDteeGpaflQ6V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MRYUUYTCNZCWW...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=dqJbbnEkDteeGpaflQ6V
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=dqJbbnEkDteeGpaflQ6V
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:49 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=dqJbbnEkDteeGpaflQ6V
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
standard-player.html
tags.remixd.com/player/v5/players/ 		119 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.remixd.com/player/v5/players/standard-player.html
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-43.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f8aafd3013777f4d17aed478bfee42d328514bda26c4754137a7d48b69c7070

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 16:12:32 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"5653fbd855887ce70c1a6514a50edc61"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
access-control-max-age
60
cache-control
public,max-age=1800
x-cache
RefreshHit from cloudfront
x-amz-cf-id
i_6D7GrBHo3W7vuo0SXgQiFwKjODSqZPfrErRsUC3gVIalmDz5B9gA==
via
1.1 a86da8347e06cd1a49dfa25142e0bbf8.cloudfront.net (CloudFront)
pmk-202010011.27.js
widget.perfectmarket.com/tribunedigital-network/ 		112 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/tribunedigital-network/pmk-202010011.27.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/tribunedigital-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7fb9aeafd2d878c9105c3dbda844cbc6b86855b92dfe660b0117f692284bc7c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
vFwti8OzZphvyKcnsCOphWOBBaaimv.v
content-encoding
gzip
etag
"7253bec5e4edc0dcd2517b9a3f645467"
age
19468394
x-cache
HIT, HIT
content-length
31166
x-amz-id-2
6Ibq+WgrC023OS+SdAcB8gbj3Lh3MrpB+KQI/sfxMhMCNRlJYse3ZZYuI920cJpAFS9gZg08WPo=
x-served-by
cache-lax10622-LGB, cache-yul12824-YUL
last-modified
Thu, 17 Dec 2020 11:02:49 GMT
server
AmazonS3
x-timer
S1642617169.092519,VS0,VE0
date
Wed, 19 Jan 2022 18:32:49 GMT
vary
Accept-Encoding,,
x-amz-request-id
Q5Q5FSYY2SW6MGTD
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
6, 762
json
trc.taboola.com/tribunedigital-chicagotribune/trc/3/ 		67 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/trc/3/json?tim=18%3A32%3A49.130&lti=deflated&data=%7B%22id%22%3A918%2C%22ii%22%3A%22%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1642595980654%2C%22vi%22%3A1642617169127%2C%22cv%22%3A%2220220119-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5171%2C%22qs%22%3A%22%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2%22%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22below-article-thumbs_ARC%22%2C%22orig_uip%22%3A%22below-article-thumbs_ARC%22%2C%22cd%22%3A4559.625%2C%22mw%22%3A788%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22orig_uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22cd%22%3A2248%2C%22mw%22%3A388%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%2Cbelow-article-thumbs_ARC%3Dthumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%2C%2Ctaboola-right-rail-thumbnails_arc%3Dthumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
477f3b8e0298b400bd6bb8b624f0e7e264bd8d3c719505ce441a8298f4372e19

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
629
date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
server
nginx
x-timer
S1642617169.141084,VS0,VE629
x-served-by
cache-yul12820-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/tribunedigital-chicagotribune/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
vast
bid.g.doubleclick.net/dbm/ Frame 64A3 		20 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D5iitr3vjZjtmy-LHSGbv4XvQ4uyRD1kV081Su4kKEerCEWjeIO8PgtTWMPbUyjgxr-m4vGjGyasZPqB3dMA4Xpsa_cA&cry=1&dbm_d=AKAmf-CvspGgMAfjxGJ431fl2oILILcSCsfkurCEBQS1Ss5qgCrUPPqcTRgg5KQhhn6acO6sawCejeoiqWxH0Oo1MEHoRh4K75LPZKxol4ZmFLfKLIrwNMARjyzB1_l_ShakI-hPmcI5WcBgDECaTkQndisxJG1IsNGh68sINOlSoE7DkRbshf2RlZQSaSYaRo3hclbwWYaaPXaz8s8TV5e8U_uWF3dMGNgEeC8Ik2SeKJHNeOONkgOatYtMqBThJlHrMwbQ-79S9Os7UAdr11CotfMe5W6xyhEBRL3ZkbWuJpzKeEDAIjUf32kOhktLDR_PaaoiKF98JoPeX3SsFV2FD6Gx2bnjVMnZG7lDPBvd76wILK5fHGCmqPMcDEWwfZfNKCHg8H5OmHBKOnjH-8fmGAlGR_i8d3Cq8UEF-lrkjT5pIfW4GPulreZ1g8S2z4xuPVmM3iP_8OyIomlQq6X7-pyh2BTW7Cb9UcZZrTs1mceoOkmqWZdIYbpJPZBJqUE32kCIvjJ6SEwcBfg6GgjkwvUP7FXUeAP0oI6welRRqutqUQJWb_n2B5zWKw_TvEsqCw-JcjME-aSAEQjeJ0oPy4EcgHL6o52xJxCPS-1jMhi1EY14O_gCye2uJWJcy8zzSQsBK9EZAetcCJjMuD3HLE37OJWnVfEsSLUkfo7DZfEHN3u80iKQCS7Nlojd5UlT1ekOoFdgKR-UTrCtE7nh5Mx-9UE4-aZ2eEnhA7BTVFD740kOoLSlYAK0AIqus5NhZsJAuHOt-dSqdSOiaMhbBAmo9Ngg3iUxGaRfRqXgdX3p_d3OGcoB4ipJRNdF9vukbnJpthn35om5v6ILWegFe0S4gZX2Z5VCwj5HKnqCMZ5go5lWq6Qr4Zv8taRJQn4BZQxQhU573gLEhPhZQIAhD6SIwRyV5ZXGNVI9b9o8dsnrySg-g4UnoNJ7-9AFhMuk7ZppFj3X3Ui5CZf9bS2OpJ18jCzVTcFSEx3S83n5Uovf3a2vOHeqHHvYv6oDdCmaXJYqdgE6VNwgyV-G9yhKesegbTfTU8KufRhX0MygpDciF9SyBaJYrENB3bEoI4ag-y-Vyms3uTKFvOuhUe3c8t-DbRqJ67YC7gDewvEPh72pIiaw9cIzHGqhvDfNURuc2_mDRg1D7k8iFwN5vPlUfg9vZwirTkg7uWzRqOEWXV252tJSTXHsXyDNvtcFmKTmq4oKNP5KWp_Tu2E4E6wNTSMHBKDf9tb9pwP-D1wJjbPGaafGBwl_ipp2NCcUlg6pXehAkd53SERaWON2elWDDQ346d0BIFrGeiNHz55smuL1sH5JcrZfCxkdIcVJQhGCkOiN3d9ek6bR6CCzDX_EuV_NViV6ZNlZnegnU68ln3_gPcccSyMJPvvnKGlQDmtFrwinat679XWD-s0rUaHnfAnu0fzbyxap6iiz_tfHCPzkFlxl_akpub2JtByFPrvOKm-t0ZhvZCZpQMZyqyRiQhlHFSoyDrY6-GH5lHeqmBMfjSQ2kX8Q5ZMIeKdjKmLIUD2VjmKYYiYUwF4LGVY8RrziZwSW689SAZrWcq8040_kqi1qh1cZ_PjLs7FkjehK9wgmnKwg08JpB1DlAl4I8sDTLMkMgHzK5h_57d-Qf2vUwo2Ph5Tfv7ZEQJT2OaaV_Q5EohP24JycySEFe14fyqqRnGXq5hHxGcaGkSrPKDsBEMFhiuSGAuuzvsx5gp5MADrBoLPhP5-147DOfqbngPNKpzbYMp8dZ7f_eIYdSA90-ykM-t8OXThKkirQeTMGcA0VFdy-OEJ6vovmURG_iJ5fn_cYl5pVumi6Kxku2OK-CSGt6eBuNBnVU6WsmtJ14YXCbnNueUOl8F0QgF7qOPuczF-wn8rYXU83tTq6B2nUzjyiV4WfVMdwQDimxoqhVeqi2S8ARPBOwfwSGJh1nb0VjIZKme-AeaiUx9QZJm6cMIi4A-o-oiN3GGSZYGoLn0gbWHsdruCqqdQIZMlktu7EdJGt_tkckq2MFPd1zGPrU3L8kvsQyQYF4zOlBLaS66mIqInsy3qoV8HXq385KbRXIYnCwjC7UarM7LBri0c1tPJUO927_4mHbexzxknCikHR1L9Y-N8nHlbONAmKGyWa10K3k042wWBUrANA7uyw6zg3x-jDr0yh47jOqLjL36OpjqzqZATYA-YbOWwjRBFcgmtKhWN56n8UVzcLjrS9OADpaI4Zr5Sbp1FfZEipOYeck2TPKiE7iPTmWz45fNsHB0b9pyVzuvZiNlLt7_JzNfYShvvEliLXQZuvLiulknaeHrpYwZJY99IrITDXMxBwUnnp8GrwTU5wbu6ABSvc-ABWksF4te6EJY2ZnA5iiC7Wzar0kT0_zpridZJ8Bk4YxqaDidd1DaOlM99lH36fGY6ExF1Nxl2mK3fZQtk1tarW0SAecrHkOeVNDHUEkEHpnJwsNINna54p_FEcZLAuS2h4ZdpJTaVfQPHwzoPdOgizzaGG59VVh_436YryQpah1UrG_TEM9UhZjnWfmF1_MoREIW-I5floLIyfqlSzQFy7EGG55pH3KIivaSAEixWYHxtl_BrHY5EtIANOx0R-be8cp1PcqWopEaGUzP1uyz1__iC_mZXWRPV1l1f0D6oS-rFReSwyzOMdVhmwulGP1W9JI-wkbyNSMt-Umt4aMEZXdzCMEdso5k4ggeUR6ZE1wBaKdBK9rvWmyeDfWMWUXOJC8A-oOgD1CSnBnMVXE0egcy1tdgA4bERYs41rKIXkR-JvtnyVZCOa8tGOPMuh8qJA9SdqSM95jD35kouBk-QEds4iz0DJKwxj7fxf2TQEa88LM2rXzGL2GLmLzrz1mDJ2xwHX0h6Q5VRLf5jPWoyI5TDtse8FdXkGGlUIZZXlNbXiILXZl4Fu-nBibRn1mqVDscgGwqTmRsW00z5925CNZ27-7MQwauVtNWQSZgVZVhTIfRSx3nxAAoZ_TZKOdicI44PLBW1hJ_QcB25486NSWCYtvKlZkxe2u3Eib70etMItBOvcFyqxqNEsZriAwjta-WDqbWHtUw8pklNA7F-Pts9Wu_fz7_Nis5eFkNKJE1OuIaPrE37xu73otNEqB99wVUG5PVT6ll_g0nyLvnXvz6Qgb6MtSRrmHqWiu9-YgAbx2BOdEvTIJuZkTVjlaAdX6ZzmBoO1z2ktVMaDmNXeP1aOOpxGrZ6No0HqzgMm8uwHVBGiYZsq9ZV9DMnWnRuRd8_iVIpCySDXfLq-JvfuMjuUZIFBUfNLN6xm5jaEjfi7Vx3_n8bjuRRo30E1pgSPXROiySPiaCKEiYzj1H15wv3KgAcR2uJjN3_KHH5-yxOF33cmIkiTCmhbtDRM4c_CUdDqo9jnXmiZVK6c-BFE0cG-E6Ga2tai1tI__Qxa77icDGMRtk3MVkud930xZ76FZgHTC-wvDS7Qg21lsJWYGvXA-g8QJDyhO9R37zAAWaL9Z1w9j-pEEbRM7EHNxCDucurQOnryBJ48DvrGWDDsJkEpWHGqbEVKi8dVufaTxXVfh95Xyht0grkfks1-7wV32LvDlsvluXd84PzxCfFk8B6TgLY2IjmGkbcWy9dOopLYa2P_nnaohzIjAJrcUaR3x2CraiKZ7pAiFXEc3EZ_-kJzQH7lrKVdij0EgrUrP-UcEA&cid=CAASEuRo8bxImuZfGyTICPHSarE4Tw&sdkv=h.3.495.1&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1464894132&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=87E805D4-E43A-4A6C-8F8C-B9C7142DD7F8&nel=1&eid=44737475%2C44744588&top=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&loc=about%3Ablank&dt=1642617169164&ged=ve4_td2_tt1_pd2_la2000_er2392.441.2550.747_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f154.1e100.net
Software
cafe /
Resource Hash
5f3b21dd38a78c9e6d5466c3a0223517da6a3714bea974eedef8a1bde497d22f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12451
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
12.8327016048e927965e51.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.chicagotribune.com
Requested by
Host: zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com
URL: https://zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3mJ4UJ3nXSLnMih
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878227787bfdfdc233209277b711325be189981949e62797f2b8413f1931c261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
48877
cf-polished
origSize=57365
cf-ray
6d0225db6da58c60-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
10
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Dec 2021 22:49:08 GMT
server
cloudflare
etag
W/"e015-17dbb229ea0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4BB8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 05:11:39 GMT
expires
Thu, 19 Jan 2023 05:11:39 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
48070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1601 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c325ca5a70e154cc55e283b62ef8da857ede9e922b4ac0281e71c2163cb156a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ncpWWLlzbyZ9SkQinOWT6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 19 Jan 2022 18:32:49 GMT
date
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ncpWWLlzbyZ9SkQinOWT6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab5547fe103db6c64.awsglobalaccelerator.com
Software
sophi /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.chicagotribune.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
5
date
Wed, 19 Jan 2022 18:32:49 GMT
server
sophi
vary
Accept-Encoding
content-length
0
tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab5547fe103db6c64.awsglobalaccelerator.com
Software
sophi /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
server
sophi
vary
Accept-Encoding
p3p
policyref="", CP="This is not a P3P policy"
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
content-length
2
ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		627 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Requested by
Host: tag.wknd.ai
URL: https://tag.wknd.ai/2051/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5bf4fc433fe159de07ff65784867caa7beb8d330d6d05750c8e79334c66d3acd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 16:21:15 GMT
content-encoding
gzip
age
94294
x-guploader-uploadid
ADPycduGiV0VIf_RI3e0_B_3_DHrtAsTuFOhdqsoX-2moKb9i2LrFLakU78tYiYyk4FN3Fg5LE2TIr6CkFz2BtOS7UTIxd_6HQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
156380
last-modified
Tue, 18 Jan 2022 16:21:10 GMT
server
UploadServer
etag
"dd50e165c86b93dabc4fc601d70d543c"
vary
Accept-Encoding
x-goog-hash
crc32c=HQhgzg==, md5=3VDhZchrk9q8T8YB1w1UPA==
x-goog-generation
1642522870452072
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
156380
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 18 Jan 2023 16:21:15 GMT
229636
search.spotxchange.com/openrtb/2.3/dados/ Frame 80AF 		0
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229636
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
x-spotx-timing-transform
0.002137
x-spotx-timing-spotmarket
0.059104
x-spotx-timing-page-require
0.000696
x-fe
015
x-spotx-timing-page-misc
0.020081
x-spotx-timing-page-cookie
0.000030
x-spotx-timing-page
0.083906
pragma
no-cache
x-spotx-timing-page-context
0.000482
last-modified
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.059104
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000028
x-spotx-timing-page-mux
0.001348
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
229637
search.spotxchange.com/openrtb/2.3/dados/ Frame 80AF 		0
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229637
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
x-spotx-timing-transform
0.002098
x-spotx-timing-spotmarket
0.045622
x-spotx-timing-page-require
0.001475
x-fe
022
x-spotx-timing-page-misc
0.006861
x-spotx-timing-page-cookie
0.001403
x-spotx-timing-page
0.059285
pragma
no-cache
x-spotx-timing-page-context
0.000621
last-modified
Wed, 19 Jan 2022 18:32:49 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.045622
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000020
x-spotx-timing-page-mux
0.001184
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ Frame 80AF 		2 KB
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F92056281%2FSTN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined&type=all
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaa14bc9ba8365110c46ae56ee4ca498f7c34f2cf361ea50bd3005936db1f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
828
x-xss-protection
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 80AF 		288 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.41.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-41-144.compute-1.amazonaws.com
Software
/
Resource Hash
d840bed0ba3cc1cceaa9a611021f9ba6b0c3e6d8a716061f369225a107fbbd33

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
248
expires
0
translator
hbopenbid.pubmatic.com/ Frame 80AF 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
as-sec.casalemedia.com/ Frame 80AF 		46 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?fn=indexResponsefb8fd86f73&v=8.8&s=305079&r=%7B%22id%22%3A%22fb8fd86f73%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A740%2C%22h%22%3A416%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A4%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22g4nkrAVSzVCp8H-G4jRi5w%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%22%24%7BUS_PRIVACY%7D%22%7D%7D%7D
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eef441bd0291d50370d4d29ad3725d32feb3caa34fd29f0f49dca776553c6af7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:49 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58
X-AK-CLIENT-GEO
19
Expires
Wed, 19 Jan 2022 18:32:49 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 80AF 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
15eb458a8b63a49893f42a42e4b75717eae7329408ecc6f9552c2ffd1d31106e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:49 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
16b39e5e-49d7-49d1-b647-d6ca8bb6f10f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 80AF 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9cbcb93e44d802bc9ee970f60c3c1ac8af22fea7e6cfb57356d7b9b2727663a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:49 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0dbe8f77-bcea-4519-b993-d3e32171cce7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
sendtonews-d.openx.net/v/1.0/ Frame 80AF 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sendtonews-d.openx.net/v/1.0/avjp?auid=540141285&url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vht=416&vwd=740&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A740%2C%22h%22%3A416%7D%7D%5D%7D&be=true&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&us_privacy=${US_PRIVACY}&c.p=general&c.p2=entertainment&c.schain=1.0%2C1!sendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%2C1%2C%2C%2C
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
FUtg69tL.js
cdn.jwplayer.com/libraries/ Frame D136 		115 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:b400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
d8fbae96bb2e29753ef294d8edadf872e89364f2a841b3fe2e708c355d1c6801

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:31:53 GMT
content-encoding
gzip
server
openresty
age
56
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
EWR53-C1
content-length
39089
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
x-amz-cf-id
k4bfOKAXSw0pN3QDHjNz-HfjdzL1W-Ds4jIPG0pNd685S-mqfqUnSA==
expires
Wed, 19 Jan 2022 18:33:24 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3mJ4UJ3nXSLnMih&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.chicagotribune.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def2f3738c66669e117c3541b4d59e871e186dd759ead0b212435944bb3c26c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
11
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
bbae50c5530dc014
cf-ray
6d0225dc58198c60-EWR
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame B9B2 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined%26channel%3Dvastadp
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66edb824bc7ae85906a0d36ddad0a4022527ddeb318870732609a71d85b4213a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16294
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 19:35:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:47:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1601 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=3546522437719344&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
R1B9DkRZwcDIRZ3R9sqVqoa_rY5Qa04vEjSiPeGSXMQ.js
pagead2.googlesyndication.com/bg/ Frame 4BB8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/R1B9DkRZwcDIRZ3R9sqVqoa_rY5Qa04vEjSiPeGSXMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47507d0e4459c1c0c8459dd1f6ca95aa86bfad8e506b4e2f1234a23de1925cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 20:25:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
511667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13406
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jan 2023 20:25:02 GMT
vast
vast.extremereach.io/ Frame 64A3 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.extremereach.io/vast?line_item=15419412&subid1=novpaid&er_pm=&er_ar=0&er_cp=&us_privacy=${US_PRIVACY}&ba_cb=1642617168750388
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:66e7:fb11:219f:3941:9d50:b09d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
6c6ec9139b7077f3b5365e999af492a9945f9d1f0a4fa5d032e2c92792a03c7b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
expires
0
/
data.cdnbasket.net/ 		100 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.232.15 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.232.227.35.bc.googleusercontent.com
Software
/
Resource Hash
05e19d44d798adf888ed6dd3853f541158751ebf823af1c12d676b01ae6fc40e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:49 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		100 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.192.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.192.227.35.bc.googleusercontent.com
Software
/
Resource Hash
78ef4987b0bdae622bc66679ca352937f99a9cb06411a8b4b6599fe9f099eb2f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:49 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		100 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.239.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.239.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d11f7db0b489ac1a01abf2883f4fe739ffb5528e2f8d459e1b25a0c4d7ac98ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:49 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame F786 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

x-guploader-uploadid
ADPycdsHaMhIPmz1y8zixuqmSr8jUQH7b6mLqnRaWR5ncGz54tQyl-tb5YJbnwSiUjE_nPe_NP-gY6HGzUwE52qVABBCDhAriA
x-goog-generation
1641484422456784
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-encoding
gzip
x-goog-hash
crc32c=/MB/Rw== md5=w2jAMmD4CbqHf/KAt5/Fjg==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
date
Sat, 15 Jan 2022 02:40:46 GMT
expires
Sun, 15 Jan 2023 02:40:46 GMT
cache-control
public,max-age=31536000
age
402723
last-modified
Thu, 06 Jan 2022 15:53:42 GMT
etag
"c368c03260f809ba877ff280b79fc58e"
content-type
text/html; charset=UTF-8
alt-svc
clear
css2
fonts.googleapis.com/ Frame D136 		3 KB
492 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60de22f54cc58673248512de11eeaef5e4dcdd9d90883727ec2ba1de23e4c57b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 16:45:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 18:32:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 18:32:49 GMT
ping.gif
player-files.remixd.com/ Frame D136 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=a7c88434-0ead-48f2-a0ac-dcc06f1be3ea&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
x-guploader-uploadid
ADPycduz5FJUzVfWlDQaBUbkrQgHDlXAnQa_EWk25iOnJw0m0rvbJ7wLZLVvUY-Uu33vYQ-5eVIpH_mDVT44kpycRNINmCS8rw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
x-goog-generation
1571845502045744
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
expires
Thu, 19 Jan 2023 18:32:49 GMT
ping.gif
player-files.remixd.com/ Frame D136 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=a7c88434-0ead-48f2-a0ac-dcc06f1be3ea&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
x-guploader-uploadid
ADPycduQ1QNVbzNxRrcL0ovCjrJQhmspKP5y9y_Cw383QIEB07MN6z8fzCNPI8Pq8F84ki_jd4g6XH8HfsA0NJsqUnfurklViw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
x-goog-generation
1571845502045744
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
expires
Thu, 19 Jan 2023 18:32:49 GMT
ping.gif
player-files.remixd.com/ Frame D136 		43 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=3&sessionId=a7c88434-0ead-48f2-a0ac-dcc06f1be3ea&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
x-guploader-uploadid
ADPycdte7hBYunusJ95Bix9xWrrj0lxyxprGQ2xqbTpn1WoFTJg675fmPXDLWcrK6GuYpe8NTjxSqLmr0f8C49nHsp4sZu_9dA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
x-goog-generation
1571845502045744
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
expires
Thu, 19 Jan 2023 18:32:49 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B9B2 		377 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4136d0d7197a842bce2936755c964243a25e0420f15071c8ee9493822aaf8c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 18:32:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B9B2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.9401758654916297&wt=1642617169454&sdkv=h.3.495.1&xai=undefined&url=3,https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617168235%26ord%3D1642617168235%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.chicagotribune.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319a3cc5c9b91c326cd8b31930650ec7afa7d00dfb4c8f59bf0d4ed0f5ca1526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
48876
cf-polished
origSize=102657
cf-ray
6d0225dd7b2c8c60-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
5
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Dec 2021 22:49:08 GMT
server
cloudflare
etag
W/"19101-17dbb229ea0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/ Frame D136 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:38:13 GMT
x-content-type-options
nosniff
age
600876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20348
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 19:38:13 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v5/ Frame D136 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 07:46:52 GMT
x-content-type-options
nosniff
age
384357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20444
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 15 Jan 2023 07:46:52 GMT
csi
csi.gstatic.com/ Frame 64A3 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kylvumno&c=4731811772614&slotId=2365905886307&qqid=CLTO4ea5vvUCFVLz9QIdfDULXQ&gqid=UFnoYb-pLOK9grAPmKC9yAI&fb=ima_html5-lima&sdkv=h.3.495.1&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44737475%2C44744588&vmfc=2&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 6AFC 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 01:48:06 GMT
expires
Sun, 15 Jan 2023 01:48:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
405883
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame B9B2 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 18:32:49 GMT
integrator.js
adservice.google.com/adsid/ Frame B9B2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.chicagotribune.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
e
capi.connatix.com/tr/ Frame CF0B 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/e
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
truncated
/ Frame CF0B 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
integrator.js
adservice.google.com/adsid/ Frame CF0B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 64A3 		42 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CPvNeUFnoYbTmLdLm18cP_Oqs6AXi7pGGYY3RkM3FDvAuEAEglYnTIGDJBsgBBagDAcgDE5gEAKoElgJP0B49zt3YcyA48Fi2857zL9NUiSgz0JhO5RsF_1EZZpuO0iO9G6h7DGg6g-FjbLx31B9x4W8cB2jI5GZSWnzDZ7l-H1vbiMzvz2YVayygqtSNa4-Hoo713BHBvVNDSspfCA1DZ1sTGc5sCprq16AJyaFFqNxyh0G4BR5IAy869bgkoiHe_wjGZ92oJ8hzFblRQ8Y64j1fPwe17tQ2Z4FJnfgePNCmclk-G_cgqlswv7YpQrcRLr4cNDJS02ciz4DM5Dc6J_HbQVnvOjFHP4v-BX6hZZM8HJ2Hv5vAuh15XNCntVPMBm8ZnhpT7ycmrS5rASBH9QdFVnXKJbqkiSZm3GbAOYhp6nhC4dI-6cLI4QCzlx4XN8AEk4SM5LQD4AQDkAYBoAZ5gAep6pyrAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTYxNjYzMzY5NTYwNTkzMDOACgPICwHgCwGADAGwE_rZ0A3YEwOIFAHYFAHQFQGAFwE&sigh=KjzRvmqq56M&label=show_ad&acvw=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 64A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CafVDUFnoYbTmLdLm18cP_Oqs6AXi7pGGYY3RkM3FDvAuEAEglYnTIGDJBsgBBagDAZgEAKoEkwJP0B49zt3YcyA48Fi2857zL9NUiSgz0JhO5RsF_1EZZpuO0iO9G6h7DGg6g-FjbLx31B9x4W8cB2jI5GZSWnzDZ7l-H1vbiMzvz2YVayygqtSNa4-Hoo713BHBvVNDSspfCA1DZ1sTGc5sCprq16AJyaFFqNxyh0G4BR5IAy869bgkoiHe_wjGZ92oJ8hzFblRQ8Y64j1fPwe17tQ2Z4FJnfgePNCmclk-G_cgqlswv7YpQrcRLr4cNDJS02ciz4DM5Dc6J_HbQVnvOjFHP4v-BX6hZZM8HJ3fvimqsjeZbkIVOdfxret2HMYhYPtbeu5y08g36A3BX1zSyHd8kPSEKHLuIWr7LgrNH0Ivxdp4WJyOPMAEk4SM5LQD4AQDiAX71ZCELZIFBggDEAEYBJIFBggbEAEYApIFCggiEAEYA0jmqm6SBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnmAB6nqnKsBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQl-F1GOjE67cB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNjE2NjMzNjk1NjA1OTMwM4AKA8gLAbAT-tnQDcgTrqqqCdgTA4gUAdgUAdAVAYAXAbIXHgocCAASFHB1Yi04MzgwNTgwNzYxMTkwMjE0GK6NEQ&sigh=sqEzwTAghbs&cmd=Ch1jYS12aWRlby1wdWItODM4MDU4MDc2MTE5MDIxNBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSPACNIrLMgl1W9A5BN7ZCugieWhzzMo1FdX7VXm_tw0SarvYIl5OrpzZLPVRZNLM7fYwzxco02uemtsfF7w&vt=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF0B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fiu%3D%2F30690318%2FTRONC_RON_Ora_Desktop%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D&customPlayback=f&customClick=f&lid=8&sdkv=h.3.495.1&e=44738438&id=ima_html5&c=725844369043045&domain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF0B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?timedOut=f&status&lid=158&sdkv=h.3.495.1&e=44738438&id=ima_html5&c=725844369043045&domain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.421260a34f7ea51f50e6.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/4.421260a34f7ea51f50e6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Requested by
Host: zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com
URL: https://zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3mJ4UJ3nXSLnMih
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b93deb2f2f99a6dcd6ba15e31633e827712bebda802d21de182dcd417c5173c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
48877
cf-polished
origSize=2539
cf-ray
6d0225deffcf8c60-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
10
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Dec 2021 22:49:08 GMT
server
cloudflare
etag
W/"9eb-17dbb229ea0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.5c0b718e7a75c4689460.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.5c0b718e7a75c4689460.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Requested by
Host: zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com
URL: https://zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3mJ4UJ3nXSLnMih
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01937c9481039111d9c0f243edc9dc1fd987dde3ecfa0e7082c3500f82477807
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
48877
cf-polished
origSize=29269
cf-ray
6d0225deffd28c60-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
7
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Dec 2021 22:49:08 GMT
server
cloudflare
etag
W/"7255-17dbb229ea0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.chicagotribune.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52353c2f4c441c1f50d634fcf160da6abaa62f36ad3a90e6e457b367479a0dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
48877
cf-polished
origSize=66052
cf-ray
6d0225deffd58c60-EWR
edge-control
max-age=604800
x-envoy-upstream-service-time
21
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Dec 2021 22:49:08 GMT
server
cloudflare
etag
W/"10204-17dbb229ea0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_06BSWY5hWTyKuj3&Version=52&Q_ORIGIN=https://www.chicagotribune.com&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.chicagotribune.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f1837ccdd94ab85bcd4cbdb16d55a12ccb269fb2756cf82dec91316ce6fbe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
115928
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
x-envoy-upstream-service-time
14
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 18 Jan 2022 10:20:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Fri, 16 Jan 2032 10:20:41 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
cf-ray
6d0225df3dfd19bf-EWR
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5772plioKUO9tNX&Version=25&Q_InterceptID=SI_06BSWY5hWTyKuj3&Q_ORIGIN=https://www.chicagotribune.com&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.chicagotribune.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04739796ed54947985c6a70a57a13f5fc3535dffff70f426905cfa52058e9b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
31661
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
x-envoy-upstream-service-time
13
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Jan 2022 09:45:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Sat, 17 Jan 2032 09:45:08 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
cf-ray
6d0225df3e0e19bf-EWR
servershortname
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A072 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:58:55 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kylvumc9&c=4731811772614&slotId=2365905886307&eee=missing-element&bi=missing-id&ulv=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
ids.cdnwidget.com/ 		535 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=91ef1dfeb207b4b8cf933c280258598c&SCH1=46144757d5d294f4d8fa3b2f90900d34&GCS1=132246178&GCS2=YTc0Y2FhM2YtNDRmYS00ZDIyLTg3MjUtMDk2ZWVkYTBlZWRmLmxvY2Fs&pe=false&wsid=2051&varID=0obs5&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2051%2C%22loadID%22%3A%22GNTj1LSNY6FUiT8%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A3%2C%22IDStageStart%22%3A3%2C%22obsReqpage%22%3A161%2C%22obsReqview%22%3A162%2C%22obsReqdata%22%3A165%2C%22netComplete%22%3A374%2C%22IDStagePrefire%22%3A374%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.191.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.191.107.34.bc.googleusercontent.com
Software
/
Resource Hash
5c6ba10d2f34f01279e8d20c06f41652269635c93509efb5ae06ded06c11e4c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json
ffddbecb-9a16-4188-bed3-c06f3555dd1a.webm
cdn1.extremereach.io/media/107116/165625/aa1c5d5f-0b11-4911-8984-d47225db8c35/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn1.extremereach.io/media/107116/165625/aa1c5d5f-0b11-4911-8984-d47225db8c35/ffddbecb-9a16-4188-bed3-c06f3555dd1a.webm?line_item=15419412&cid=188419&e=e.webm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8e00:1d:e9ba:f480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
null
via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
etag
"579e3b3afc384f7b29ce129558fc192a"
last-modified
Tue, 21 Dec 2021 16:59:50 GMT
server
AmazonS3
age
48680
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/webm
Content-Range
bytes 0-3738698/3738699
date
Wed, 19 Jan 2022 05:01:30 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
Content-Length
3738699
x-amz-cf-id
cSq5yX1HXW7ll0lynpVB8awkRkkmPL1bwiok2mbwUw2OrZbn4kpcRg==
ads
pubads.g.doubleclick.net/gampad/live/ Frame E1DF 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F30690318%2FTRONC_RON_Ora_Desktop&description_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=464576650592220&sdkv=h.3.495.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=475298054&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=E9CEB646-E098-4E81-8988-7AAF4E5EB2FA&nel=1&eid=44738438&top=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&loc=about%3Ablank&dlt=1642617166795&idt=1480&dt=1642617169774&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&scor=3761305121712835&ged=ve4_td3_tt2_pd3_la3000_er2392.441.2550.747_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
34d8018a1e207d62f45ef8d5515f743a0a4439761a3fded8450e19fc389916d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7121
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
explore-more.20220119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20220119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2644489183988cada3bc1fc4eaa123348f0d3a7800811bea4d927ea98affa503

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
DTaXCu.GYtqw6eZY1CbU0JqgqNNU8qjf
content-encoding
gzip
etag
"191d37ee54af244a38aee12d6779577c"
age
20741
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4481
x-amz-id-2
npDHw4A61fHxmb8W82pXJLbV4z8tQ8b+DqlNaKViRXJFgxqSb8yrhGnLF1fZzv+Uzue0v4tTf08=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 19 Jan 2022 12:47:03 GMT
server
AmazonS3
x-timer
S1642617170.834037,VS0,VE0
date
Wed, 19 Jan 2022 18:32:49 GMT
vary
Accept-Encoding
x-amz-request-id
7CXQXFPPASRNGYS4
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
53
x-cache-hits
27940
feed-card-placeholder.20220119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
603034e4d9730524178c703560f855a8f712a717551fdc0f58ec7be07eb3995d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
8i6HhtgQrEdn3_49f7Qn.rkO8sWjVnVu
content-encoding
gzip
etag
"ee24a052a31483b05db747c3f0bc2c0e"
age
20725
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
Eh2YBYVwlY43zJ1XJpqM4vaCJ0lFnJbrBv+BscybSPNt8TXC3Pv/dACimxVpIyj+K8LoqRWj2bA=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 19 Jan 2022 12:46:56 GMT
server
AmazonS3
x-timer
S1642617170.837318,VS0,VE0
date
Wed, 19 Jan 2022 18:32:49 GMT
vary
Accept-Encoding
x-amz-request-id
TNRYV1PR5WS7BHCC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
53
x-cache-hits
55637
userx.20220119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb8ebeb7743e7e3ab931404a3967882beddbbe1d71c8b62c203ab0d7c2335fd5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
HYQoHUQhL08k66vsLsWojpsOGpHQV8.K
content-encoding
gzip
etag
"8a784a47fae0cff82128204a098adb17"
age
20866
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
RqZaVj0m2z2XyLEq4EBU3kfdfWoD5rJXxtCMQQm6o7M0a6m8OoIJ8oc8bCId8osPMQfGDLYQ6/E=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 19 Jan 2022 12:44:47 GMT
server
AmazonS3
x-timer
S1642617170.853599,VS0,VE0
date
Wed, 19 Jan 2022 18:32:49 GMT
vary
Accept-Encoding
x-amz-request-id
ZCGRE1EMEKW29X1X
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
53
x-cache-hits
64768
cta-component.20220119-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220119-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9696e5149c76e12ac5b9a2e67abec83b206463ae2bf1dc3bb93503e5ba17c68e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
ssQB6AB.gofQ6Y6W1nGQl3r7X1B6m3HS
content-encoding
gzip
etag
"821a001f963460ff37dba441dc312002"
age
20700
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5022
x-amz-id-2
+oqySPo53WFEUev3uG2+aYA0Yj7E/mITMTWuP7fF56T6j/oaiII7HB0uiMiw9NzggXpz6pIsFc0=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 19 Jan 2022 12:47:28 GMT
server
AmazonS3
x-timer
S1642617170.867778,VS0,VE0
date
Wed, 19 Jan 2022 18:32:49 GMT
vary
Accept-Encoding
x-amz-request-id
V9P01FJ0T60TB3T2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
53
x-cache-hits
66552
tb
15.taboola.com/ 		38 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=tribunedigital-chicagotribune&unitType=244&tbloc=&pageType=text&pstn=below-article-thumbs_ARC&uuip=Feed%20-%20below-article-thumbs_ARC&cisrf=&cirf=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&encoded=1&uid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&variant=386437|940&callback=TRC.videoTagCallbacks.videoCallback1&cb=1642617169876&tagid=&cntry=CA&platform=1&sesid=dfd6e5c480bdafa1a764cce265290c15&itemid=/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&viewid=1642617169127&geolat=&geoing=&deviceifa=&appid=&sd=v2_dfd6e5c480bdafa1a764cce265290c15_922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1_1642617169_1642617169_CNawjgYQrco9GOfJ85znLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjbwtakkbOV1QpwAQ&ri=605c396362bdc5af6f2ed3f02f2e55e3&appname=&cdb=&gdprApplies=false&rid=&sii=3699621398917676742&oee=true&tpubid=1008941&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=QC&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1008940&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4fce706b6186c5a2ad061c09ff0924f2e6d5a8ea28711d2cf8bf5f17f549b9e5

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-encoding
gzip
access-control-allow-origin
https://www.chicagotribune.com
machineid
1136
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-yul12820-YUL
pragma
no-cache
server
nginx
x-timer
S1642617170.885872,VS0,VE19
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
pubads.g.doubleclick.net/gampad/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/4011/trb.tribune/BroadwayinChicagoOctNov2019&sz=1x1
Protocol
H2
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
google-lineitem-id
-2
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
9
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
gk4CwDeYqjD76UVwUr6CKqZkKhEZlxkKbwrCmzRQbAdqokgXVudNTOIStg5tZZQXfAZ0YA2MmM8=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1642617170.913207,VS0,VE0
date
Wed, 19 Jan 2022 18:32:49 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
C7M7GWKDRAT6AB6P
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
53
x-cache-hits
12
debug
us-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=18%3A32%3A49.931&type=info&msg=Load%20publisher%20card%3A%20%23taboola-skip%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23taboola-skip%20succeed&llvl=2&id=3103&cv=20220119-16-RELEASE&lt=deflated&idx=pc&pc=%23taboola-skip&st=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17437
abtests
trc.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:US:V&tvi2=5682&lti=deflated&ri=82e60052d4b7f41ab8a5f2d4ac09eddc&sd=v2_dfd6e5c480bdafa1a764cce265290c15_922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1_1642617169_1642617169_CNawjgYQrco9GOfJ85znLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjbwtakkbOV1QpwAQ&ui=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&pi=/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&wi=3699621398917676742&pt=text&vi=1642617169127&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3Anull%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1642617169933%7D&tim=18%3A32%3A49.933&id=3532&llvl=2&cv=20220119-16-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617170.944499,VS0,VE10
x-served-by
cache-yul12820-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
generate_204
tpc.googlesyndication.com/ Frame 4BB8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YHxITA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
lookup
pd.cdnwidget.com/ 		49 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pd.cdnwidget.com/lookup?deviceID=23vam48JY1umfYfS5Jxe2GxfhsY&cookieID=23vam6u0JGJeZNbfWHD9h2SJrdP&bxwid=2051
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.130.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
207.130.149.34.bc.googleusercontent.com
Software
/
Resource Hash
771196c556ce9fe2914aa0d336cf0f11fbd579c7cdd52e8436b19e0fffdd783b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
application/json
social
us-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/social?route=US:US:V&tvi2=5682&lti=deflated&ri=82e60052d4b7f41ab8a5f2d4ac09eddc&sd=v2_dfd6e5c480bdafa1a764cce265290c15_922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1_1642617169_1642617169_CNawjgYQrco9GOfJ85znLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjbwtakkbOV1QpwAQ&ui=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&pi=/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&wi=3699621398917676742&pt=text&vi=1642617169127&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Review%3A%20%E2%80%9COklahoma!%E2%80%9D%20in%20a%20radical%20new%20tour%20in%20Chicago%22%2C%22sec%22%3A%22reviews%22%2C%22aut%22%3A%5B%22Chris%20Jones%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fresizer%2Fu4FelTFrddIm1ZyZn307MeDXv8U%3D%2F1200x0%2Ftop%2Fcloudfront-us-east-1.images.arcpublishing.com%2Ftronc%2FISLBIVWY6JGPLC6AQ46L4ESSIQ.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A32%3A49.988&id=7496&llvl=2&cv=20220119-16-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk-metrics
us-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/bulk-metrics?tvi2=5682&route=US%3AUS%3AV&lti=deflated&bulkSize=13
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:US:V&tvi2=5682&lti=deflated&ri=82e60052d4b7f41ab8a5f2d4ac09eddc&sd=v2_dfd6e5c480bdafa1a764cce265290c15_922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1_1642617169_1642617169_CNawjgYQrco9GOfJ85znLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjbwtakkbOV1QpwAQ&ui=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&pi=/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&wi=3699621398917676742&pt=text&vi=1642617169127&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1642617170000%7D&tim=18%3A32%3A50.000&id=1025&llvl=2&cv=20220119-16-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617170.029338,VS0,VE10
x-served-by
cache-yul12820-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
usync.html
eus.rubiconproject.com/ Frame 8C6F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 18:32:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame EF1E 		620 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.5.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
cc4eca99f3be380b1c6b5e543846081ee3c25bb2d666c138c9ca3ad84efba582

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
text/html
content-length
387
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
ups.analytics.yahoo.com/ups/55953/ Frame 0E60
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c222d7c1-8acc-4e56-b834-86840521a4ea&_origin=1&gdpr=0&gdpr_consent=
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=c222d7c1-8acc-4e56-b834-86840521a4ea&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=c222d7c1-8acc-4e56-b834-86840521a4ea&_origin=1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/55986/ Frame 0E60
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YehZTgAABTHFZgAZ&_origin=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YehZTgAABTHFZgAZ&_origin=0&gdpr=0&gdpr_consent=&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YehZTgAABTHFZgAZ&_origin=0&gdpr=0&gdpr_consent=&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YehZTgAABTHFZgAZ&_origin=0&gdpr=0&gdpr_consent=&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
date
Wed, 19 Jan 2022 18:32:50 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/57304/ Frame 0E60
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAzMzY5MjY2MS03OTU2LTExZWMtYmY3MS0wMjk2ZGZiNTFkNDc%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEAsqkXy4kc6R6rtFGOT7LJI&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAsqkXy4kc6R6rtFGOT7LJI&google_cver=1&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAsqkXy4kc6R6rtFGOT7LJI&google_cver=1&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAsqkXy4kc6R6rtFGOT7LJI&google_cver=1&apid=UP33692661-7956-11ec-bf71-0296dfb51d47
date
Wed, 19 Jan 2022 18:32:50 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
173bf111.akstat.io/ 		0
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://173bf111.akstat.io/
Requested by
Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/9E52W-759Q8-QRNWG-5DBLH-ZFZGZ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1400:b000:4ac::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Wed, 19 Jan 2022 18:32:50 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.6.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b1f538b40a37db8c2ebcdf9e21c876efe0d64f26a5add226f9dc2238e79c8df

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront), 1.1 varnish
age
980913
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
29170
x-served-by
cache-yul12820-YUL
last-modified
Sat, 08 Jan 2022 10:02:24 GMT
server
AmazonS3
x-timer
S1642617170.130154,VS0,VE0
etag
"3577d1f8c0b53a951076bd6706136f51"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xRgzaLfk55hlvgC6ua2v339rgPSFafhh-qQJ0Gthql5lOsE-09WpFA==
x-cache-hits
207647
Graphic.php
ca1.qualtrics.com/WRQualtricsSiteIntercept/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_a63DxjnaE0SxCkt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.8.143 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-143.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
a993e2062bd2a30415a8def633462599360a2b346c39c202682649ea43a953ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
content-security-policy-report-only
report-uri https://sjc1.qualtrics.com/csp-report
x-envoy-upstream-service-time
28
content-disposition
inline; filename=FEEDBACK%2B%2B1%2B.png
content-length
2909
x-request-id
21664781-7f50-4869-817a-6c4017eefaf2
referrer-policy
strict-origin-when-cross-origin
server
envoy
etag
"a017910d496ee2cd6ad5f17134251fcd"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-transaction-id
c40d7b80-c8a8-481c-97bb-3023a29fa573
cache-control
public, max-age=31
x-robots-tag
noindex
expires
Wed, 19 Jan 2022 18:33:21 GMT
css2
fonts.googleapis.com/ 		2 KB
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3be09b57f4ddbc74f8d4e72fea0807bf03ac934a74d71e841309558aefde7b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 16:42:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 18:32:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 18:32:50 GMT
init1.js
api.bounceexchange.com/bounce/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWAJkPwHYqAGIgZk2AC8QobMB3AUwCMdUwbgH1UAEyikaAVnyYATtxwgANnDQYChGjQAe+KR0Uxu8xfKjYAhipWoEAc2Fx5KqAAtgwAA44ApPQAgn6kAGIhoZxRAHRI7qhIVg4gwPKovIjcsSAAthHcCELywFb2OQXAEcDu3FZFEYoAbqjcnP5hKAC0FZ0gANYqVu65Vp288iBWYpxWAJ6doC6dcQlJIJ1NLZydUqRS+Pj0vY0wAI7eQkg4CLzA0iA4fbNw6Eikp1aUOZ04oPKz0U8ORUAVCOG8AFlSnZHABJAAiAXhlAAHPQAJwGYghQjggCqOFMCKRADl4QBNfAQgAqeOkELAEPwAHl4XjZgBlGg48EAKRAvGJ9Hh+DINEI0koxCoPO8ACVuN4QMVYWIkTSILMIRT8CTmBBdCTOBzSJhmgJgMIkCB+i0oH5KAAhEKkFTeF0BYJ7Tw+drSIIhaRhQNhKKcWLxRLJVLpTLZPKkIOhCqmEplCoh0LVWr1RNhTatP0dYDdQq9AZDEZjCZTGbzRbyZaRtYbbjNVo7Gh7OiHY5nC7cK43O4PJ4vEBvD5fH5-AFAkGJ+hgyHQ+wOYmL5FozGkbF53HeAlExGbsmUml0hlM1nsrkhg-8wUn-0isUSqUy-fghVKlVqzcalqOp6gaRomh6pAAMIuvIHoBnsHqUPC2A2n0doOs6eyNHBwROi6CBwDkvCmMIIAwMIVjFAkKhKMIihTDh+AhNBewqCADgONwYiiAgwgwIo3A4TANiEsxLpsRxXE8cI3ilP+pCesJKiiVBLrpLowhCL8QkiYJql7G2JESZx3H2DJck6cpeksaQhnyMIxlSfYlkqTZg5WN4wiEgUwjmoILnWS67meTgcC8DkghCNxdkOAJCABWJBmJCFYURV4UkxXF5mzDMtgJfptnJV5qWRRlhSpqUCDlIU+VuUVoXhaV3EIIWtVBfVJXpdxNQ2NUbVJR5xWNV1FEuMqVj9YVg0NWlUXCDkyoIGu4LOQhQRKa57XTZ1c3ZnUpiTcFQ2zVJ-HiHM3C6P5a2BBtgUDSlw1zaw8jxTdd2JVNj0nc1HmmM0th6Qp626Z9R0zU1MkPF4aQZC1h0dU9UmDH0g4gIgwCzAj21I9xViPFYORY+9oMFeDO0ZXUYhpAgfRiCA2PfZD3AqA4q3A7dpN1TjP1eej1SgJwb0cx9ZOI7zvCoe0Itc1tTMjWI9hrozx2QxkAgtTg0uKbLD2qyNIDeErGAqxDI3ZvTy2mxT3HgsqwDayDVmfYMvzmeIDnsWZYj7ZNElmbJHv0DQwg+7Mjuc87BU+0IaDlMIxDSKHcwR6LNmUWgSA0b5Ww4AnSdh6nuukLJszVcA1oIDAqDyOU8k61HNmu5aqA5N4iha+gwsN5trH45a7Y8NxcSDn0-MJUhn1iA4oQ178AAykz10EqRwPdpDuJRYgbhzLqkPQjSE4QcA0LyADivLcAAWiSvAwAA6gAEvC6LuKQHK8vIYgAAoQTZygwGADvT0e8D6E2ICiXklJCIwHJDADk0heS6G4KQM+ugYDuBwOSP+Lpp44QwmpHA39NjoxwJBOAvxcgHRJo3QhHIwo4CQLDahMtnaTyQmaSiOAADa-teILR9ioAAurAXSnD5A8OaGIbgIAZIdwqCIu64ieFZxaIUCitthhC0UWIw+EjuGl1yioORSgFGiKsso7hdsEDKAkfETyI8kB9B0RYvRPCM7URELJTiIjV7cEsQRIiJEyIUSolnWi9ExAiLkG47hC1CjuBULMUJmcaJ50iSIjgsSPHhOEAgQm3ARGWMcqZXi-FuCFPMYSYp7ETLSUDlEqp-jYml3LlaDA1da5cRcdU2JDVGFpAuF3TSsxvCVKUbE9SmklDAB6c0rhVirCcAcqgBwnhJYaT8rMppli7Ke0kqU92jSJkLL2SUniczLGqIqBo0OHscBaMubEkAjRTCDGSaFbw7clACAwL4+Qa8rlWF4g8kAyyXlvLmE8hZUwVlrMtH8nZsTwYVN4ls6F+jya42EJlVFGKeFYt5rinyhibDCKRac8WzNyrFEquXfF3DCWQxam0BlTKRo9RUNUNlVKRpWDGvIKwPKeaQwWq9ZaRsEDCvlrtHqRRpX6zmmdMOl1BAKrNs9Ra6qbZ5L+vIAGNFtXYqVL8GMcNxm6MpSKkaKM0YY1mEa3m+M+iEwdRSzFvK5o5mpvYOmIBHXM1ZvYANI1lDqE8GCqV7qCWeqkpLfoOAQ1zUVktRwSa40UPsD89N3FDbGyjScj11rZVcRAMtHNXlfwOwZZvL+RiTGEkKAysQMBPI1jELwNiTiRHWNsZY1IGAkA4uSgynJ2c0DAENVABUg9AzwSDDQak8Qiw0FQCuhAKQQw0FmOjWCeYaDDHKOCRAW7AwAFEFKJhRNyRM6IUTMgrIeiapAmKJgvYGa9gZ0Toi3ZBKhW7InEwXTAZUW7n0LsFYrRIC4F0sq3TkTN0Hoi7MVn8VANhhCcGXWM+y3zG3bMLTw0A-cSJ4bMYR7hgTiL2TtsUPOY6Im1GOZa-RpLbCkAbWYrJCzeBWCcdXWwodFRsTLmYyx9hrQOCWqAYQnaJx9E4026NjL6qos0suzDFTnHKdeWEjDDgyWmGSd4i1riFnNyOfs72+0GV8Ms8HZO4dR1hOztaDGmTLEAMtGx4xZGlMUZjtwOOIhE6OcTcphjOdCz5zCwyweUlHFj3UOZN2PBuDaYowxvO8XuLlCKJh+w9NODRN2UVYjvxSPyP8yxmNg1yv5d+MCn2X8BDMC8VVgjNWDFzHLpXTpdcGUDNUL5yiSRBXeHcMIFEg2mHDfMoK2KHlJuigZSBrpNGGFMPSKYWz-dRBtw7r8gtXWLM5atDUJx-MGVICQNxOwvwGWKDZvWlmqz0jZwoTtpF0iYAqemmp9F33uC-bsw04QDnC6XOtLaEQoBZGDHkJxHZvBvDsEwEF1H3ChGYAuHgFCbc7DAqQCIGAgwHCWEaJvSwtbTISH3ofHIx9T4X2vrfB+z9X7v0-j-TAXnRB07ATkCBUD8AwLgQgpBKC0EYKwUAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
43658f52ad67036e5980b67dd3372146180e3b34749f0655c8d885098b664430

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:32:50 GMT
server
istio-envoy
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
45
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 07:31:32 GMT
x-content-type-options
nosniff
age
385278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 15 Jan 2023 07:31:32 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 12:55:06 GMT
x-content-type-options
nosniff
age
452264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 12:55:06 GMT
bulk-metrics
us-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/bulk-metrics?tvi2=5682&route=US%3AUS%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
usync.js
eus.rubiconproject.com/ Frame 8C6F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a148a5ed05b066010db63ac8960223775c52e0edea2967e5ae0168d3072214c7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33921
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Thu, 20 Jan 2022 03:58:11 GMT
709996.gif
id.rlcdn.com/ Frame EF1E 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
dds
rtb.openx.net/sync/ Frame EF1E
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=1dm7NI3JiYW3d9vhzRZS7w==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
oeho3s2nbqsp63eoj3klqkq6d7ebip20

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EF1E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=ab0161e8-594e-4b00-90fe-576cb3984342
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=ab0161e8-594e-4b00-90fe-576cb3984342
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 19 Jan 2022 18:32:50 GMT
Server
MT3 4133 baa842e master ord-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=ab0161e8-594e-4b00-90fe-576cb3984342
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 Jan 2022 18:32:49 GMT
sd
us-u.openx.net/w/1.0/ Frame EF1E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=35045f58-7956-11ec-88c6-5d8ea439b083
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=35045f58-7956-11ec-88c6-5d8ea439b083
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=35045f58-7956-11ec-88c6-5d8ea439b083
Date
Wed, 19 Jan 2022 18:32:50 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
35048669-7956-11ec-88c6-5d8ea439b083
sd
us-u.openx.net/w/1.0/ Frame EF1E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame EF1E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=0cf142f4-7f48-0d2c-1be2-0f802d83a959
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=0cf142f4-7f48-0d2c-1be2-0f802d83a959
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=0cf142f4-7f48-0d2c-1be2-0f802d83a959
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=0cf142f4-7f48-0d2c-1be2-0f802d83a959
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
vast
bid.g.doubleclick.net/dbm/ Frame E1DF 		20 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CIRbLQoKSO2QfGQfDUfSZcp2deZPsar-qJ20qJQ8PtN695JyNyLCWLEIUCqRd38aAEkHWDpK8WScWDfAVE3Nf4XdwRLw&cry=1&dbm_d=AKAmf-DrE3VT1rXLGMhveJCiKGMa6BHDupdk9_LiNZJvFB9Fs4DGn3SqiEif4CQqPz11oe_5UPUzzaFEgQcXeETRwzno_1_TBS6pHzmAFzXYevh2LPKdZkLk323bpyQUK3qmr1bMOouioTSUaQnjMXGI_1vgFak-fzVyvuvOj8dz0YlklDUiSQ6sZcAsWJgE7onz69gay_fv9ZvSoAYIY6xqVnQOaSMba9BQEWL3jDqzsRTBBdkj5rHCcyotBBkOhWuETNrk6uw0XQ3moGWB8FV0EWzjf21Q-VlfI_5cR3SGflZfoePSUlk9yBaMsDf6UK1AIriTNxtO4mo0mD2pb6JLjAX9azCBTyoOl6WBLivBOllt_-2rFIv-g3efwutxhBgnoyegqu8INVZPolfu4THyVXAlFBLjJjrmaNz40K0OtvUY8EsaLcs0ICEg3NbhmlFlz-K3Hqzr7CSlbwjJvmdrR2Q71WI-fx-SkTTJvVyTLEssP-c3vLa27WR2xVOIYREEzc9klRRAHi6dba5depZzv2cdPjUOoJsRrcEsdWdTvqXUzoQ7G-p7OmxWuQ01iZwz8oXgWO5YuhlHywhhbSVv4z9k5ox-pfqjQyo_eptbciF78lNnbexeKMcOJ-bnTPfRfJVqBeGXqRxkcXIhNnBhTI-gEMtTAiE7MguvAE0adkVlQArJvM-p_mdim0hrkRiC3JKBYBhm82zBzwCZ28hjZ5BYRfzvwx28VXyWVDQAzlNkdfOrHYww26xD7H2V8n-p5sn90xhpWeK2TocSlnPGUqeNbcCybJzY656yJgprpzjTkdCdW-C2ItgtlGtrWHInLT9mHMmNuPyD5T_TLgy1RpBmkzNrTrWLcmAbpa5tK-dWXWR8taDzmj1sm8mMgRy0_-y8e1XkQMx0l7CSOAG1UrOsWYZypSfuUxDR32YOX1f4iTLWrYs0CEDRIgGn6p5SNeq7kubMIhY5XdiHE9z7C7Xyx57cg3NMPW5Hv9ZaKP4huLSmWICfvEqLZBeTqZmC7Be3rDcKBq746xme8F7btdPSQsNl27LvAIf5oe0fujPDTkVUlpzHztRoPKwQnek2ouvQZo8uca_vPv1-oPxeIDGBvcY908IG9KRz3z0dfRu7w4rVEAzjQUWnx5QxUoqG4GMws8PpAwznmqe4QTlUXYEmZRvtCvLJLXy2BGm6Ko-Ph6KxaMGnRD_TwgwZVQFy2AF2BydEddv_Wi96hOXkTTKPsOQrzG_gzhjLwqjFl9dS91ytdwggcHIj7_WCUwF-dKbGReChEpGbABe2-jsoZJ7rT9Vs5_3UlKYMkpCyikAYV5Irh64tdpXmWhAp4COmUmjLSo6mDVLbgT6IdwkQUnKE8_IaEpdV5AgLL0KVlfoC6NFN9OorUieFfnIISlWmCLn0XXC70-oby-feMA2VGMVSxc2uD8eg3UkXyPNvkQq1J3MigiRC0U99o7HKKWZh4gGeqvw0cu5lECC-NFulrQXTzn-DbbCWfgnAdVv1RHjobxEcMIds_WkiFOW2miZ1aaAl9grYgOx815__zyzwz6dXm1JnHQR-bmE-5uiitn28y6CLXcBAgOGw2O5ZA3UDFSKXiNVERyRAhbNApPxPcjqJWKimV5v9A5MjpKNokH0VNk5yJhHoczRssxA5HYjpCI4T1-YjvqdbI1Aep9aJMUYU-pF1ZHw_IELPoLnf1nOGKreEWqdEJS88WOumi3zJ5HRCEqC_KOIAhvSfiS0DP4qqMtaycfzXlAN-CB9H0bEhJ3Rp8mUUp5I_Bsi7Mnxcdf4V9NBM4psaAL75SGqS4N6Cmsp9-ms1MGjxFvcEHI_SxkJ5ClLUUWRGw3FM1RwGy5wmLXsmwAm2kbnuNs5onl9fHJLFh7rlZPRgzNBdEIOlqRPvSYyxAyqejKVJxrjHVj5vES0IxtCx7j2_ahprVP-mBkYsZ69LonXMFsSkjn6tIpyB8TgkM9U_4zbXgvoLnrncRVfjWayj1NJxIE_9jdpB_4FGPQ-VGEmqfb8YatayOtW4a5-I-Fj8rIPOwqpo5Y7IRehIu8qfPLlR8rf9JsUUKbU4QV2j2Pct4n4TzwyPY4Hp5-pCZ-WE0OucwrYWhYiMdalLnTt_ugKii0nAxosShQ52N8Urlj-UkTWReLNFEi8sCLQKPEe3XWO_pmS69JTgvwXkvc2I14BaW7VMM4wBVs0nJbWWH2DUHW4ICpNU4D43z8OBb5ZMhUr-vVXZZC1l4BAPNkLX8EyXV_1VnCcbdlopqGk2MqixxNwntFC05cO4weuRayCHDp8oOcgLcooQHaBtS3xQAoRXZlbYsnZ5Ns9nvhLgU2Gi4QfENPOjdC9tL0gBYwdIj_nmplgLdhNfDOQIJDrCKnbdb8nP3uDANGe2ReGODfVvkprnuOs7LfUgzWkhVFVXPBo1gxYGJ0m79MTOFcRtg3xNObF9vFLaxq7F9YSQ5iDFJOkCCoefrMg5jpiqYYb5kBNz8D7BIIa8E8qUFZUe9h_awcLFFC9A6SBG8Ga8ZRw2C_OdIcaLUDE_pMAgjdWdve7jePpgLM68qNn9aHkeVUa8x9lj9TMpg188bvYgujHMHzcuWetoywYgxRt5HWnGakstvMJyovfpSLsS450thqB-BZOFg-D-qDX64Tl6KxqUiAvkbVVa_i9YdEk3BDa9JlE5uH3dape_BdcDc7S773hInBzHsBAeVIrf2iuHu0t1WoXty1In7-SGPKINDzjWiCSjAdRPMo6jadMpbWEBDVYgPgSItXEWdsMpfWzD3MSDw8EqJSwlAFRQuMvYBDjyu_EW_pQoFMyT_juCxTcmhtrVyGilwDHt4DJYJPA3MOm0eDYRU98yt5JbTEJFsAfqBY7G7W2v2GhprQcAeKPWE6K1AWSEtKQ8i8YX9xBGrH47wkMMJNWcnCqtLxQLVd2wXPXnOljlLm0WHx9Bg6R5dspgE_7qIQMZTCgUxNMz9nBfD1kTwRzL0eOvehVcSRBjprDTeufq8Dr8JOaxrkrAyWev8nVeKBoyTOcPg-zRFxef2YaG2IuEwWzXrLHsLBjXVCaa-3ffLIbXBZaZwUqKGCwbfutQYh8cmcmHXITZup7k7Og3Nq7qOLWWT4OvMutydFdzRK0hG57wOX1DK3mHE6s7hCUOKwq3QxPOLjJRibURYkXmT7Xzgf83jSIfebs_EZhQxWVvuxt99CeCzFF607UOicJijBCmAFnaWsd9aOzC8I30FuDrC51huBbEoJwL-8Yh6-h1VdFLHy26i4zNo5739gql9lna0dr5dRMvgwic-533ua6loI5BoD8uj0ILIgSNRihaQ1Zmbu9xhFTeDmBlb05bs2k6sPdgItPueHi2reefTGnialqZd3QfVwSeKgEi7xcvPjJ9IfsvH2kLuOAYerB9Zy1bwwWA8pgNsft5un7GV5ncl0hD7gIBBrZfTJ5SWLb-x2mYRZGCtC99CXL2d1j7D0tyinwQ3A&cid=CAASEuRo2nwReH5m8zdZM1pN5WskgQ&sdkv=h.3.495.1&osd=2&frm=1&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=475298054&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=E9CEB646-E098-4E81-8988-7AAF4E5EB2FA&nel=1&eid=44738438&top=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&loc=about%3Ablank&dlt=1642617166795&idt=1480&dt=1642617170338&ged=ve4_td3_tt2_pd3_la3000_er2392.441.2550.747_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f154.1e100.net
Software
cafe /
Resource Hash
9007fdfd87c232240845c1bc50533856b88d30ef94cf9e67f2e07dcde9b5d37c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12344
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kylvunvf&c=4731811772614&slotId=2365905886307&met.4=hvd_lc.kylvunvf~hvd_src.kylvunvf&umsem=0&ps=550x309&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcd.connatix.com%252Fconnatix.player.js&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~kylvuod6&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcapi.connatix.com%252Fcore%252Fpls%253Fv%253D146566&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~kylvuod7&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcapi.connatix.com%252Ftr%252Fsr%253Fv%253D146566&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~kylvuod7&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvid.connatix.com%252F8a76dcb9-d432-48f4-9931-6e6c436b1477%252F2_media.bin%253FplayerId%253D86a47210-1aa7-459f-bf13-d3e0a5356ab1&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~kylvuod7&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fsdkloader%252Fima3.js&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~kylvuod8&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcapi.connatix.com%252Ftr%252Fao%253Fv%253D146566&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~kylvuod8&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvid.connatix.com%252F8a76dcb9-d432-48f4-9931-6e6c436b1477%252Fplaylist.m3u8%253FplayerId%253D86a47210-1aa7-459f-bf13-d3e0a5356ab1&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~kylvuod8&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcapi.connatix.com%252Fcore%252Fus%253Fv%253D146566&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~kylvuod8&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvid.connatix.com%252F8a76dcb9-d432-48f4-9931-6e6c436b1477%252F0.m3u8%253FplayerId%253D86a47210-1aa7-459f-bf13-d3e0a5356ab1&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=b~kylvuod9&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs0.2mdn.net%252Finstream%252Fvideo%252Fclient.js&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=c~kylvuod9&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvid.connatix.com%252F8a76dcb9-d432-48f4-9931-6e6c436b1477%252F0.mp4%253FplayerId%253D86a47210-1aa7-459f-bf13-d3e0a5356ab1&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=d~kylvuod9&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcapi.connatix.com%252Fcore%252Fus%253Fv%253D146566&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=e~kylvuod9&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvid.connatix.com%252F8a76dcb9-d432-48f4-9931-6e6c436b1477%252F0.mp4%253FplayerId%253D86a47210-1aa7-459f-bf13-d3e0a5356ab1&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CF0B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=f~kylvuoda&c=4731811772614&slotId=2365905886307&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcapi.connatix.com%252Ftr%252Fe&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ffddbecb-9a16-4188-bed3-c06f3555dd1a.webm
cdn1.extremereach.io/media/107116/165625/aa1c5d5f-0b11-4911-8984-d47225db8c35/ 		3 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn1.extremereach.io/media/107116/165625/aa1c5d5f-0b11-4911-8984-d47225db8c35/ffddbecb-9a16-4188-bed3-c06f3555dd1a.webm?line_item=15419412&cid=188419&e=e.webm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8e00:1d:e9ba:f480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbbdd33732199f781d74f68055b95d7229ae98fcb4a07191baf4128824ab89f2

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=3735552-

Response headers

x-amz-version-id
null
via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
etag
"579e3b3afc384f7b29ce129558fc192a"
last-modified
Tue, 21 Dec 2021 16:59:50 GMT
server
AmazonS3
age
48681
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/webm
Content-Range
bytes 3735552-3738698/3738699
date
Wed, 19 Jan 2022 06:19:04 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
Content-Length
3147
x-amz-cf-id
AkEIzJgsBE52bcrcR-XnvrewjiznFEg-WGzO6XuLDfPrIidPT7srRA==
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 64A3 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CPvNeUFnoYbTmLdLm18cP_Oqs6AXi7pGGYY3RkM3FDvAuEAEglYnTIGDJBsgBBagDAcgDE5gEAKoElgJP0B49zt3YcyA48Fi2857zL9NUiSgz0JhO5RsF_1EZZpuO0iO9G6h7DGg6g-FjbLx31B9x4W8cB2jI5GZSWnzDZ7l-H1vbiMzvz2YVayygqtSNa4-Hoo713BHBvVNDSspfCA1DZ1sTGc5sCprq16AJyaFFqNxyh0G4BR5IAy869bgkoiHe_wjGZ92oJ8hzFblRQ8Y64j1fPwe17tQ2Z4FJnfgePNCmclk-G_cgqlswv7YpQrcRLr4cNDJS02ciz4DM5Dc6J_HbQVnvOjFHP4v-BX6hZZM8HJ2Hv5vAuh15XNCntVPMBm8ZnhpT7ycmrS5rASBH9QdFVnXKJbqkiSZm3GbAOYhp6nhC4dI-6cLI4QCzlx4XN8AEk4SM5LQD4AQDkAYBoAZ5gAep6pyrAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTYxNjYzMzY5NTYwNTkzMDOACgPICwHgCwGADAGwE_rZ0A3YEwOIFAHYFAHQFQGAFwE&sigh=KjzRvmqq56M&label=video_ad_loaded&acvw=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5772plioKUO9tNX&Q_SIID=SI_06BSWY5hWTyKuj3&Q_ASID=AS_23470694&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&r=1642617170418
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=tribune
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
10
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
64b1862f68adb5ec
cf-ray
6d0225e32f8919bf-EWR
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 		256 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2373441
cf-polished
origSize=757
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time
7
cf-bgj
imgq:85,h2pri
vary
Accept-Encoding
content-length
256
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 24 Sep 2021 19:50:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=315360000, public
trace-id
236a9b5366084aec
cf-ray
6d0225e32b6d8c60-EWR
servershortname
expires
Sun, 21 Dec 2031 07:15:29 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 64A3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 06:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Jan 2023 06:04:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 64A3 		0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4nZ3jzbpLnzkKpiFQIvQfoBw0L2MZ6rdkZzQAb42ABTnIABM1gnasqh-DQkTIMEZ3fTXKHbtM0IirzE-dInbrD9CCwaH9cIoVU9xQ-PWqP_6oBl0wPt7VjYIDyt_-t7om_c1kINLd3SpZ0qIVqW-ebFO7PEmzRiZ6LSaun4zHLqk7TNraY9cvx-491_LxywfJx0SthL4SzKma0S498SjBwBQ39qm2qSdazws7c8w_sEO6sZ-9YK7rCYLB2SMGni55Rw8dRgnXy-0xoJaei2TWQ-BG9geoJyRF2u2Fv7rVdwjeLFdBOeMEbwQfajdTtZEEzyFkGH85sa8d4SMGw0N7deduVTJ7SqMqii7sPTkZ8PoMQI8Tc1YJDM3Cj0cZtt5nmCbzPnE1dSf2jyztY-c1ca8MIS4akK-3p-JjsLNKgav203gpVcIr0S0_jwpBDoiWOx8lNMlJaJ_cPNVO4_hqr9kleTsgI_fctf7P-yIAXKy_EjnTt_M4-Tnsef13yg5AIV7B9VVWqchAos40j_uPbCWK7slYaLTLqQgIzvOLGnpENlmrHdW8PwA3Q3ofRKdy3yxZU-gQdBJkZBijgrzODzlf-KPNL9EaUYyN18D1AGLYrvPQzak4aBd3TaBeY8zI57dzBKBQlLcliMb6ZtOFxsKJjGyostDZ43A3hzPtVUdiDOkcJ1asR5nxqNYbIpHc0D_clu4m7O-sjGwtNA_A8obG3kzsoA2LP6jRBn3nmO90YdLm4ezLbAmG5_U3ooDgD55ByQ7Xzh6gk384NnyqKjFlpZzOsnAVDm24owZuzpdqlmL_q-212wXAUsLt7u0e7GvmhV1i48KxeDRLL_9kW8uMLwKpueqobvKeAKLNhSz7wz3F8PX-kk5fHc4j3-cCEfw3A1SOI1gmy7mYL43lnaXG9OeP4YNulUfQQD3_C71TcA45Nyt6c3_zxzSQ1ja_oFwD4zWMz0AkNBh4W5qfM9SVNdADpdWFrWsyArmdfysBY5oAoC-EZtVY50SeOkqZB8oi6JKC-DKpHW2b3UMY-39Z1Ks0G-8kMg0-yzR_GE_cFoDR68_TLfA4kE-VPjwqCZoEXGsOS4X_xWMNoy-IQTfj-Cl4i2oJRQQl5hYFl6Y8gJvk1gCr_c98rYp_7Zlba0yDdO5BjdzyPuUM2dGc9RcjkMaFj4cYFZhTBceGuXSVp8mwy2c62Wnq6TTIeZoTXMQFfsspyh0FvkhOrgRBnz1v-efy4IckjGr_T81xfLAZg2yWww&sai=AMfl-YQ-kGHX3slPDWrT-vanqQx-rd3ur_zKlnkqMDIKbmBShByeSQV8-GFVYN9ZCDoKd2fpnH5B2Tci2obAQf-EkuMCzqUz-7S9MQZirfgF8k0-8-RRUYnJFMlR_0DO31QdpVWvMGLyDgkPT63GOo9HLRyMmtaEwQ&sig=Cg0ArKJSzFEAtTRudGjkEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.495.1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 19 Jan 2022 18:32:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 64A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqaDBDDmrACGOjE67cBIAEwAQ&v=APEucNX10UfSqgeaJ6L5h7xQKBo0A7DT-srmwdiym8GRsURwyoLXyouDN6E9aYKP7_wH4X-AqBdlAYKuG9vStwhAz2YXcQeJZA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel.gif
cdn.blisspointmedia.com/assets/img/ Frame 64A3
Redirect Chain
  • https://beacons.extremereach.io/cp-imp?cid=188419&creative_id=24373124&line_item=15419412&companion_id=0&er_ts=1642617169&session_id=C0SCZV5e8VsllbIqQQFXrR1642617169&er_fp=8913f5ae6e02ee82&subid1=n...
  • https://beacons-ipv4.extremereach.io/ip-sync?fp=8913f5ae6e02ee82d758098b5c43dead&forwardto=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%2Fblisspoint%3Fbuyer_user_id%3D1-61e85952-36bc388053cbf80c5...
  • https://match.prod.bidr.io/cookie-sync/blisspoint?buyer_user_id=1-61e85952-36bc388053cbf80c50107a81.188419
  • https://pixel.pointmediatracker.com/bsync?beeswax_id=AABB-E7D0LMAAEHRhEm97A&buyer_user_id=1-61e85952-36bc388053cbf80c50107a81.188419
  • https://cdn.blisspointmedia.com/assets/img/pixel.gif
807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blisspointmedia.com/assets/img/pixel.gif
Protocol
H2
Server
13.225.214.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-29.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 759533d02225fb7e951ea4dc2b01fd48.cloudfront.net (CloudFront)
last-modified
Mon, 08 Apr 2019 16:24:44 GMT
server
AmazonS3
age
62069
etag
"18b3e43abad26bdac6f4cea944777b62"
x-cache
Hit from cloudfront
content-type
image/gif
date
Wed, 19 Jan 2022 01:18:23 GMT
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
807
x-amz-cf-id
E_dJNpbwSzGXTEMm_u_PnU_nbuKj4D-r7hhUi4YzeD9PWa1qBZ_dUQ==

Redirect headers

date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
location
https://cdn.blisspointmedia.com/assets/img/pixel.gif
x-amzn-requestid
62d619e6-15ec-4cff-a4f8-f58e54e40ba5
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61e85952-7533338808f5163872829ee6;Sampled=0
x-amz-apigw-id
MNLk_HUNvHcFjJA=
content-length
2
x-amz-cf-id
ek1-rnL8QOQkhpR9xQMkEOLT-nnCgXpDGpAl3PTsCKYfTwNOIVD1IQ==
r
ir.surveywall-api.survata.com/ Frame 64A3 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ir.surveywall-api.survata.com/r?eid=679b73ed-0e38-4db8-a712-60766ed1e5a8&cid=noValue,noValue,24373124,15419412,noValue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.130.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-130-42.compute-1.amazonaws.com
Software
nginx/1.19.2 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:50 GMT
Referer
ir.surveywall-api.survata.com, ir.surveywall-api.survata.com, ir.surveywall-api.survata.com
Server
nginx/1.19.2
Connection
keep-alive
X-Powered-By
Express
ETag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 64A3 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CPvNeUFnoYbTmLdLm18cP_Oqs6AXi7pGGYY3RkM3FDvAuEAEglYnTIGDJBsgBBagDAcgDE5gEAKoElgJP0B49zt3YcyA48Fi2857zL9NUiSgz0JhO5RsF_1EZZpuO0iO9G6h7DGg6g-FjbLx31B9x4W8cB2jI5GZSWnzDZ7l-H1vbiMzvz2YVayygqtSNa4-Hoo713BHBvVNDSspfCA1DZ1sTGc5sCprq16AJyaFFqNxyh0G4BR5IAy869bgkoiHe_wjGZ92oJ8hzFblRQ8Y64j1fPwe17tQ2Z4FJnfgePNCmclk-G_cgqlswv7YpQrcRLr4cNDJS02ciz4DM5Dc6J_HbQVnvOjFHP4v-BX6hZZM8HJ2Hv5vAuh15XNCntVPMBm8ZnhpT7ycmrS5rASBH9QdFVnXKJbqkiSZm3GbAOYhp6nhC4dI-6cLI4QCzlx4XN8AEk4SM5LQD4AQDkAYBoAZ5gAep6pyrAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTYxNjYzMzY5NTYwNTkzMDOACgPICwHgCwGADAGwE_rZ0A3YEwOIFAHYFAHQFQGAFwE&sigh=KjzRvmqq56M&label=vast_creativeview&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30030%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2666%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1642617169715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2oOD57m-9QIV_tIoBR1vow1QEAAYACD0laNMQhMItM7h5rm-9QIVUvP1Ah18NQtd;met=1;acvw=sv%3D915%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 64A3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2oOD57m-9QIV_tIoBR1vow1QEAAYACD0laNMQhMItM7h5rm-9QIVUvP1Ah18NQtd;met=1;acvw=sv%3D915%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2667%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1642617169715;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 64A3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaTsEECAzPvJB4IKfFRwl2gslSuBjaV9ifk0q-B0bom3W353abekLrwu4xohxkjpyRNfIPCJwDXd8M6N63PpsI7TjRXAkq-HsxLg&sai=AMfl-YT5WLpB2O96n71ws6wIKH3yZGqQqAW7OZbttTMC8FJ2Y5VNj27JVOF3W8IG1jVTvCRbmGBAR1Bz_3IBM_CzeG-eC1GHoasZp64ZYCeU5V2s7faCifr7CUzaVDq8&sig=Cg0ArKJSzBiUhNhyN7abEAE&cid=CAASEuRo8bxImuZfGyTICPHSarE4Tw&id=lidarv&acvw=sv%3D915%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2667%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1642617169715&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
duration
beacons.extremereach.io/ Frame 64A3 		35 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacons.extremereach.io/duration?cid=188419&creative_id=24373124&line_item=15419412&companion_id=0&er_ts=1642617169&session_id=C0SCZV5e8VsllbIqQQFXrR1642617169&er_fp=8913f5ae6e02ee82&subid1=novpaid&er_ar=0&us_privacy=%24%7BUS_PRIVACY%7D&percent=0&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:66e7:fb12:6f41:d484:66e:dd06 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
image/gif
content-length
35
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
dc_oe=ChMI2oOD57m-9QIV_tIoBR1vow1QEAAYACD0laNMQhMItM7h5rm-9QIVUvP1Ah18NQtd;met=1;acvw=sv%3D915%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity/ Frame 64A3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2oOD57m-9QIV_tIoBR1vow1QEAAYACD0laNMQhMItM7h5rm-9QIVUvP1Ah18NQtd;met=1;acvw=sv%3D915%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2669%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1642617169715;dc_rfl=1,https%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%240;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 64A3 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CPvNeUFnoYbTmLdLm18cP_Oqs6AXi7pGGYY3RkM3FDvAuEAEglYnTIGDJBsgBBagDAcgDE5gEAKoElgJP0B49zt3YcyA48Fi2857zL9NUiSgz0JhO5RsF_1EZZpuO0iO9G6h7DGg6g-FjbLx31B9x4W8cB2jI5GZSWnzDZ7l-H1vbiMzvz2YVayygqtSNa4-Hoo713BHBvVNDSspfCA1DZ1sTGc5sCprq16AJyaFFqNxyh0G4BR5IAy869bgkoiHe_wjGZ92oJ8hzFblRQ8Y64j1fPwe17tQ2Z4FJnfgePNCmclk-G_cgqlswv7YpQrcRLr4cNDJS02ciz4DM5Dc6J_HbQVnvOjFHP4v-BX6hZZM8HJ2Hv5vAuh15XNCntVPMBm8ZnhpT7ycmrS5rASBH9QdFVnXKJbqkiSZm3GbAOYhp6nhC4dI-6cLI4QCzlx4XN8AEk4SM5LQD4AQDkAYBoAZ5gAep6pyrAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTYxNjYzMzY5NTYwNTkzMDOACgPICwHgCwGADAGwE_rZ0A3YEwOIFAHYFAHQFQGAFwE&sigh=KjzRvmqq56M&label=part2viewed&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2669%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1642617169715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2oOD57m-9QIV_tIoBR1vow1QEAAYACD0laNMQhMItM7h5rm-9QIVUvP1Ah18NQtd;met=1;acvw=sv%3D915%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 64A3 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2oOD57m-9QIV_tIoBR1vow1QEAAYACD0laNMQhMItM7h5rm-9QIVUvP1Ah18NQtd;met=1;acvw=sv%3D915%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D39%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D39%26pst%3D-1%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D39%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2673%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1642617169715;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 64A3 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CPvNeUFnoYbTmLdLm18cP_Oqs6AXi7pGGYY3RkM3FDvAuEAEglYnTIGDJBsgBBagDAcgDE5gEAKoElgJP0B49zt3YcyA48Fi2857zL9NUiSgz0JhO5RsF_1EZZpuO0iO9G6h7DGg6g-FjbLx31B9x4W8cB2jI5GZSWnzDZ7l-H1vbiMzvz2YVayygqtSNa4-Hoo713BHBvVNDSspfCA1DZ1sTGc5sCprq16AJyaFFqNxyh0G4BR5IAy869bgkoiHe_wjGZ92oJ8hzFblRQ8Y64j1fPwe17tQ2Z4FJnfgePNCmclk-G_cgqlswv7YpQrcRLr4cNDJS02ciz4DM5Dc6J_HbQVnvOjFHP4v-BX6hZZM8HJ2Hv5vAuh15XNCntVPMBm8ZnhpT7ycmrS5rASBH9QdFVnXKJbqkiSZm3GbAOYhp6nhC4dI-6cLI4QCzlx4XN8AEk4SM5LQD4AQDkAYBoAZ5gAep6pyrAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTYxNjYzMzY5NTYwNTkzMDOACgPICwHgCwGADAGwE_rZ0A3YEwOIFAHYFAHQFQGAFwE&sigh=KjzRvmqq56M&label=admute&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D39%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D39%26pst%3D-1%26dur%3D30030%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D39%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2673%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1642617169715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2662 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.8.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-8-253.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=124563
expires
Fri, 21 Jan 2022 05:08:53 GMT
date
Wed, 19 Jan 2022 18:32:50 GMT
vary
Accept-Encoding
23vam48JY1umfYfS5Jxe2GxfhsY
dfp.bouncex.net/pub/segment/ 		2 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/segment/23vam48JY1umfYfS5Jxe2GxfhsY
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
*/*
Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
via
1.1 google
server
istio-envoy
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
clear
content-length
2
/
www.chicagotribune.com/arcio/rss/category/news/
Redirect Chain
  • https://www.chicagotribune.com/news/trending/rss2.0.xml
  • https://www.chicagotribune.com/arcio/rss/category/news/?query=display_date:[now-2d+TO+now]&sort=display_date:desc
32 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/arcio/rss/category/news/?query=display_date:[now-2d+TO+now]&sort=display_date:desc
Protocol
H2
Server
2600:141b:13::17d7:823a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4616d3b636053cc63e0c2f09e9bf57fcffc699d097f00f38332790f4d4740a1d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

arc-organization
tronc
date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
gzip
arc-service
api
arc-context
index
arc-deployment
tronc
arc-route
/feeds
arc-servername
api.tronc.arcpublishing.com
server-timing
cdn-cache; desc=HIT, edge; dur=1
arc-org-name
tronc
content-length
7747
last-modified
Wed, 19 Jan 2022 18:30:54 GMT
server
openresty
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
*
arc-environment
index
cache-control
private, max-age=120
arc-application
Feeds
content-security-policy
upgrade-insecure-requests
arc-org-env
tronc
expires
Wed, 19 Jan 2022 18:34:50 GMT

Redirect headers

date
Wed, 19 Jan 2022 18:32:50 GMT
server
openresty
x-frame-options
sameorigin
content-type
text/html
location
/arcio/rss/category/news/?query=display_date:[now-2d+TO+now]&sort=display_date:desc
cache-control
private, max-age=72
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=16
content-length
166
expires
Wed, 19 Jan 2022 18:34:02 GMT
visit
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLoATjcZdVU86kYXSTYAZRQAMxQkECd6V3dVADJQCBgkBFrkXqQcTvAoaAo+HjRTdARYJFIcNMhIU2FqFuMaejptugEDxni0kHj0AkhGm1hMBCPsvdosSGRIFB4c7EfINIQUF6Qj16oAQQke8UgAFpnpCCBEKGlsihITZMiheAIUABPSGQAjzSHHU7nSHAkCgyE6ag6SSSOSw4C1ACOphe8TAmBskHoBDAESxsBABHi1CZKBcWUhYDxSCxjGWWVI2zktDApjw73CmDQAEkACLKvUuAAccjykmomg21FUaoAqogkPrDSI9QBNSR4MR2+h4ABWeEkAHk9XasVVWNbbaYAFIEGzOjZyPWSdQ6VT0FzqSQuPbRgBKCFMBCQkB1vENXoAili8O7JCIiFXdCIBFVqCNutBemACKRYJAhZhdDhJKpmMxO2Me32B0OsaOdJOumN4vA8VlgA0QCgbJYwDhKC5tNRSAQ0DwAPpZAi8FBK6nyLbU+qkRA0aghD+gXgIAiX0we2eD8nw-V930fahQmpeJwmeS90UvMBEQETAQLkZ9qHA3JPygj8ZixTFyAAoCvkfDCwPvCDcOg6g1QITBeyQZCQFMS9jgSCJ0Mw7CQLw6kGkHWCEAA2ZuI-S5YBwr9qUwWAshsZBLwIWoENLU590vXp0XE6lKkg2ib2wNJSCxNShM07SK3IzDIxoj9BI0kTMBQHJdNw+zqTPNAMF4S8r1qXppIol8qOk-jT3PXz-MwUSQGsz8QqwsK+NogjPkgdiGNqEAkByBLQNCt9wtosBYBsMB4kaVkh0vSAsVMYKeJSgyPxAGxdDqhBpXc3jWupMAUAES9wjQZYbAITqV0gXqWs86gEGAJTvOiq8Zni2bitSj9FuWqKED8nhNuomTqFg8lsAQvzeHipCUOOkqPwIJaFmxJDYHMHsIAY9zJMemCUFi5DBGUl6KCxB7toEvzRuWZS0Jsyitv6hazjYxAsEvabIZRhIUHR8qsigF4-N2pA0CChHEua5H5rxgmbCJlYDsvMmKYQTGCKIh9qaRk6Ivp97GeJlnnled5MAynG6bRoWmZJy9bjBRGiv52jBbK4Xmb8357x+aXTo1wmRb8lB5hLKgVeS2nDdlzX5ZZm8kEwKY1SOq2+pl-G5ZNurdYBA2Bbt43tcvQL4uxBBdEcD25tt737d9ogSypwrrbVnbg61hWXMapBQHIJq+f+1GE5DhXi2lS52puIvVZLo3s5ZigonifFsAh2ObaDsum9NvlXM73n66h0uGYd0n-l4RpMAifhA-VrOJ9Z0gL1TpLPfj8ffd7AdlkEdeaYz6lG+Xia4XWYf04bpffZul3tQXzPe7P+AeG6y+083nvt9DghTB4EOJ+J9b6hx+AdAgrtgFjx9qHeipZP4bzjhFNIDQMT3lICRbqwEu7H2oLwWobE0S8D3MKLiVt6KMRLKPS4DF4iszRtAxywk6pQEsO5QsIIBDKmfDsZgYgTjrD4eAPYzBMAXFEVifEgJrTMERDkNUNxRHbAAKK4XoMaSM9A8jGiDPCFA8iUAAEJVHqM0dsPIeRRHBGyLkPhVlO58NqNQ2Rlt7HomJA+PhStRFZDfmcUgjBR4HSgCWHcmCBCCLzlgxAZEr7f1oniFA0olKAWwXEr+yDaJyQUkpeBkAwDmScoUqy0CuYYOoDEnBV87KnRsCgRIOViK-gsAQLEUsrajx4G3NALs8SXlIYkKpGSkHd0XgnDmsUfjgEvAIDm5D4lZO-K8Txl40AYOQGZGYGBoEUGlHFGG54rx3heLso5sV1p+TkMwS8d4sSIKPiXZhlgso3BmlbWpEVey1EyuU4iaTYnvMWWMj8JyECDhyJedQ9BbnYgecXUezyRJcMKdC2F9zoFcJZhxRI+JfnJMynMhACzMkgoEupYShSsV+RyACWZPB+DcKtvpL2bEkkpKQMMoFpK8GC3ZXS6UgM7xIF4BAIgIkAXVJ5SXdKzw26YBynlA60DKqZH+Q0dAqBTBpEvMaFVVU+yYJmKgCm+MdWpmgc4pVnLNaqvasgXZBL-JZABd9Q+CKUZ7MytS9ivxcUDmgfEeIMNwDctGXg3oF5uYrxABePcIl4AOtwdJFweopwwDbnCckh5jzfnErm1Np1eBoFoLlaUAQCA6Rsn9U6qCRWJivtQOQW4siqFgMwGMMQYwIAAFoiBsLUTgPg9R5DSNQKoMYRUAAVR7fLLAaK2TaW3qGNDGD08lahulqFUegMZdAIGoDEXQtQ0hgDdKPYt+aTzgCnWSfEYBgjrlsTI6mfVaLgCqOVO1ikX1Pl4oWiKtRgBhuMGONMqgcw5kjLRH83EwM2kgy4ZgNokOSHoKdFABBuLQY-KQUw7llirCESFHYtBHgHAEEcE4Zw0AXCuLXe4WRHhi1LBLDppHwH-CTaRskoIhF0AhNCbAsJ9GGJRMQzEOI8QEiJDRggpJFrkgEJSZDNI6QMmZKyBIHIuQ8j5AKIUIoxQSilDKOUCovEqjVBqMgUxEwtCNKac0lo8z2kdPZ5MroPReh9P6QMIYwwRlc7GeMHmUxpmYBmLMOZguFmLKWcslYxA1jrB6RszZWztkRQ8nD1JgCmGAHBot7kCoRV-UlUe8RgNwY0AhioSHToQAKhhSE+laJoCqnB+aTGbK5fwRtK26hmAWlUyN5gfC0wWk8J66rNl4MQfq6wVN7RE0mueNAVEghHQ4HSJkHIK3HSzGwNAF6bqcAFBYIwYopRyiSAO8gI7MALD-CtVkHAKhGXrGG5OVbj3oC-lAPEcFDUEA4F-HyPEph2hrmlM+6AqDKoMReiTHAk4MAEGgG3N5so26-h28Ydo6PMft0uFiXHCA5D45EITv8xPsdYhcjkHbgN0QoBpxjyNQ4cBVmCOz6Alc3ikHJzgHwcgYh8-lYOW42BhciAJ0TznDFGeg6rFJRS8R2g3jx5OOZFUoAIHijgHQ9A7vTUN-NxDyHVCofoO0AHpwDe8BwENkbeklwTeoFN9o2zFOgnN+0RATIpKYCB4byc51ngQu6m8F1o5asLag9CuQ0O4LYHxiAU7XO3hoGT-boHYOA-SPz7r9oj2cCrcLz8-yTul2uRXWuyQG6t07r3Qeo9J6z3tDrYdGvzbXJto7V23t-bB3DtHeOydvAp1AA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:49 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdAMbYwvgD2uqMARsgB2EVlwC29CENwRUuEDCHjpuermwQQs1PVTQ48ErRa4AtKrNcA1uhDYJIM-1RcQAE3ggAnmdxc0MzYObjN9WAQzKgAGKhiARnjSKygAMwBHYFkWQiF+XABWLkJrb2QYLhYqdJAAdnEzQn9UbyY8cXQyGkJgAFlFdCUwAEkAETJR2oAOUgBOeKoAFmoANh6AVUI5MYmAOVGATXjegBV1gt6AK174gHlR9e8AZWjVnoApLn4d0lH4xZiKwKtUW8Vqb2AACUIMAuPJhu4JqcAIreXqHeK7ABeyIAHrt4E8qAAyUCQCJIFjIJoSKAgPggfjoCCETDEWoAIWoVHQXDASgA+uIuO4QJ04mRKHFUmKttzqABhbmwdwQLgC4D6LYyeUUbky9ByiVUJVxFiDVQCjwCwgOeBCXVSqgGo1URXc0DeLzodAarWqR362UQeUm7k9LhCQhw20wYACtgQFjWQPS4Oh01Uem4DjMjXgEMSvVxXjIQtusNxITIcT8OQCripK3yXMsgX6DypqjxDPc4UybDobzNnPmtsdxFFp2vY2Z7OtgVCEAqLu9uK8sCQdwCwWpfTlyVBw0Hys8vlbndCfMwSdu4vO9Ozj0+FQyBOR1IwVAqW+HtPHtcqEIZB+EIFg+CyCor1wbxgAPe8XRPTMBFxAVZCaLtEMAwgQHgAVBjAPB+C4VDYEIGA1CnI9XXdOJoHrDcL0FUAb0wx8K0zejUHw88IG3JQ2IAp8zQtN9rXcG8bTtQSaNPLgoDkOxh2A4BNRZcjIy7UskO5Tgr1tLg8PkxSfBknS4mtAi8AbB0qP-WTOM4eMtmkAUyIoszAKTEBnJA8QKNkbcuLAfdbLvJ0sOEqhvN8-h-PwPiBWC0L8y9MVxXC6jzOipybT8gLEtUOQFCUV9KMy+zspivK4oK7cRCMTyouq4DaoS7dNDFDQmo47kWvy9qrTQOEQB62icp8mr4sCoU4SEIYegEuyHyE3q6Ny1rpsSjQtB0MbT36tqZr3G8fAgXEPOWyK1om2Ktu3LE5v2xzJs2urFx8uRYB9eCIvY8bDvujVinwPhBBEZ6+o2gaZrsawkwCGRvEh9bXphxKQBKZdkau-6Duho7Cu0dw+CEax3C4FHbqm96IHQfkwr-FaHKhtHCe3aNkA0fx7SpwH3uImxjAq5mqoJoGJPmoQwD58WBepJR1Nltmga4YAlCg5W7venaKYWrWacGiN5GFpnrvG7B6U8dK-RZANcdW8b3FSeNXA8JlKhTZaIyjOFAN4SMWCSpyqfnMc0Io5ku2hClqAKYsChiE52GMRPohgVOYiEHg45ibwAl0Kg04cFQemEXOZwKABRCsCimSvZimW5bHsRwAEI45ruP67j2ZZgrhUJELNOJxxtPUj9ouYlGqfolQDwQnFNOGor8QFc4dAmC8iTmhgMUBXgFO4O4tTtXKs28czfxMZ0W2z6p6ta3rY3cEIEdWzficqc9b10CoO-7YixnDdfgIBkyfh9AKVUwBeTeDKquKKSgWB8nmv4AUHtkwAJ1A7FmqNnIQFchoDOB8CFexFubU8CkWwbwFGAdKchhxkl+llQCdgmjXm3BuQUopZBUy4VeFi25SDRCgT4U2CFL7cjDnmZBwhz73mAeNaMqRcCpV-lg+Rf1Hanh4RAHMKgBSLAKKI7w4itG4KzNQvMFI35GJMWYlhUUKSJUTMmAIqjQDsPgKQ0OVi2zOO3CoW+8AlAU3gF2HszVcrXyaPWU+gCL7aJevGGJt8mggCEKKVA7hyJYggBo7+L5VDIKEJ+b8fEqZgVcJA0A88Qo+WwAKKYlTwJcBqfScA89gCNP+FTCe5TuKtSqQIOQfCb47nEKfDSjMJFJO5Gw1RASEyaDcVzKmLAWCcIzpoxxN19D8nUXTGA-ImT5OpKMnBB5aijFJAWCkiBkE2DgLkiAmAwTRBWMSYUqpMDRGJN40CFEIA3kwDEAo8RiTuRzO4N5KwAQrDBO8qgKxajRHiAUYkqpYAsGBTCxYaKYhxAWNEaIacAQLE+UwikIKIVbHSGWIQOKaXEnNHAGQ+iWQKEmbC+FiLUWLBWCSVlqgfIwCodMzACgwCkExQYHFmB3DEk5qgeVALiQFhkJgc5qAlWNlUSCqgpA6TiEWFMd4RwaypAOKkJ4BR3i4ggFQAA4riVI2BCAHGJJbbJO4YWGuNSsZA0R3hOveBAAAWrsfgqQADqAAJUYsxsBUCeO8bJAAFIAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=bouncex&bsw_custom_parameter=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkf2339889-8b16-4350-bb5e-db4427194736&expires=7&user_group=5&ssp=bouncex&bsw_param=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=c537c1a7-8b12-48ac-8876-293826cb2880
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=c537c1a7-8b12-48ac-8876-293826cb2880
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=c537c1a7-8b12-48ac-8876-293826cb2880
Date
Wed, 19 Jan 2022 18:32:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ai
capi.connatix.com/tr/ Frame CF0B 		2 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ai?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37aa3970b6801c9d286464f7d86e50bf41c88e54c7b4d08f3ff61935b3f59c3c

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
22
1_th.jpg
img.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/8a76dcb9-d432-48f4-9931-6e6c436b1477/1_th.jpg?crop=550:309,smart&width=550&height=309&format=jpeg&quality=60&fit=crop
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/userx.20220119-16-RELEASE.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa88731d3dfcba3466dd05250f89afb97ea729d2787d08929e41d23b23184ff0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
br
age
907103
etag
"ex354f7syFr/P56CDjh+QQbIWdgH4rDowfDQyg1LBU8"
access-control-max-age
86400
fastly-io-info
ifsz=11736 idim=375x212 ifmt=jpeg ofsz=9039 odim=375x211 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
8667
graph
u.cdnwidget.com/ 		68 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.cdnwidget.com/graph?cookieID=23vam6u0JGJeZNbfWHD9h2SJrdP&deviceID=23vam48JY1umfYfS5Jxe2GxfhsY&bxdid=4012022120052042126&bxvid=1642617170267015&bxwid=2051&gm=true&apikey=2^HIykD&loadID=GNTj1LSNY6FUiT8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.221.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
36.221.107.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
0.065ms
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
id_sync
events.bouncex.net/track.gif/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=23vam48JY1umfYfS5Jxe2GxfhsY&source=web&agent=cjs&deviceid=4012022120052042126&visitid=1642617170267015&websiteid=2051&pageviewid=1&sequenceid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
ffddbecb-9a16-4188-bed3-c06f3555dd1a.webm
cdn1.extremereach.io/media/107116/165625/aa1c5d5f-0b11-4911-8984-d47225db8c35/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn1.extremereach.io/media/107116/165625/aa1c5d5f-0b11-4911-8984-d47225db8c35/ffddbecb-9a16-4188-bed3-c06f3555dd1a.webm?line_item=15419412&cid=188419&e=e.webm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8e00:1d:e9ba:f480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=131072-

Response headers

x-amz-version-id
null
via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
etag
"579e3b3afc384f7b29ce129558fc192a"
last-modified
Tue, 21 Dec 2021 16:59:50 GMT
server
AmazonS3
age
48681
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
video/webm
Content-Range
bytes 131072-3738698/3738699
date
Wed, 19 Jan 2022 06:19:04 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
Content-Length
3607627
x-amz-cf-id
7O65y7yIHqb0D3aXuFhC5XcNNXv4X5iDHr2uWSyW1is6MiAH2psgMQ==
vast
vast.extremereach.io/ Frame E1DF 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.extremereach.io/vast?line_item=15108313&subid1=novpaid&er_pm=&er_ar=0&er_did=[INSERT_DEVICE_ID_HERE]&ba_cb=1642617169855972
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:66e7:fb11:219f:3941:9d50:b09d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f7addc574e929f1437af8f0a2f1f84b56be2fd7170044e4e91f5e6b65f9cbe4f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
expires
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 1EF4 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 16 Jan 2022 06:04:02 GMT
expires
Mon, 16 Jan 2023 06:04:02 GMT
cache-control
public, max-age=31536000
age
304128
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=3546522437719344&bg=!w8ClwITNAAZ_DxPPfw87ACkAdvg8Wsp7tvZlmGdzSTLKRYDO586mh7ZXlVy9T0R-eyPMlboLC3orrQIAAAMEUgAAAAJoAQeZAt3w0l4AWifBO_irhAf7CXXVH5zRPht60-wiErBnzXBauO9_JLP-9B1CLTMdnGsLUTVnAm5Skn6w1QgRSagNvKMFQHWxGtEfAgpgAXN651XCuQn84kgLwKFJ_ujL4sgt126Eheginhoj4mAGimdrKJml3wdYWQtHAbkc-iKDf7NyPzb9Ehf701MDRPhilN09aIKEve-XLdNodW5caSo2AzkxaiJxrilscoDe2VLqhjoSusVbu3RkYuT1F_o0M5n3lvLb1AOKv71HJSSaqpZbfkjYGhqldrJkTsQuGw4SesjIBvZN9-5b-CumFXXa2ILxaCmUWZO4Av3lT7hCshI1TDaV5J8rarxvfUFjq7vTaVvUuLPqO00bdWJw2uhta0YqNX-0X4rxXwKJBVJttnHjyIkKk4vmxL7hKAHvFU_C6oxGt_YCCTOwJcbfvpWMQ-wtr9HppVGbPdEk5V2DfndPG8sj_RnPh8JY6f81laY0L2XJjrjRRzz6uebGRwZGnmc-Sdm3zxZTT61ItJHEdtYncjll53LWQ7R9PkuTgu0LZhd_al2oiBzlxcsvDoA2B4DeEmJnop-1XZ-uJ-L_lmtoqCflponpvdRgA86-ejI12uDwgTOTkHgyOI9voxbF_a45XVpnokH6HwqcIMnhVQFeRbrb3-ZNRW7fC23qo18lp7wqBulshKR2T2vICpRtYqrMPu1r9Z6zYWS35kDsq660sBV89OdTtQ0ynseVKegGMATEACipmsY-jJ39pV_CZF09aj9EZV2Urpl3VHvOLg1lON24SuT2EHSJku7WZhGlgyXYKq4-7abWWNLyODGowEiHEZ4Dq9jIzUnNDWOZsJqWrA7DAc_Lk5SW7olUxNoOH7sYBIohND-B-efK6cixW7pwTh7gnMua5V8YYLtarfFuJtEARogZBkDJd6F_nnVASQmEXanGSLlP2oorHFdbajwGErF70piNDLkRpROWtrJu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6AFC 		156 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2FSTN_4_audience_extension&description_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&tfcd=0&npa=0&sz=480x270&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4024858041729998&ord=1642617168235&nofb=1&cmsid=2460952&vid=1248815&cust_params=play_code%3D2008%26domain%3Dchicagotribune.com%26content_cid%3D9687%26excl_cat%3Dstn_backfill%26iris_context%3Dundefined&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.495.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3942877064&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=D77ABC94-537E-487B-8739-CDC93F310BF1&nel=1&eid=44738438&dt=1642617170634&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&scor=1373659941207168&ged=ve4_td2_tt1_pd2_la2000_er732.224.732.224_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2662 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92675289&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7f48cb0b1cac43ec06e73c4bce8d41bfc606637d52e3877749b8ff1f9923928b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:49 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
st
imprnjmp.taboola.com/ Frame F66B 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66234245&crid=4974525&dast=V7vN0CFgMZFTvctCfgEQQZFTvctCfgEQUAAAAGBvQHGTWYDIfDCYmzWa4Gk91mslyNBpPZaDaEjBpMhsPhhMTZLFeDyW4yW2wmk8VmNpvCh7FcJoNaIHGZ_b63wnJ6eswut-joels8_walw4ZATDSdDp_rXq_7_e4ao9Pj8PlNl6fFdXfZNX63X2U3vSynh9PudtlNf9HR5TC9LH_Jy_Z0-T5_jemtspveeq_ZYfS7HW6J5e8w-R7Ot-jvurw1RqfH4fO7JS_b0-V7SwaTyWCx2Kz1tpvjcHp5PHeL6bX3fJ2vp99jWTx8a7fm9Lc870LT22wHAAAAgAeApfNeiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIPxJg0AEw6E9ttNl5fD7A8AgAcFEAAAAQwSAIKfuBIAi9flEwAAAAAAAAAAlv____-YAfnTQhkAjb3VHoAHH4AHIgK4IkYAAAAAlTiZu0eTOqGyqAIAIEi3ArgCAAjwm-M8Jw8DAAAgGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCNgAAacKTKPZqv4AAAGu_gAAAbOoGAPAWABd0BjOcjTa71Q3kaDA7AAAAgLv___9_PRCymWwr18Y0HExMDpvDsfDNRhuPyzJbTZaDjWO1vTH2QqRtxxmZvhBxmf2-t8JyenrMLrfo6HpbPP8GpUMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyN0AJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhcjKZmRar1VrjsnnWoolltVZYBqO1ZLdZzHyDmWtisq1Fr4_puHKMXCbHFgUDMPciuEgnosvT4rq7TE6f0_QwuzVGp8fh85suT4vr7rKIJZqTRTqRXfYlm8m2cm1Mw8HE5LA5HAvfbLTxuCyz1WQ52DhW--ZkMjMtVqu1xmXzrEUTy2qtsAxGa8lus5j5BjPXxGRbi14f03HlGLlMjn1jNprMFrvFbLlvzEaT2WK3mC33HTrDd_U5G5WP37nj06zE1fRuZj4oXAaLd6U6rbQFyUGbvYqcLs1MWdQZlc_vyGtQeA4e1eI7Pbxei5_WWBR-D0ZFLBGcLtKJ6GU8XcQSydMincgGq41nOdvMJhOTx7Ww2WaWlckzM0xmlpVrtfJMxBKl6SKd6FV208tyejjtbpfd9BcdXQ7Ty_KXvGxPl-_z15jeKrvprfeaHUa_2-GWWP4Ok-_hfIv-rstbY3R6HD6_W_KyPV2-t2QwmQwWi81ab7s5DqeXx3O3mF57z9f5evo9lsXDt3ZrTn_L8y40vc0W9R8dYrScq2ZzxWozVwx3qwQAAAAAAAAAsIQp8yYAAAAAp4HshpvharkAD2UtusAgAAAAAAAAuzNXsg-V6_7GxY0fd9DlaXHdXSanz2l6mN0ao9Pj8PlNl6fFdXdZGeChjIV5s2eCWKvVsgYAABDABgAACODWzVsgOiQH!&cmcv=&pix=undefined&cb=1642617170663&uv=3107&tms=1642617170663&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl102121-107_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=502888BD33950273295402646&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bde0dffa88379b4dde1facb2dafeeaa885723600e9171cbd4a3ca64dae9b920

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 varnish
x-served-by
cache-yul12820-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1642617171.675519,VS0,VE12
vary
Accept-Encoding
sync
us-match.taboola.com/ Frame F1F6 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7vN0CFgMZFTvctCfgEQQZFTvctCfgEQUAAAAGBvQHGTWYDIfDCYmzWa4Gk91mslyNBpPZaDaEjBpMhsPhhMTZLFeDyW4yW2wmk8VmNpvCh7FcJoNaIHGZ_b63wnJ6eswut-joels8_walw4ZATDSdDp_rXq_7_e4ao9Pj8PlNl6fFdXfZNX63X2U3vSynh9PudtlNf9HR5TC9LH_Jy_Z0-T5_jemtspveeq_ZYfS7HW6J5e8w-R7Ot-jvurw1RqfH4fO7JS_b0-V7SwaTyWCx2Kz1tpvjcHp5PHeL6bX3fJ2vp99jWTx8a7fm9Lc870LT22wHAAAAgAeApfNeiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIPxJg0AEw6E9ttNl5fD7A8AgAcFEAAAAQwSAIKfuBIAi9flEwAAAAAAAAAAlv____-YAfnTQhkAjb3VHoAHH4AHIgK4IkYAAAAAlTiZu0eTOqGyqAIAIEi3ArgCAAjwm-M8Jw8DAAAgGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCNgAAacKTKPZqv4AAAGu_gAAAbOoGAPAWABd0BjOcjTa71Q3kaDA7AAAAgLv___9_PRCymWwr18Y0HExMDpvDsfDNRhuPyzJbTZaDjWO1vTH2QqRtxxmZvhBxmf2-t8JyenrMLrfo6HpbPP8GpUMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyN0AJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhcjKZmRar1VrjsnnWoolltVZYBqO1ZLdZzHyDmWtisq1Fr4_puHKMXCbHFgUDMPciuEgnosvT4rq7TE6f0_QwuzVGp8fh85suT4vr7rKIJZqTRTqRXfYlm8m2cm1Mw8HE5LA5HAvfbLTxuCyz1WQ52DhW--ZkMjMtVqu1xmXzrEUTy2qtsAxGa8lus5j5BjPXxGRbi14f03HlGLlMjn1jNprMFrvFbLlvzEaT2WK3mC33HTrDd_U5G5WP37nj06zE1fRuZj4oXAaLd6U6rbQFyUGbvYqcLs1MWdQZlc_vyGtQeA4e1eI7Pbxei5_WWBR-D0ZFLBGcLtKJ6GU8XcQSydMincgGq41nOdvMJhOTx7Ww2WaWlckzM0xmlpVrtfJMxBKl6SKd6FV208tyejjtbpfd9BcdXQ7Ty_KXvGxPl-_z15jeKrvprfeaHUa_2-GWWP4Ok-_hfIv-rstbY3R6HD6_W_KyPV2-t2QwmQwWi81ab7s5DqeXx3O3mF57z9f5evo9lsXDt3ZrTn_L8y40vc0W9R8dYrScq2ZzxWozVwx3qwQAAAAAAAAAsIQp8yYAAAAAp4HshpvharkAD2UtusAgAAAAAAAAuzNXsg-V6_7GxY0fd9DlaXHdXSanz2l6mN0ao9Pj8PlNl6fFdXdZGeChjIV5s2eCWKvVsgYAABDABgAACODWzVsgOiQH!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
8b0179bb6b1ad361e29d0b1ab6ffea7288d4040836aea29445548aa2c898fe6e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3103
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66234245&crid=4974525&dast=V7vN0CFgMZFTvctCfgEQQZFTvctCfgEQUAAAAGBvQHGTWYDIfDCYmzWa4Gk91mslyNBpPZaDaEjBpMhsPhhMTZLFeDyW4yW2wmk8VmNpvCh7FcJoNaIHGZ_b63wnJ6eswut-joels8_walw4ZATDSdDp_rXq_7_e4ao9Pj8PlNl6fFdXfZNX63X2U3vSynh9PudtlNf9HR5TC9LH_Jy_Z0-T5_jemtspveeq_ZYfS7HW6J5e8w-R7Ot-jvurw1RqfH4fO7JS_b0-V7SwaTyWCx2Kz1tpvjcHp5PHeL6bX3fJ2vp99jWTx8a7fm9Lc870LT22wHAAAAgAeApfNeiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMAIPxJg0AEw6E9ttNl5fD7A8AgAcFEAAAAQwSAIKfuBIAi9flEwAAAAAAAAAAlv____-YAfnTQhkAjb3VHoAHH4AHIgK4IkYAAAAAlTiZu0eTOqGyqAIAIEi3ArgCAAjwm-M8Jw8DAAAgGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCNgAAacKTKPZqv4AAAGu_gAAAbOoGAPAWABd0BjOcjTa71Q3kaDA7AAAAgLv___9_PRCymWwr18Y0HExMDpvDsfDNRhuPyzJbTZaDjWO1vTH2QqRtxxmZvhBxmf2-t8JyenrMLrfo6HpbPP8GpUMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyN0AJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhcjKZmRar1VrjsnnWoolltVZYBqO1ZLdZzHyDmWtisq1Fr4_puHKMXCbHFgUDMPciuEgnosvT4rq7TE6f0_QwuzVGp8fh85suT4vr7rKIJZqTRTqRXfYlm8m2cm1Mw8HE5LA5HAvfbLTxuCyz1WQ52DhW--ZkMjMtVqu1xmXzrEUTy2qtsAxGa8lus5j5BjPXxGRbi14f03HlGLlMjn1jNprMFrvFbLlvzEaT2WK3mC33HTrDd_U5G5WP37nj06zE1fRuZj4oXAaLd6U6rbQFyUGbvYqcLs1MWdQZlc_vyGtQeA4e1eI7Pbxei5_WWBR-D0ZFLBGcLtKJ6GU8XcQSydMincgGq41nOdvMJhOTx7Ww2WaWlckzM0xmlpVrtfJMxBKl6SKd6FV208tyejjtbpfd9BcdXQ7Ty_KXvGxPl-_z15jeKrvprfeaHUa_2-GWWP4Ok-_hfIv-rstbY3R6HD6_W_KyPV2-t2QwmQwWi81ab7s5DqeXx3O3mF57z9f5evo9lsXDt3ZrTn_L8y40vc0W9R8dYrScq2ZzxWozVwx3qwQAAAAAAAAAsIQp8yYAAAAAp4HshpvharkAD2UtusAgAAAAAAAAuzNXsg-V6_7GxY0fd9DlaXHdXSanz2l6mN0ao9Pj8PlNl6fFdXdZGeChjIV5s2eCWKvVsgYAABDABgAACODWzVsgOiQH!&cmcv=&pix=31589837&cb=1642617170662&uv=3107&tms=1642617170662&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!pl102121-107_vA!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1642617163601.9!ts:1642617170662&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-length
0
server
nginx
2051
dfp.bouncex.net/pub/ 		6 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/2051?li=5857096278|5858338558|5885038473|5878444259|596911376|5876839852
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pb/resources/gdist/1182ffa19d76d40ef0af/ct/ct-lib1182ffa19d76d40ef0af.js?v=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
79eeaf911b12cf08fffe564cc1929ce4022376b5857d2bc11763278a6e3df664

Request headers

Accept
*/*
Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 google
server
istio-envoy
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
6
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF0B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?vd=diff&oc=f&nc=f&oi=f&ni=f&custVid=958004969&lid=93&sdkv=h.3.495.1&e=44738438&id=ima_html5&c=725844369043045&domain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E1DF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kylvumq1&c=4731811772614&slotId=2365905886307&qqid=COSLpee5vvUCFXcvrQYdNewJHA&gqid=UVnoYb-7MvrJtOUPt9iKsAg&fb=ima_html5-lima&sdkv=h.3.495.1&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44738438&vmfc=2&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 1EF4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:43:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
150580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:43:10 GMT
/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 7843
Redirect Chain
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17544

Redirect headers

location
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
date
Wed, 19 Jan 2022 18:32:50 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 7843
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617171.828888,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12820-YUL

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 7843
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3298609f-7956-11ec-992c-18f0df000003&orig=video&us_privacy=1---gdpr=0&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3298609f-7956-11ec-992c-18f0df000003&orig=video&us_privacy=1---gdpr=0&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17609

Redirect headers

Date
Wed, 19 Jan 2022 18:32:50 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3298609f-7956-11ec-992c-18f0df000003&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
359
Connection
keep-alive
Content-Length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 7843
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17492

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Date
Wed, 19 Jan 2022 18:32:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 3BA1
Redirect Chain
  • https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
  • https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17544

Redirect headers

location
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=6e2b452fca1e40aea24912754e6f364a&orig=video
date
Wed, 19 Jan 2022 18:32:50 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 3BA1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617171.829081,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12820-YUL

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 3BA1
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3298609f-7956-11ec-992c-18f0df000003&orig=video&us_privacy=1---gdpr=0&
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3298609f-7956-11ec-992c-18f0df000003&orig=video&us_privacy=1---gdpr=0&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17609

Redirect headers

Date
Wed, 19 Jan 2022 18:32:50 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=3298609f-7956-11ec-992c-18f0df000003&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
182
Connection
keep-alive
Content-Length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 3BA1
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://ums.acuityplatform.com/bum?tpid=29&uid=c537c1a7-8b12-48ac-8876-293826cb2880&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=641253725093&expires=30&user_group=1&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17544

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Date
Wed, 19 Jan 2022 18:32:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 3BA1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17617

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
date
Wed, 19 Jan 2022 18:32:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 80AF 		287 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.41.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-41-144.compute-1.amazonaws.com
Software
/
Resource Hash
91cd9c71121e89724d63fb9339eb01a4c7fe806457d7eaaa31643cbebf16892b

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
246
expires
0
229636
search.spotxchange.com/openrtb/2.3/dados/ Frame 80AF 		0
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229636
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
x-spotx-timing-transform
0.001514
x-spotx-timing-spotmarket
0.095704
x-spotx-timing-page-require
0.000652
x-fe
319
x-spotx-timing-page-misc
0.011165
x-spotx-timing-page-cookie
0.000036
x-spotx-timing-page
0.114614
pragma
no-cache
x-spotx-timing-page-context
0.000948
last-modified
Wed, 19 Jan 2022 18:32:50 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.095704
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
x-spotx-timing-page-exception
0.000000
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000022
x-spotx-timing-page-mux
0.004573
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 47F8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 18:32:50 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
date
Wed, 19 Jan 2022 18:32:50 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usersync.aspx
dis.criteo.com/dis/ Frame 89FA 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 19 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
576663
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame FCC2
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=35483968-7956-11ec-bad7-68220af88a6f
42 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=35483968-7956-11ec-bad7-68220af88a6f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 12:55:09 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug001:0:452
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 19 Jan 2022 18:32:50 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=35483968-7956-11ec-bad7-68220af88a6f
X-RealServer-NX
lga-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
141
match.deepintent.com/usersync/ Frame 98B6 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
content-type
image/gif
content-length
0
date
Wed, 19 Jan 2022 18:32:50 GMT
server
b
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame DAB8
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=b0a984ec-42ea-409f-952b-be1ac433cef2&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
42 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.180.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-180-232.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
content-type
image/gif
content-length
42
server
Kestrel

Redirect headers

server
nginx
date
Wed, 19 Jan 2022 18:32:50 GMT
x-lat
va1pug002:0:844
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
Pug
simage2.pubmatic.com/AdServer/ Frame 709D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XNW61SFrQnxUHBiGnrx50ZU4mbs
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XNW61SFrQnxUHBiGnrx50ZU4mbs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 14:06:31 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug006:0:434
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 19 Jan 2022 18:32:50 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=XNW61SFrQnxUHBiGnrx50ZU4mbs
Content-Length
159
Connection
keep-alive
i.match
s.tribalfusion.com/z/ Frame 4BA2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d0225e75ff17133-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 19 Jan 2022 18:32:51 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1126
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d0225e69f057133-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame EB15
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NpJI2n1H1NafLl5&gdpr=0&gdpr_consent=
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NpJI2n1H1NafLl5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 12:50:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug009:0:449
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 19 Jan 2022 18:32:50 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:NpJI2n1H1NafLl5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-06cdac40b0e35ebba@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 55CE
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=641253725093
42 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=641253725093
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug015:0:1427
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Length
0
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=641253725093
Pug
image2.pubmatic.com/AdServer/ Frame 2D7E
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=5375b53f-8e0d-471e-ae4c-f4330ef2339e
1 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=5375b53f-8e0d-471e-ae4c-f4330ef2339e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
10:0:433
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Wed, 19 Jan 2022 18:32:51 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=5375b53f-8e0d-471e-ae4c-f4330ef2339e
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4876
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ6959035711058652685&uid=Q695903571105865...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6959035711058652685
42 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6959035711058652685
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:446
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Apache/2.2.15 (CentOS)
Content-Length
154
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q6959035711058652685
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Cache-Control
max-age=22673
Date
Wed, 19 Jan 2022 18:32:51 GMT
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 7CBD
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=AFA610033CEC41D099D2903D4862471D
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=41525FB517A54E5CB6A7A5A36FA7A2D3
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=9e98d77b-7461-43b2-8bb3-0c6790007fa0
42 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=9e98d77b-7461-43b2-8bb3-0c6790007fa0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va1pug004:0:372
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 19 Jan 2022 18:32:51 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=9e98d77b-7461-43b2-8bb3-0c6790007fa0
Pug
simage2.pubmatic.com/AdServer/ Frame B540
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2636847665
  • https://sync.1rx.io/usersync/tradedesk/c222d7c1-8acc-4e56-b834-86840521a4ea
  • https://sync.targeting.unrulymedia.com/csync/RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005
42 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 12:50:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug004:0:467
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Wed, 19 Jan 2022 18:32:51 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005
ETag
RX4fe7cdc239ca4e4daa28917aad06f796005
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C0E2
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 varnish
x-served-by
cache-yul12820-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1642617171.970658,VS0,VE10
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 19 Jan 2022 18:32:50 GMT
via
1.1 varnish
x-served-by
cache-yul12820-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1642617171.949294,VS0,VE10
x-vcl-time-ms
10
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame EC6B
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mPPSdJz3A-Gnd4vIU1noYQ
42 B
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mPPSdJz3A-Gnd4vIU1noYQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 12:55:35 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug005:0:418
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Wed, 19 Jan 2022 18:32:51 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mPPSdJz3A-Gnd4vIU1noYQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pub
matching.truffle.bid/sync/ Frame 26E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.21.3
Date
Wed, 19 Jan 2022 18:32:51 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame D27E 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
avatar-2c82029d167c@version_1.366v3
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Wed, 19 Jan 2022 18:32:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9215
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:51 GMT
content-type
text/html; charset=utf-8
x-lat
va1pug015:2:647
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 19 Jan 2022 18:32:51 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 4DC6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
1 B
87 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va1pug018:0:400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 19 Jan 2022 18:32:50 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AFA610033CEC41D099D2903D4862471D
expires
Tue, 18 Jan 2022 18:32:50 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
33141
tags.bluekai.com/site/ Frame 2662
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=c222d7c1-8acc-4e56-b834-86840521a4ea&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=12ae88a8f07eddf037347430bb7d00e6
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=22e505047af2ac4526390b3d8af5fbe
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=1245c6cd553a5b7f
62 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=1245c6cd553a5b7f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Server
173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:51 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=1245c6cd553a5b7f
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&addseg=10,33,39
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
g.pixel
aa.agkn.com/adscores/ Frame 2662 		43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.154.202.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:51 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
43
Expires
0
/
io.narrative.io/ Frame 2662
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
  • https://io.narrative.io/?io.narrative.guid.v2=3552cd10-7956-11ec-96af-0e9f37bd45a9&companyId=673&id=pubmatic_id:64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=3552cd10-7956-11ec-96af-0e9f37bd45a9&companyId=673&id=pubmatic_id:64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Server
3.215.189.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-189-212.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:51 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=3552cd10-7956-11ec-96af-0e9f37bd45a9&companyId=673&id=pubmatic_id:64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
Date
Wed, 19 Jan 2022 18:32:51 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 2662 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.80.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-80-180.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
image2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3616449762476959287&gdpr=0&gdpr_consent=
42 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3616449762476959287&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:42:22 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug002:0:415
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:51 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
bbeec864-14d1-4694-970f-93f8ebb1bdba
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3616449762476959287&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=35045f58-7956-11ec-88c6-5d8ea439b083&gdpr=0&gdpr_consent=
1 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=35045f58-7956-11ec-88c6-5d8ea439b083&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:904
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=35045f58-7956-11ec-88c6-5d8ea439b083&gdpr=0&gdpr_consent=
Date
Wed, 19 Jan 2022 18:32:50 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
35467194-7956-11ec-8f10-c58bb5c829ac
Pug
simage2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=44d96eb27edf122d&is_secure=true&networkId=17100&version=1&nuid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGdiqC1zS4xgMdpxkIAAAAAAA&expiration=1642703571&nuid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&...
42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGdiqC1zS4xgMdpxkIAAAAAAA&expiration=1642703571&nuid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:968
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGdiqC1zS4xgMdpxkIAAAAAAA&expiration=1642703571&nuid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KIG15iuJ5e4zhOO4fdL95yjS4uczgOnreoWKOWKb
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KIG15iuJ5e4zhOO4fdL95yjS4uczgOnreoWKOWKb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:50:07 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug009:0:487
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KIG15iuJ5e4zhOO4fdL95yjS4uczgOnreoWKOWKb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c537c1a7-8b12-48ac-8876-293826cb2880&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_be68cba0-cb4a-4afa-8482-29e8b683058d&bsw_param=c537c1a7-8b12-48ac-8876-293826cb2880&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c537c1a7-8b12-48ac-8876-293826cb2880&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c537c1a7-8b12-48ac-8876-293826cb2880&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug005:0:515
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c537c1a7-8b12-48ac-8876-293826cb2880&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 19 Jan 2022 18:32:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341&gdpr=0&gdpr_consent=
42 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug001:0:487
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 2662
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_E9F3C299_BC591F2A&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Server
204.2.255.233 , United States, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-325603971; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:50 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-325603971; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 19 Jan 2022 18:32:51 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug011:0:881
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4579766571360473542
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4579766571360473542
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:50 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug014:0:819
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:50 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4579766571360473542
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000096D50A6558
42 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000096D50A6558
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug019:0:529
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 19 Jan 2022 18:32:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000096D50A6558
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3616449762476959287
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3616449762476959287
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:07:54 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug008:0:297
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:51 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
052be187-dacf-4946-ac5d-5ef3d4affe56
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3616449762476959287
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2662
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4562d301-91df-46c4-9bf1-cc1356430190&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4562d301-91df-46c4-9bf1-cc1356430190&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug001:0:441
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4562d301-91df-46c4-9bf1-cc1356430190&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 19 Jan 2022 18:32:51 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EF4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.495.1&bgai=B1owdUVnoYZqXEv6lo9kP78a2gAUAAAAAOAHgBAI&bg=!YGOlYyfNAAZ_DxPPfw87ACkAdvg8Wq54z0m25K6vnlxuYp8fxqzSy8lxpYaHKqSqJp-lpvduauaU5QIAAACPUgAAAAJoAQcKAI3GtFPnbz4UhQQ9zoJDNa1Uz7Mf4ru3pLOOQ0iAAT5Uw87hE-XshbdewhPf6WMokEwfje6jYRGijx9TFXQ18tcb5xoTER-1AgSqeqvB_bQriBLsOI6-t-T9oXNKB--Gqa0tp-Q6g2OGizSjHIsjWVxnA_xMZkZdVyVfWRCNCxFUj6BYhKqKftaJ4eGHmGOZAvM6RdysdV4dtwkH5RRmKK1PsDUzkxChvEsXOJthqHIw5Es0H-Ic2qyWgH_9N5ZWLmXy5pEk_TQsQ2DysRpzgPfSaJLPfAb9WKBFr_jNxUDF0bKHa81GuqyxeZ3ec8rQWFHHcuV0jc48wa4cGlG0qJWq0SjDuYd158IWmST_OoyXshyT8I4ZBoSD_PMfuXQdHzCjp-H2BlMTL3CC1litbZJ7yZNmKEHfWxfwLfAmUy8e9U6jGrigolFYedf8E2HwXy4-uGaAm1GDQQ--TsLjTbqw6edVC0Wsi0PeiR4-ByUSkT6JS1LpR7VOWcfSQRNI4pIkBnr79_Euief3wiPjwxNkoU3pxhXF5Z3d5nnjCKxQBlO_7wA11r9URQH2biLn5mqzXDLNcyMPZ8zwlvWA8N-4V3Vney8O3-qmN7GXk1RWK7ZmHdVUGl139TvektJP7pdIBYZcbmXXsucwOxlB7UpmNE2gogO8QNKBufFY-0_QmAobXFMN_RHr8_rzxL895EADC2x10nQQJrmNpa7U65PSRXzt04wg9GZJhFghHRA840x-J3PlGCS0zElpQGh0CT9QxvTkLynjGHwRcYIrqEfYJzUHgcBZc1RkzHHbK1tARWviYhKqwTCHLnYIT5logwWP4O3P5Na0YUkke2e7cDBYOnqfkwwO03O2XIjI7pxruN5TqFncZxmMs0dDQNj1knB_FuiBE4eZKsuq7UGqNCQDywQH6BMVqRxyqSYVAlx_tmohggYmYkzKdod2IC9xlvmC-KWrcjyKT0Ac_mdWGNkyovg79bAONdp940nVUOndapSr6vjmoGiOXNw2eQEhi5Z2CD4bqvhx3yenE04N1D5LwqqTSpI8O29yJTgeZZB0jOVLvsDjjnwcBRFLETVHdHTXdObUwWTsaumAaXL5SjW0qgbhQ63zDfR85xGTazcuf-igwpobjaZOTB0nOmft0M5zC2CbtAHiQbiDJ-mRtQKR5yg8LN7Vm0rYgof2G2i0EJBE5Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 80AF 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bulk
trc.taboola.com/tribunedigital-chicagotribune/log/3/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/log/3/bulk?tvi2=5682&route=US%3AUS%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
17
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617171.039062,VS0,VE17
x-served-by
cache-yul12820-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 47F8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a148a5ed05b066010db63ac8960223775c52e0edea2967e5ae0168d3072214c7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33920
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Thu, 20 Jan 2022 03:58:11 GMT
cygnus
as-sec.casalemedia.com/ Frame 80AF 		46 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?fn=indexResponsefb8fd86f48&v=8.8&s=305079&r=%7B%22id%22%3A%22fb8fd86f48%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A740%2C%22h%22%3A416%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A1%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22g4nkrAVSzVCp8H-G4jRi5w%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%22%24%7BUS_PRIVACY%7D%22%7D%7D%7D
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
22a5d6575219d8be186eeb75cc6c0c13c4ce7204ee1a50ba3d3ca408e37ca74e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:51 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58
X-AK-CLIENT-GEO
19
Expires
Wed, 19 Jan 2022 18:32:51 GMT
id
id.sharedid.org/ Frame A215 		41 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.210.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-210-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
8c2318c302115bbeaf2822217568280854a9a131435102283706fa143e4751c8

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
41
expires
0
/
trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 47F8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=KYLVUKBY-X-FLXH
  • https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH&gdpr=0&us_privacy=1---
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617171.143975,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12820-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 80AF 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c74d1211080076361959841f46d2ff7417043a72575ecfb28c549f35678f02eb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:51 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
26ddd170-0495-409f-b9b7-50869162aa12
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11897
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
itw2TR85TTAVVPZ9DJB5L5WsLDpyREyDD8SJRvEW0KylAPv8/Z0xSCwEZLClDbx+4z4drf+Ubuw=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1642617171.340323,VS0,VE0
date
Wed, 19 Jan 2022 18:32:51 GMT
x-amz-request-id
YR1M0V2A0DRFMT2X
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
53
x-cache-hits
14368
avjp
sendtonews-d.openx.net/v/1.0/ Frame 80AF 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sendtonews-d.openx.net/v/1.0/avjp?auid=540141285&url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vht=416&vwd=740&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A740%2C%22h%22%3A416%7D%7D%5D%7D&be=true&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&us_privacy=${US_PRIVACY}&c.p=general&c.p2=entertainment&c.schain=1.0%2C1!sendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%2C1%2C%2C%2C
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bc2
bc-ssb-cle.springserve.com/ Frame 80AF 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-ssb-cle.springserve.com/bc2?r=fb8fd86f-15c6-46e8-9a32-bc6c4237e347-s.643298-d.549253-dc.131008&aid=500&det_d=www.chicagotribune.com&det_w=740
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.204.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-204-51.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
603f27feb83928414d7fbf3b8649bff4089a37df5ae0fc1421f4a8192a95d03c

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:52 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
i
vid-io-cle.springserve.com/vd/ Frame 80AF 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=fb8fd86f&ps_id=643298&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:51 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWAJkPwHYqjDTNgAvEKABkwHcBTAIx1WBcA+qgAmUUqwCs+TACcuOEABs4aDAUKtWAD3yT2CmFzkK5UbAENly1AgDmQuHOVQAFsGAAHHAFIAzACCvqQAYiGhHFEAdEhuqEiW9iDAcqg8iFyxIAC2EVwIgnLAlnY5BcARwG5clkURCgBuqFwcfmEoALQVnSAA1sqWbrmWnTxyIJaiHJYAnp2gzp1xCUkgnU0tHJ2SpJL4+P69jTAAjl6CSDgIPMBSIDh9s3DoSKSnlpQ5nTigcrPRDw5ZQBUI4LwAWVKtgcAEkACIBeGUAAc-gAnPpiCFCOCAKo4EwIpEAOXhAE18BCACp4qQQsAQ-AAeXheNmAGVWDjwQApEA8Yn+eH4MisQhSSjEKg8rwAJS4XhAxVhoiRNIgswhFPwJMYEB0JI4HPozX4wCESBA-RaUF8lAAQiFSMovM6AsE9h5vO0pEEQlIwgGwlEOLF4olkql0plsnlSIHQhUTCUyhVg6FqrV6gmwptWr6OsBuoVegMhiMxhMpjN5os5MsI2sNlxmq0dqw9qwDkcQCdzpdrrd7o9nq93p9vr9lQCgSCE-4wZDoXZ7MSF8i0ZjSNjc7ivASiYiN2TKTS6Qymaz2Vzg-v+YLj36RWKJVKZXvwQqlSq1RuNVqOp6gaRomu6pAAMLOnI7r+ns4FQXshL2LBwRSE6UiIpQ8LYNafS2vaTp7I0qGEc6CBwDkPAmEIIAwEIljFAkyiKEIChTKh+AhIhLogPY9hcKIIgIEIMAKFwqEwNYhLcc6yh8QJQl2EIXilH+pAelJygyZBzrpDoQiCL8knSRJul7K2NHyfxgnCSpakmdpZk8ZZchCNZinCY5OkuYkXhCISBRCGaAikXsWk6Rp5mkFwfkBXAPA5AIghCa59jiQg3nOc6sWWP5OAJUlni2WlGX2bMMw2FlskWXFBWJclJWFCmpQIOUhTVdFuX5YVjVCQgBadb5eXxQ1xVCTU1jVENOV1b140Mc4yqWDNtUjfVRUpUIOTKggq7gnYq0xXNY1bVmdQmEd3WjZttliWIcxcDooXwUEEXZWtPWnbZzByJlr2BO9NXHet81bQgeUmM0NhmRpb2mcD10bX1KkPJ4aQZANV0nbdQmDH0sUgIgwCzNjoPfUJliPJYOSkwDQNdTjKPZqIaQIH0oggGTX240IXDKPYh30wjjPk7zShqB4IAcP9cOAyLw08yjPB4e0csM4rN0o6IdirtzWsLRk-ADTgauaQrs1iyjIBeLrGD68jC1Zpz+0O2DtngsqwBm-DTnA4Mvz2WI7l8cpogXUd1nKapwf+KwQjh7MPueqQDNRTx4eCGg5RCMQUgJ3MydEGQFDUJQ3LRYxaBICxwVbDguf54nRfA6psztcAVoIDAqByOU6nm370UBxaqA5F4Cim+gsuDz5clUxabbcEJcSxX0ROVMLfvYcDoj2KEve-AAMpMA9BKkcAfaQbiMaI65y86pD+I0NOEHArC8gA4ryXAAFokjwGAAB1AAEvCdEbhSAcl5HIUQAAFBCzolAwGAPfD0j9n402ICiXklJKIwHJDADkUheQ6C4KQT+OgYBuBwOSRBew96kUdHpHAcDNhExwBBOA05ygwS3nPPYqAcAcgSjgJAGNLr8IkjvaKMBGibzlsXcgNBy7A2aGfQISjS5UE7IQcu+ApDA0sFzAGFceKujCtfTwPgAxwUTBmUM4ZVhRgxrGK08ZEzJmKK1DuGZzo5kTPmNoGYug9H6IMYYORRjjFPrWBYRMGwrEjOsIJHYuw9mOGcC4sUhx3AeE8F4IA3gfC+D8P4s5gDAlsUuKEqAYRrifMKVEGIsR3nxISOQ65nynipLSekjIWRsk5BXQM94BRdOFKKSQb5pSUDafKRUXtVS2PhABbUlJgKGmNFFdOzoqaoTMc6RoXgSIAy4tFDRzoB7RT4Q-eC9yeJIHkZxEgyiy6HKQmITiwN7DiM4rsvY8Y5YfNIDrS5exiDdl2KQfQ2hAysDIPoQg9CXTPLOa87RqjsKYBfnIHAABtKOIkdrh2UAAXVgKZHFjECXqK4CAFSk8KgUvetSvF+Ka4tEKAxISOBhgyxZVS3FBK26VWUIyxQzLKVOTZQSz2CAlB4viP5VeSA+iCplcK-FVdmLCFUgJClF8uCyvxRRKiNE6IMSYjXVi7FRAUtkFqnahQ3DKFmFa6uLEG52opewLVOqbVCAhuUClJqPK2WUmJLgXANWEjDQpCNIkY72ulXGrVbcO6WgwD3PuglY3Gq1fVMRaQLjT0MrMLwMbU0Fppfi-ShlFDAHzSanAlgODuVQPYDwKsDIhSbdWk1rkQ42SUkmtSzatVDvDaOidtbOUVB5QnYOfLpazvZX2Ewgx3UFS8BPRQ-AMCGrkJfE1iQRIrvbRulwcw10EqmB2rtFpD0DsnXVaNIk+23vxUjd2qVGgmHSu+r9P6KZ83-XIQDQVRXWHJS+2tIHeZeNTG1KVrLX1WwWgNNowGmYLUmsoaoOGMNbUsEtOQlgiNKwWjtP6+1bYIEowbM6k0iiMcdlte6icnoCDY7+oQv0GNwfZQhlGENK1yGhixXjoGlS-GjJjKtaH4O4a2vjQmxNZjSd5lTPoNNNNCYJSJhaLM2YcxAFp5mAs7AWYWhLaooABUGe-Sp2yKt+g4Bs1tHWe0HCedc9wuw+6-NCRtnbQTSnhMuaEs7EA+1gsBR-N7L9N9YFiolYSQoX7RAwH8tWUQPB5JqopfKxVJrUgYCQHzPyX6A21zQMAKTUAFRL1sZ6eF1J4iFlYEI4MrAEApF67MBJvXImKC8IgXrAYACiUUpAohGeiFEzJyyRJWjC6bs35sBnROiXrEFchmXhXaum8KYDKl62to7UxVjznhVh3rOQAuJGUNEQdOs-ioGsEIDgnXxPpdQ0K2toAF40T3Rl-tEWCVmuom5T2xQG61dtbUFNfra3QZsKQf7mW2Amp4JYNVPcbAJ0VPJduUqTV2CtPYPaoAhAFaKX0LHEPAeRfWu+wynXvvRvVU58D1cvv2BgyYd1+rFMs4JSPIOeNQ4iUzmLzVtaiVS6EHHAuScavWtrlaYmvqW10QtOj8VYOAcK-ZXL7Owg85q485oEuKjUfssR3XAsjdrcOpNUvWyqr15qHsoHbgXAeeQ+1Zr1inuhLlCKN9uwnMODu-Q-5YHvxQdMux8H66Seo+-EsAgcOsD+CMD1an5npuRVzA7l3HN-cv3FpUEbxiSRyNeDcEIFENfxF1-suR9KeUW+ii-Wd3NsPRHiPSCYL9kux5g4PeF8XhKF7O+XpaGoaqN5fqQEgPGQiS9ptrQoQWaX+advSLXbh4+B1WhtMIUADLBgQa4AOngXgcdcG8FAfFZLMAXDwLhcetgc9IDCAwCDD2AWDZZeAf5QBzaSisDoh0CoiYDgGQHQFoj+AohSBzaIE5bIEojoGsBoHECUD+BYEQEUpzaojECUEJjogkHIFwGYiHCUCEC0FkEohMFbjoGmg3w44nJiAEDyAEYVoP5RIUTWACHBoP5IDcKgA5CYApZKTiBPwvw5Bvwfzfx-wALAJgIQJQIwLwKYDIKjyKGYI5DYK4L4D4KELEKkLkKULUK0JAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
d156f5c7dc7c61898c1b90e344dc9ed65cda0cb340669bb5e375a432f3a784b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:32:51 GMT
server
istio-envoy
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
52
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHyDGiwB9RBBhQwvHqwDMAQWkAzSThDTeAYWkU0MEBGHJQarCQ0Llq9Xy3S4YNCDPDYwnAAsIAdywXFfCpgaho82nyoAJ7ekmBGJs7mtpaB1qHhPDjIELgQwJ5oyMJwHiBwANb+VsE2MmHS1CRoDiBGUBi1cgE8JMCEnfV8WISIdCDAwhBKrsBNLTjCoLBVfACM6dJiZh5gkTNzjAtLMCs8AAwbfI3NjMJYSJ0pdXUZAh0wwkLCSqCP3UEhWyDfgQDDvT4iVB6U4AgYZKKIRLFHJKNDAREnZL-NJAjI4Qh0HBwGjIJo5YQkSLIP7VQEvaRoOgADwpTCSMiesMumSg3mEjgwHhIdAgLN0ODQ7K6tLh0hAFHG-NB4K+UMxHOxNW58sVbxAHyEMJx9L4DicLjcMD07i83iNWtx0ggCuAYCge3xyGMTAlOVOvX63IQIk8PkmLrdkXtdLsVw+AqFkz8WJl2oQRTUzmE4sl0dlfDKUAzBMQkpI+uEOuAGF+yY1qcdBfT7hLZYrVZrICzURiYCkKdSDpNPELxbopZI5Y+iXGJHQWERZjzaaLLfHbY+WBA3hwy8bI+b+PXk4rpUkJA8e+Ho7XE6nrkIwDyUCvsYPq6Pd4rYmAWCEGCyQ0Bx4Ll9xvT8NwpM9y2AV9gXA1sTw+H49HdEAmVzYDQOvQ9EPvAAvPI62lQcY3g3Dj3ve5qWAXQ+xpUj83fMcvw+bJSF6RlCC3OCMgQyiKzdcoyggbjKV4uUKNY1wcHKJAoyw403346SQCgEgYBoLByhgCAJKbD88PbMBBGIzklPIwyBI+HBRIvMhfH05jb0gkUIHKXdFKHZSpMgq0-ywDAnJU1ziCEH1gt8pDJmQIQ0D9LyyL4qL7wvfUIH-Tz60YlcWMgrI8hILKSJAiyMg8agYF7OJvVMKVzO84EYCUIon1gBgIAqU4CtyWD916HI4ErdMnOuFoKUlRhTgAJXlJw7R4ABWFJFvOAAVDw0E81azi23gdqwCAkh2yJRL6navERLJuP2859oAUTqRaAA4LiWgBOZ6AHlyjdS6oAAQgep7Xv2973tus5NHIGwduOBSdqUPJIZfJbzmAWBmkkSGtwWnbEDChAwAAOm1K0yBoSRhG8TaskVWrEicsgoFIemEiXRKmOGUZFQK2YFjGw5FjU9USre4ce1iHh4iYRngPFt86CgCpUT7YR9GQSBIkXerum5IQ4FBP8yGEDqKhlurIo-LsRAvLbqa7SpOe5F05ipjBYnGPZUA6Jy3VINprQEL4JHLP3QVVdAPlkM51fdYqGqShpZhuVpDbE04FeBWylBINpoliC25ey0rGoyUOQCaRFhAAFkWuPIgT7pVgANhrngW9Wdgu6zjJBdaXRtwWOuG6b6R1n3QfvArEoynKOy2gD6eQCdkvsLffuFin79K8VbwhF0haS4nnDV2Z1mJgZjm17KySz+gC-3DnLAJGAGAJXw1or91hsJfdHXDZYFROifUTkiRPjVqgDGNYiweGEM9MBxIICQOoO0DGyA4GrBrk5JGICJhHnAYycYfsWZ5zQCgEwvozKaiTnwf2edt4fFnhUOyTk4BwHjFtH+OV9ygEENVSsApGS3GIMQ52th2AABEABkoBICwAQCgdA2B8D3ERMwIgpByCyPANAeASAoQqLwJSakzBEBQGGJIaRYh9DMDONI6ehJJQgD0Mwc4i1VjSJzE0GAzBW7t07t3dgZwO7BNWItaR+hdBwBcb4muZxVjnDWOcM4O126JJbtIn2c1tyuM8WoAAjv0LAMTXE8GkWaRIVc2QGL8W3DuXdGktxbuwCpjhEhFjQC6KhzA5wYFkJEuaMTmAwGkbZR8wzHHSPaIkZgojgBjKmGQ3xPBZBUEQDXZ6AApAAmqsEYSgdlKAAMqLS2UyEAPAADiTIlAeBwDs6RFU36fBWWspALdCBnC2VcrZIAABaAA5OgSgADqAAJSR70PA8GOVst+AAFIAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 45A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617172.873107,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12820-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KYLVUKBY-X-FLXH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 45A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEJYJuBjKVAaAR61RkkXwk0&google_cver=1
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEJYJuBjKVAaAR61RkkXwk0&google_cver=1
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617172.885666,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12820-YUL

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEJYJuBjKVAaAR61RkkXwk0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 45A4 		42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:904
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 45A4
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
date
Wed, 19 Jan 2022 18:32:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17498
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 45A4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617172.885246,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12820-YUL

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c222d7c1-8acc-4e56-b834-86840521a4ea
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 45A4
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:51 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:51 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 45A4 		49 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-775b5b88b7-s6czq
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 45A4 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:52 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 45A4 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.51.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-51-251.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
content-length
43
x-nosync
emp
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 45A4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9964d0d6-5fb3-494e-b572-b755310d3d19
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9964d0d6-5fb3-494e-b572-b755310d3d19
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17476

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9964d0d6-5fb3-494e-b572-b755310d3d19
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2030899
content-length
0
expires
Wed, 19 Jan 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 45A4
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=3616449762476959287&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOflvf4pAKhNtPR1FdftMlVqOPKTVy-6-LEcXIlg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=ab0161e8-594e-4b00-90fe-576cb3984342&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=c222d7c1-8acc-4e56-b834-86840521a4ea&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/3/5.gif?puid=64A49E8D-2CB4-45E4-87A3-2194D8C74E3F&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/2/6.gif?puid=b87b2c55-ced3-4bdd-956f-54276ce1d199&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/1/7.gif?puid=e8871f41-f1ff-4faf-98aa-f84c2a6df530&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/136/0/8.gif?puid=YehZTgAABTHFZgAZ&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOflvf4pAKhNtPR1FdftMlVqOPKTVy-6-LEcXIlg
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOflvf4pAKhNtPR1FdftMlVqOPKTVy-6-LEcXIlg
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23283

Redirect headers

Location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOflvf4pAKhNtPR1FdftMlVqOPKTVy-6-LEcXIlg
Date
Wed, 19 Jan 2022 18:32:52 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 45A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&ssp_uuid=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&ssp_uuid=c537c1a7-8b12-48ac-8876-293826cb2880
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=taboola&user_id=3b785fa1-b845-4665-8cbc-f008c91c6933
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17418

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c537c1a7-8b12-48ac-8876-293826cb2880
Date
Wed, 19 Jan 2022 18:32:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 45A4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3De48bbc8b-9aa5-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3De48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&isDirect=0
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1642617172.916305,VS0,VE11
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12820-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&tbid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&query=taboola_hm%3De48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8&isDirect=0
date
Wed, 19 Jan 2022 18:32:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17476
sd
u.openx.net/w/1.0/ Frame 45A4 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 45A4 		37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&dongle=tbla
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 45A4 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:51 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
57
content-type
image/gif
content-length
49
expires
0
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1081
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
9uwp48XlQvboE+7bSu7PSAiSi+m0rcItjNv9vTqU823ZmC1O8hzpSt9NbhJRz/4WmEQSBeeJhSU=
x-served-by
cache-yul12820-YUL
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1642617172.857937,VS0,VE0
date
Wed, 19 Jan 2022 18:32:51 GMT
vary
Accept-Encoding
x-amz-request-id
590TJHPYC4BDJ5CB
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
53
x-cache-hits
5774
eid.js
cdn.taboola.com/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220119-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
15232
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
VYmgr+4vbqbkCYmDYf55eo0+P31q4tgIF1d7wduuGOmAyYqKyLW8oM0U9QAUuDDu8TiDcI85at0=
x-served-by
cache-yul12820-YUL
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1642617172.858035,VS0,VE0
date
Wed, 19 Jan 2022 18:32:51 GMT
vary
Accept-Encoding
x-amz-request-id
NC6J39PBM1A0VMTN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
53
x-cache-hits
73300
/
pips.taboola.com/ 		64 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
a6d9fa8ea6ae772a57fd764ef36294cfe3ebfb8b5667f50e0af86c0959131355

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:51 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12830-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1&uad=1cc56e5fc3be68bfe3398b740ea6292fb445def0bfa8ba3d41b377aee41bf6b7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 Jan 2022 18:32:51 GMT
Cache-Control
no-store
Server
nginx
Connection
close
627448
vid.springserve.com/vast/ Frame 80AF 		22 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/627448?w=740&h=416&cb=1067868197630&url=chicagotribune.com&ip=149.56.153.187&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&dnt=&gdpr_consent=&gdpr=&us_privacy=&schain=&ip=149.56.153.187&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&lat=45.4995&lon=-73.5848&dnt=&desc=&ic=&dur=&ap=&app_bundle=&app_name=&app_store_url=&inv_partner_domain=&vid=&min_dur=&max_dur=&mute=&placement=&skip=&prodq=&content_id=&content_episode=&content_title=&content_series=&content_season=&content_genre=&content_livestream=&content_producer_name=&rating=&channel_name=&language=&network_name=&did=&pp=%7B%7BPRICE_PAID%7D%7D&device_make=Google&device_model=Chrome&brand_name=Google&country=CA&ifa_type=&gdpr_consent=&gdpr=&us_privacy=&payid=a24eb6%3A1224&schain=&coppa=&lmt=&omidpn=%7B%7BOMID_PN%7D%7D&omidpv=%7B%7BOMID_PV%7D%7D&_bchc=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.14.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-14-89.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:52 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
22
content-type
application/xml;charset=UTF-8
i
vid-io-cle.springserve.com/vd/ Frame 80AF 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=fb8fd86f&ps_id=643298&batch=2
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6C7 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BL4jFT1noYdaVIoTWogaIlawYk4PO7UUAAAAQASDRvbc9OAFY0IPchYMEYMkGsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gH3AWh0dHBzOi8vd3d3LmNoaWNhZ290cmlidW5lLmNvbS9lbnRlcnRhaW5tZW50L3RoZWF0ZXIvcmV2aWV3cy9jdC1lbnQtb2tsYWhvbWEtYnJvYWR3YXktdG91ci1jaGljYWdvLXJldmlldy0yMDIyMDExMy1vdmZxcHRlY3NuYnQ1b3NreXVpb2MycWE3bS1zdG9yeS5odG1sP3NwTWFpbGluZ0lEPTc4MzkxMjQmc3BVc2VySUQ9TkRZMU1UVTVNak0xT0RVeVMwJnNwSm9iSUQ9MTQyMDY1NzQxNyZzcFJlcG9ydElkPU1UUXlNRFkxTnpReE53UzKYApAowAIC4AIA6gISLzkyMDU2MjgxLzU0MDk4MDA2-AL_0R6QA6QDmAPQBagDAeAEAdIFBhDQ-JylEpAGAaAGJKgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx7SCAcIgGEQARgd2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=l4Ckopl6sUg&label=videoplayfailed901&acvw=&sdkv=h.3.495.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjQ5MDk5MDcwMjQyDDEzODI1NjI1MzM5MkDcAQpUCAESE3ZpZC5zcHJpbmdzZXJ2ZS5jb20aC1NwcmluZ1NlcnZlIAMqBVZQQUlEQLUBUiIQBCUAAPBBKAE6B3Vua25vd25CB3Vua25vd25Ivh9QAGABGAE.
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
643690
vid.springserve.com/vast/ Frame C6C7 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/643690?url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2&cb=1208710187&desc=Jennifer+Lawrence+Is+a+Surprisingly+Good+Mime&ic=IAB17&dur=62000&ap=0&vid=1248815&did=&r=13&keyword=&content=9687&w=740&h=416&bid=&adunitid=92113961&play_code=2008&player_size=large&level1=general&level2=entertainment&player_type=float&owner=conde_nast&ad_rule=0&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&ad_key=&stn_domain=chicagotribune.com&iris_context=undefined&iris_id=&conde_nast_contentid=56aaa19b94c05f333a000000&gdpr=&consent=&us_privacy=&coppa=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.14.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-14-89.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9bbc4cd0f37b3b941b6f36ace2651b2cad44aa68be191507241e7aeaf011d2a2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Wed, 19 Jan 2022 18:32:52 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
csi
csi.gstatic.com/ Frame C6C7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kylvumrp&c=4731811772614&slotId=2365905886307&qqid=CK7kk-a5vvUCFQSryAodiAoLAw&gqid=T1noYf2JHMe-yQOzp5eQCA&fb=ima_html5-lima&sdkv=h.3.495.1&mrd=4&aab=0&itv=1&met.4=err.kylvupvo&aec=901
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:81d::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6C7 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BHOVfT1noYdeVIoTWogaIlawYvIvl9EUAAAAQASDRvbc9OAFYiaW6rIMEYMkGsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gH3AWh0dHBzOi8vd3d3LmNoaWNhZ290cmlidW5lLmNvbS9lbnRlcnRhaW5tZW50L3RoZWF0ZXIvcmV2aWV3cy9jdC1lbnQtb2tsYWhvbWEtYnJvYWR3YXktdG91ci1jaGljYWdvLXJldmlldy0yMDIyMDExMy1vdmZxcHRlY3NuYnQ1b3NreXVpb2MycWE3bS1zdG9yeS5odG1sP3NwTWFpbGluZ0lEPTc4MzkxMjQmc3BVc2VySUQ9TkRZMU1UVTVNak0xT0RVeVMwJnNwSm9iSUQ9MTQyMDY1NzQxNyZzcFJlcG9ydElkPU1UUXlNRFkxTnpReE53UzKYAu8mwAIC4AIA6gISLzkyMDU2MjgxLzU0MDk4MDA2-AL_0R6QA6QDmAPQBagDAeAEAdIFBhC7qtvrFJAGAaAGJKgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx7SCAcIgGEQARgd2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=acjo_ilP7vc&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.495.1&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C6C7 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPCoJ9YMp_-SJF0WMj4lBvZ8A_hlhALz72q-5FQ9vurszk6HrvbbyXn-MrXdz-8_nfLOGbu7tSkD08gt8kMUjf__QHbnYN-SkWaTB06I7hrcbB84fxNSUvifLeWKon0Veh3mo5gtKB5pMkfGy0zGypxlbhNWT5VgeDvqRDDdDP-pXuj9afKz5m1wLOXxQmsEKnlFcRs18l6-pYTnWSAkeDfzt2sfZam-hDOBtan_ptAmQl0mi5cnq8mPKNpnhwrAa3HxSRTsBSmAktR5GKvHrRy5i24LuMoncchPrB2IK0oen2NyRjWEj90T_pebnGRlM&sig=Cg0ArKJSzFR8EZ_y00H5EAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.495.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1OTQ2MDA3NjMyDDEzODMzNzQ4OTU0NUDcAQpOCAESE3ZpZC5zcHJpbmdzZXJ2ZS5jb20aC1NwcmluZ1NlcnZlIAMqBVZQQUlEQC1SHSUAAPBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 2184 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd099208b93569f53d0436fdac3b7536b17dfcff8a69af65e5b776bc8a570206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18581
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 19:35:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:34:46 GMT
vpaid_99304143.js
vpaid.springserve.com/production/ Frame 2184 		499 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_99304143.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:da00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05759c56fd37bf9c521547bd3ece71410a9410379afa4a1d72efe91ce638ab32

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:00:43 GMT
content-encoding
br
last-modified
Fri, 14 Jan 2022 15:52:40 GMT
server
AmazonS3
age
102730
etag
W/"11eb39eae297f2408c060c04a8104958"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4667374d732461e741437d79cda68ba0.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
ptSo-ovoZSgnttHgDYHrx2v93_uQKersN69EuEuRCtIKDuGQ74Uc1A==
ima3vpaid
tpc.googlesyndication.com/ Frame 2184 		2 KB
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F92056281%2FSTN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill&type=all
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e64d9e6c81d3136be63ccd57ef420e280373009d9ef87e12737ef1dbd227554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
812
x-xss-protection
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2184 		157 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.41.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-41-144.compute-1.amazonaws.com
Software
/
Resource Hash
534ba7298a4fe4431fbd9868cb63d4333d236bf383e19414dd8311a3dcf0063f

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:52 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
155
expires
0
229636
search.spotxchange.com/openrtb/2.3/dados/ Frame 2184 		0
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229636
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:52 GMT
x-spotx-timing-transform
0.017113
x-spotx-timing-spotmarket
0.103513
x-spotx-timing-page-require
0.001042
x-fe
285
x-spotx-timing-page-misc
0.022548
x-spotx-timing-page-cookie
0.000185
x-spotx-timing-page
0.148817
pragma
no-cache
x-spotx-timing-page-context
0.001524
last-modified
Wed, 19 Jan 2022 18:32:52 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.103513
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000025
x-spotx-timing-page-mux
0.002866
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 2184 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
as-sec.casalemedia.com/ Frame 2184 		46 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?fn=indexResponseb93491d256&v=8.8&s=305079&r=%7B%22id%22%3A%22b93491d256%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A740%2C%22h%22%3A416%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A7%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22g4nkrAVSzVCp8H-G4jRi5w%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f047789dcd78e7b23eeb93b63e7dd7b968f91d4536a32657dac7b7a00ff810b2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:52 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58
X-AK-CLIENT-GEO
19
Expires
Wed, 19 Jan 2022 18:32:52 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2184 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
692cd198d39de5e4a4c49a30dce32b21db460636304d471dddf7927fad68aac8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:52 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e9207103-7e42-4846-b8d3-6cce465b8783
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
sendtonews-d.openx.net/v/1.0/ Frame 2184 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sendtonews-d.openx.net/v/1.0/avjp?auid=540141285&url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vht=416&vwd=740&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A740%2C%22h%22%3A416%7D%7D%5D%7D&be=true&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&c.p=general&c.p2=entertainment&c.schain=1.0%2C1!sendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%2C1%2C%2C%2C
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:52 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
abt
capi.connatix.com/tr/ Frame CF0B 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 6D8D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66edb824bc7ae85906a0d36ddad0a4022527ddeb318870732609a71d85b4213a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16294
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 19:35:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:47:52 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6D8D 		377 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4136d0d7197a842bce2936755c964243a25e0420f15071c8ee9493822aaf8c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 18:32:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D8D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.04663209783993616&wt=1642617172601&sdkv=h.3.495.1&xai=undefined&url=3,https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_6_Audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26ndfp%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame FD9A 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 01:48:06 GMT
expires
Sun, 15 Jan 2023 01:48:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
405886
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6D8D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 18:32:52 GMT
integrator.js
adservice.google.com/adsid/ Frame 6D8D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.chicagotribune.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BB4D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:58:55 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame FD9A 		156 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2FSTN_6_Audience_extension&description_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&tfcd=0&npa=0&sz=480x270&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2830810400298325&ord=1642617172386&ndfp=1&cmsid=2460952&vid=1248815&cust_params=play_code%3D2008%26domain%3Dchicagotribune.com%26content_cid%3D9687%26excl_cat%3Dstn_backfill&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.495.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3942877064&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=B334AA6E-E3F7-40C1-8580-2C18FBDDB190&nel=1&eid=44730465%2C44750824&dt=1642617172904&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&scor=4471869507531029&ged=ve4_td0_tt0_pd0_la0_er732.224.732.224_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2662 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
229636
search.spotxchange.com/openrtb/2.3/dados/ Frame 2184 		0
0
229637
search.spotxchange.com/openrtb/2.3/dados/ Frame 2184 		0
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229637
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 18:32:53 GMT
x-spotx-timing-transform
0.005546
x-spotx-timing-spotmarket
0.112020
x-spotx-timing-page-require
0.000542
x-fe
380
x-spotx-timing-page-misc
0.029986
x-spotx-timing-page-cookie
0.000028
x-spotx-timing-page
0.156005
pragma
no-cache
x-spotx-timing-page-context
0.002171
last-modified
Wed, 19 Jan 2022 18:32:53 GMT
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
x-spotx-timing-spotmarket-primary
0.112020
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
x-spotx-timing-page-exception
0.000001
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-uri
0.000015
x-spotx-timing-page-mux
0.005696
access-control-allow-headers
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ Frame 2184 		2 KB
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F92056281%2FSTN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined&type=all
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8cee304988f27fb9f0cea0d942f1fd0a7bb2a7cc854fe28de5862f5c127bfbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
828
x-xss-protection
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2184 		156 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.41.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-41-144.compute-1.amazonaws.com
Software
/
Resource Hash
3a6fe6ecad2e989d2f6d31de39d548486c6f19f96e30ba9c07a1984c686b2355

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
154
expires
0
translator
hbopenbid.pubmatic.com/ Frame 2184 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 2184 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
96792d25d9a63bc92d6bedbcf3a9db4c9ff956fc49d7f737134f8a19f6544d9d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:53 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
a99df8f8-2de6-4e99-b569-95d1d0248380
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2184 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d7603c393d5636bec476bd298d12e034dfd533a402cb03e8ae896f345b70c6fc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:53 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d329cca5-27a4-42ca-afa9-0c778cde5cfe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame 2184 		46 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?fn=indexResponseb93491d292&v=8.8&s=305079&r=%7B%22id%22%3A%22b93491d292%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A740%2C%22h%22%3A416%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A4%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22g4nkrAVSzVCp8H-G4jRi5w%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59aa75d8f3d155c209d389e3909d3d4eb8338d17b644a1439f8446bdb41f9c63

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:53 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58
X-AK-CLIENT-GEO
19
Expires
Wed, 19 Jan 2022 18:32:53 GMT
avjp
sendtonews-d.openx.net/v/1.0/ Frame 2184 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sendtonews-d.openx.net/v/1.0/avjp?auid=540141285&url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vht=416&vwd=740&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A740%2C%22h%22%3A416%7D%7D%5D%7D&be=true&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&c.p=general&c.p2=entertainment&c.schain=1.0%2C1!sendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%2C1%2C%2C%2C
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:53 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 6C2D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined%26channel%3Dvastadp
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66edb824bc7ae85906a0d36ddad0a4022527ddeb318870732609a71d85b4213a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16294
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 19:35:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:47:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6C2D 		377 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4136d0d7197a842bce2936755c964243a25e0420f15071c8ee9493822aaf8c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 18:32:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C2D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.47373758869100824&wt=1642617173135&sdkv=h.3.495.1&xai=undefined&url=3,https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/92056281/STN_4_audience_extension%26description_url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26url%3Dhttps%253A%252F%252Fwww.chicagotribune.com%252Fentertainment%252Ftheater%252Freviews%252Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%25253FspMailingID%25253D7839124%252526spUserID%25253DNDY1MTU5MjM1ODUyS0%252526spJobID%25253D1420657417%252526spReportId%25253DMTQyMDY1NzQxNwS2%26tfcd%3D0%26npa%3D0%26sz%3D480x270%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1642617172386%26ord%3D1642617172386%26nofb%3D1%26cmsid%3D2460952%26vid%3D1248815%26cust_params%3Dplay_code%253D2008%2526domain%253Dchicagotribune.com%2526content_cid%253D9687%2526excl_cat%253Dstn_backfill%2526iris_context%253Dundefined%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 5F79 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 01:48:06 GMT
expires
Sun, 15 Jan 2023 01:48:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
405887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6C2D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 18:32:53 GMT
integrator.js
adservice.google.com/adsid/ Frame 6C2D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.chicagotribune.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 18:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CD1F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 18:58:55 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5F79 		156 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2FSTN_4_audience_extension&description_url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&tfcd=0&npa=0&sz=480x270&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2062402057202058&ord=1642617172386&nofb=1&cmsid=2460952&vid=1248815&cust_params=play_code%3D2008%26domain%3Dchicagotribune.com%26content_cid%3D9687%26excl_cat%3Dstn_backfill%26iris_context%3Dundefined&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.495.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3942877064&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=7EE6B027-3AAD-41D3-9D0A-EDA2FB68482B&nel=1&dt=1642617173411&cookie=ID%3D9df888224eb62b92%3AT%3D1642617164%3AS%3DALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA&scor=3728800911406745&ged=ve4_td0_tt0_pd0_la0_er732.224.732.224_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
data
bcp.crwdcntrl.net/6/ 		170 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/13200/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.1.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-1-168.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
69e8531db195f42f0b7cd771687416c235c0d3e54db19ecf7bd9cbcac6f5573f

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
x-server
10.40.4.115
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
170
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2184 		157 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.41.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-41-144.compute-1.amazonaws.com
Software
/
Resource Hash
8d3a18ce159c76eaccf88eade3a8506067bf8683a9bc92cf4af13d86b80e8e98

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:54 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
153
expires
0
229636
search.spotxchange.com/openrtb/2.3/dados/ Frame 2184 		0
0
st
capi.connatix.com/tr/ Frame CF0B 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
translator
hbopenbid.pubmatic.com/ Frame 2184 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 2184 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b269a736baabe6bfc0c4f211172df1c6fc6319d92c59ad1ef9a19bfcd77afe2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:55 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
14c765f4-13e5-42bb-9271-dc6005d79834
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.chicagotribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame 2184 		46 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?fn=indexResponseb93491d275&v=8.8&s=305079&r=%7B%22id%22%3A%22b93491d275%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%253FspMailingID%253D7839124%2526spUserID%253DNDY1MTU5MjM1ODUyS0%2526spJobID%253D1420657417%2526spReportId%253DMTQyMDY1NzQxNwS2%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A740%2C%22h%22%3A416%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A1%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22g4nkrAVSzVCp8H-G4jRi5w%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7774f37c9b2fdd06cc0be8f08ebfe8ccc394cfe71af84655e370a7911115a2cf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:55 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58
X-AK-CLIENT-GEO
19
Expires
Wed, 19 Jan 2022 18:32:55 GMT
i
vid-io-cle.springserve.com/vd/ Frame 2184 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=b93491d2&ps_id=643690&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
avjp
sendtonews-d.openx.net/v/1.0/ Frame 2184 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sendtonews-d.openx.net/v/1.0/avjp?auid=540141285&url=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vht=416&vwd=740&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A740%2C%22h%22%3A416%7D%7D%5D%7D&be=true&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&c.p=general&c.p2=entertainment&c.schain=1.0%2C1!sendtonews.com%2Cg4nkrAVSzVCp8H-G4jRi5w%2C1%2C%2C%2C
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:55 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bc2
bc-ssb-cle.springserve.com/ Frame 2184 		20 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-ssb-cle.springserve.com/bc2?r=b93491d2-d085-42c9-866c-0e36c79ab8dd-s.643690-d.549253-dc.131008&aid=500&det_d=www.chicagotribune.com&det_w=740
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.204.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-204-51.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
content-length
20
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.138&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&f_privb=0&tid=a63f0e83-4c85-4769-914a-14bfa4b9e77c&pid=9df577c4-a656-45e8-b168-4009e35c2650&dtm=1642617175741&qnm=_matherq&visible=1&tabid=5d8dc246-f416-4fc8-8fbc-d49cb081ae1f&url=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&vp=1600x1200&ds=1600x7382&tofa=1642617166&vid=1&lvidt=1642617166&duid=e9cba18674025235&fp=3441833202&cid=ma89701&mrk=197837611&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0MjYxNzE2MzYwMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMi43bWIiLCJoZWFwVCI6IjE0LjNtYiIsImZzdFBhaW50IjoiNjExIiwiZmV0Y2hTIjoiMjciLCJkb21haW5TIjoiMjgiLCJkb21haW5FIjoiMTYwIiwiY29ublMiOiIxNjAiLCJjb25uRSI6IjIyOSIsInNzbFMiOiIxODAiLCJyZXF1UyI6IjIyOSIsInJlc3BTIjoiNDIyIiwicmVzcEUiOiI0NDUiLCJkb21Mb2FkIjoiNDI2IiwiZG9tSW50ZXIiOiIxNDM0IiwiZG9tTG9hZFMiOiIxNDM1IiwiZG9tTG9hZEUiOiIxNDUzIiwiZG9tQ21wbHQiOiI1MzQ4IiwibG9hZFMiOiI1MzQ4IiwibG9hZEUiOiI1MzU2In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.113.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-113-69.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:55 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 1401
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22539

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
date
Wed, 19 Jan 2022 18:32:55 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/ Frame 1401
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24EMXUID&b64_redirect=aHR0c...
  • https://cs.emxdgt.com/umcheck?apnxid=3616449762476959287&redirect=https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2Vt...
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19709

Redirect headers

location
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
date
Wed, 19 Jan 2022 18:32:55 GMT
content-length
0
content-type
text/html
/
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 1401
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26v%3D1%26taboola_hm%3D%25%25VG...
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&v=1&taboola_hm=swO3BX3KC4Qh&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&v=1&taboola_hm=swO3BX3KC4Qh&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22539

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&v=1&taboola_hm=swO3BX3KC4Qh&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-775b5b88b7-s6czq
expires
-1
/
sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/ Frame 1401
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58533/occ
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22539

Redirect headers

location
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
date
Wed, 19 Jan 2022 18:32:55 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/ Frame 860C
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24EMXUID&b64_redirect=aHR0c...
  • https://cs.emxdgt.com/umcheck?apnxid=3616449762476959287&redirect=https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2Vt...
  • https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20372

Redirect headers

location
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3616449762476959287brt57401642617175798373af
date
Wed, 19 Jan 2022 18:32:55 GMT
content-length
0
content-type
text/html
/
sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/ Frame 860C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58533/occ
  • https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22539

Redirect headers

location
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-HVibbhVE2uHKOIU3eff0DNQfxCfR3FaJ8_cogqw-~A
date
Wed, 19 Jan 2022 18:32:55 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 860C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%25%25VGUID%25%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=dmxTWHlfTFR2WTVkWDYwTWpxRnlUQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEPkzmhhld79f8p6E2gCI6ow&google_cver=1
  • https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=swO3BX3KC4Qh&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
0
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=swO3BX3KC4Qh&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20372

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=0&taboola_hm=swO3BX3KC4Qh&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-775b5b88b7-s6czq
expires
-1
usync.html
eus.rubiconproject.com/ Frame 84AF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 18:32:55 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usync.js
eus.rubiconproject.com/ Frame 84AF 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a148a5ed05b066010db63ac8960223775c52e0edea2967e5ae0168d3072214c7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33916
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Thu, 20 Jan 2022 03:58:11 GMT
usermatch
ssum.casalemedia.com/ Frame 0C38 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
741f747b3f19f9974e460e15ef7ed739c88621a040df2ecedf2e9c24b1bb144c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|88|4|241|31|8|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 19 Jan 2022 18:32:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
Content-Length
1593
Connection
keep-alive
i
vid-io-cle.springserve.com/vd/ Frame 2184 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=b93491d2&ps_id=643690&batch=2
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_99304143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Wed, 19 Jan 2022 18:32:55 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 3384
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:32:55 GMT
x-fastly-to-nlb-rtt
19416
access-control-allow-credentials
true

Redirect headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
date
Wed, 19 Jan 2022 18:32:55 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6C7 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BHOVfT1noYdeVIoTWogaIlawYvIvl9EUAAAAQASDRvbc9OAFYiaW6rIMEYMkGsgEWd3d3LmNoaWNhZ290cmlidW5lLmNvbboBCzQ4MHgyNzBfeG1syAEF2gH3AWh0dHBzOi8vd3d3LmNoaWNhZ290cmlidW5lLmNvbS9lbnRlcnRhaW5tZW50L3RoZWF0ZXIvcmV2aWV3cy9jdC1lbnQtb2tsYWhvbWEtYnJvYWR3YXktdG91ci1jaGljYWdvLXJldmlldy0yMDIyMDExMy1vdmZxcHRlY3NuYnQ1b3NreXVpb2MycWE3bS1zdG9yeS5odG1sP3NwTWFpbGluZ0lEPTc4MzkxMjQmc3BVc2VySUQ9TkRZMU1UVTVNak0xT0RVeVMwJnNwSm9iSUQ9MTQyMDY1NzQxNyZzcFJlcG9ydElkPU1UUXlNRFkxTnpReE53UzKYAu8mwAIC4AIA6gISLzkyMDU2MjgxLzU0MDk4MDA2-AL_0R6QA6QDmAPQBagDAeAEAdIFBhC7qtvrFJAGAaAGJKgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx7SCAcIgGEQARgd2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=acjo_ilP7vc&label=videoplayfailed901&acvw=&sdkv=h.3.495.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1OTQ2MDA3NjMyDDEzODMzNzQ4OTU0NUDcAQpTCAESE3ZpZC5zcHJpbmdzZXJ2ZS5jb20aC1NwcmluZ1NlcnZlIAMqBVZQQUlEQC1SIhAEJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkjFG1AAYAEYAQ..
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
data_stn_l.php
timber.sendtonews.com/timber/ Frame 0E60 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=mvnxxcIU&ES_key=mvnxxcIU&ES_ID=24576&S_RKEY=vQg6gmYzCA&USR_ID=214301471&ST_usrKey=2V78V_VWRlwMjkF0&SM_ID=1248815&C_ID=4591&C_companyName=Tribune%20-%20Chicago&version=650210110&sC_ID=9687&AC_ID=2008&TYPE=FLOAT&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&PLAYERWIDTH=740&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-0-108.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:55 GMT
Server
Apache
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1
Connection
keep-alive
Content-Length
0
Expires
Wed, 19 Jan 2022 18:32:56 GMT
data_stn_l.php
timber.sendtonews.com/timber/ Frame 0E60 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=mvnxxcIU&ES_key=mvnxxcIU&ES_ID=24576&S_RKEY=vQg6gmYzCA&USR_ID=214301471&ST_usrKey=2V78V_VWRlwMjkF0&SM_ID=1248815&C_ID=4591&C_companyName=Tribune%20-%20Chicago&version=650210110&sC_ID=9687&AC_ID=2008&TYPE=FLOAT&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&PLAYERWIDTH=740&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=0&STRIPQUERY=1
Requested by
Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.11/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-0-108.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 18:32:55 GMT
Server
Apache
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1
Connection
keep-alive
Content-Length
0
Expires
Wed, 19 Jan 2022 18:32:56 GMT
stn_trk.gif
s2l.sendtonews.com/ Frame 0E60 		26 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=2V78V_VWRlwMjkF0&instance=214301471&version=65.21.11&age=220119&cmd=INV&key=mvnxxcIU&c_id=4591&seq=1&order=5&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&playerCfg=FL&alt=0&sC_ID=9687&sm_id=1248815&load=1&status=LVFNLNIY&ac_id=2008
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.207.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-207-8.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ Frame 0E60 		26 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=2V78V_VWRlwMjkF0&instance=214301471&version=65.21.11&age=220119&cmd=PLAY&key=mvnxxcIU&c_id=4591&seq=1&order=6&EXTREF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html&REF=https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124%26spUserID=NDY1MTU5MjM1ODUyS0%26spJobID=1420657417%26spReportId=MTQyMDY1NzQxNwS2&playerCfg=FL&alt=0&sC_ID=9687&sm_id=1248815&load=1&status=LVFNLNIY&ac_id=2008
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.207.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-207-8.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 0E60 		64 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1642617166303&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=62592&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=1248815&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1642617175976&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=9673&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Conde%20Nast&c3=sendtonews&c4=Entertainment&c6=*null&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&c8=&c9=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.230.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-230-62.jfk51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:55 GMT
via
1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
mh8Y67-HvJ2t8TBi3HcUSb8hwZQSAC78gQNgaD4BylwBLy2Vv4ZcVA==
q1915r4sp9672219s3sp06n5064o0s7p-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 0E60 		446 KB
447 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/q1915r4sp9672219s3sp06n5064o0s7p-00002.ts
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fadbd07a956d4100d9b4b02098ac270500331dce0df83385b6965dfff086953

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 18:34:39 GMT
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
age
86297
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-disposition
attachment
content-length
456464
last-modified
Thu, 08 Apr 2021 04:35:05 GMT
server
AmazonS3
etag
"5cbfcac65c2715243077971ed9d84573"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
x-amz-cf-id
B0OyAsPTLi2qzvCZeXStzxUzVLMu3RmR0OdbJt35HE_abkaK4XDpUA==
q1915r4sp9672219s3sp06n5064o0s7p.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ Frame 0E60 		539 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/q1915r4sp9672219s3sp06n5064o0s7p.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-45.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a8034b21a12455ed581c42cd3b2015b248ba92664ded7395b3f40bd4469871b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:57 GMT
via
1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
539
last-modified
Thu, 08 Apr 2021 04:35:06 GMT
server
AmazonS3
etag
"c401dd66ec5d9d9bc04ae0f2db47806e"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
grEbfg5eERZ8in8WnLQofoinsagCDqubtjDpDex1WkRw8JdVKcwBhg==
crum
dsum-sec.casalemedia.com/ Frame 0C38
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3616449762476959287
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3616449762476959287
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:56 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 580.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ebe3ad1c-2527-48d9-9829-6d629701526b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3616449762476959287
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0C38 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:7530:e049:6d41:d338 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 0C38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YehZTgAABTHFZgAZ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YehZTgAABTHFZgAZ
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:56 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642617176.129138,VS0,VE0
x-served-by
cache-yul12820-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YehZTgAABTHFZgAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 0C38
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8234736566488735343
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8234736566488735343
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:56 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8234736566488735343
pragma
no-cache
date
Wed, 19 Jan 2022 18:32:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 0C38 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T2X02EM15YE69B70N11Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0C38
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6959035711058652685P
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6959035711058652685P
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:56 GMT

Redirect headers

Date
Wed, 19 Jan 2022 18:32:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6959035711058652685P
Cache-Control
max-age=69690
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame 0C38
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a86c5780-09b2-45aa-bd8b-6da93279b09f&expiration=1674153176
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a86c5780-09b2-45aa-bd8b-6da93279b09f&expiration=1674153176
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:56 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=a86c5780-09b2-45aa-bd8b-6da93279b09f&expiration=1674153176
date
Wed, 19 Jan 2022 18:32:56 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 0C38
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2810035076712465670
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2810035076712465670
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:32:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:32:56 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2810035076712465670
Date
Wed, 19 Jan 2022 18:32:56 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 0C38 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?taboola_hm=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB&orig=video&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:32:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24394
duration
beacons.extremereach.io/ Frame 64A3 		35 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacons.extremereach.io/duration?cid=188419&creative_id=24373124&line_item=15419412&companion_id=0&er_ts=1642617169&session_id=C0SCZV5e8VsllbIqQQFXrR1642617169&er_fp=8913f5ae6e02ee82&subid1=novpaid&er_ar=0&us_privacy=%24%7BUS_PRIVACY%7D&percent=0.25&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:66e7:fb12:6f41:d484:66e:dd06 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 Jan 2022 18:32:58 GMT
content-type
image/gif
content-length
35
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
dc_oe=ChMI2oOD57m-9QIV_tIoBR1vow1QEAAYACD0laNMQhMItM7h5rm-9QIVUvP1Ah18NQtd;met=1;acvw=sv%3D915%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity/ Frame 64A3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2oOD57m-9QIV_tIoBR1vow1QEAAYACD0laNMQhMItM7h5rm-9QIVUvP1Ah18NQtd;met=1;acvw=sv%3D915%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7792%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1694%26pst%3D488%26dur%3D30030%26vmtime%3D7562%26dvs%3D0%26dfvs%3D0%26dvpt%3D7753%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D10426%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1642617169715;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 64A3 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CPvNeUFnoYbTmLdLm18cP_Oqs6AXi7pGGYY3RkM3FDvAuEAEglYnTIGDJBsgBBagDAcgDE5gEAKoElgJP0B49zt3YcyA48Fi2857zL9NUiSgz0JhO5RsF_1EZZpuO0iO9G6h7DGg6g-FjbLx31B9x4W8cB2jI5GZSWnzDZ7l-H1vbiMzvz2YVayygqtSNa4-Hoo713BHBvVNDSspfCA1DZ1sTGc5sCprq16AJyaFFqNxyh0G4BR5IAy869bgkoiHe_wjGZ92oJ8hzFblRQ8Y64j1fPwe17tQ2Z4FJnfgePNCmclk-G_cgqlswv7YpQrcRLr4cNDJS02ciz4DM5Dc6J_HbQVnvOjFHP4v-BX6hZZM8HJ2Hv5vAuh15XNCntVPMBm8ZnhpT7ycmrS5rASBH9QdFVnXKJbqkiSZm3GbAOYhp6nhC4dI-6cLI4QCzlx4XN8AEk4SM5LQD4AQDkAYBoAZ5gAep6pyrAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTYxNjYzMzY5NTYwNTkzMDOACgPICwHgCwGADAGwE_rZ0A3YEwOIFAHYFAHQFQGAFwE&sigh=KjzRvmqq56M&label=videoplaytime25&ad_mt=7563&acvw=sv%3D915%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D2316,319,2625,869%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7792%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1694%26pst%3D488%26dur%3D30030%26vmtime%3D7562%26dvs%3D0%26dfvs%3D0%26dvpt%3D7753%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1537%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D87241556%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D10426%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1642617169715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:58 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi.connatix.com/tr/ Frame CF0B 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/aq?v=146566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 19 Jan 2022 18:32:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWAJkPwHYqBOQgVkM2AC8QoAGTAdwFMAjHKmC8A+qgAmUUh3r5MAJ144QAGzhoMBQhw4APfDK5KYvBUoVRsAQ1WrUCAOai4C1VAAWwYAAccAUgBmAEF-UgAxMPDuGIA6JA9UJGtHEGAFVH5EXniQAFso3gQRBWBrBzyi4CjgD15rEqilADdUXm4AiJQAWirukABrVWsPfOtu-gUQawluawBPbtBXboSklJBulrbubplSGXx8QP7mmABHHxEkHAR+YHoQHAH5uHQkUnPrSjzunFAFPNYl48qoguEcD4ALLlexOACSABEgojKAAOQI0QzEMKESEAVRwZiRKIAcoiAJr4KEAFXx9ChYCh+AA8oj8fMAMocXGQgBSIH4JMCiPwZA4DEoxCovJ8ACVeD4QKV4RIUbSIPMoZT8KSWBA9KTuJzSJhWkJgKIkCBBm0oP5KAAhMKkVQ+F1BUIHLy+Tr0EJhegRQMRGLceKJZKpdKZbK5AqkIPhKpmMoVKoh8K1eqNRMRbbtP1dYC9Yr9IYjMYTKYzOaLZYKVaRjZbXitdp7DgHDhHE4gM6Xa63e6PZ6vd6fb6-f7KoEgsGJwIQ6GwhyOEmL1EYrGkHF5vE+QnE5Gb8lU2n0xnMtkc7khg8CoUn-2i8WS6WUe+QhVKlVqzcalqOp6gaRomh6pAAMIugoHoBgcEHQQcRKOHBoT0M69DIpQiLYDaAx2g6zoHM0aFES6CBwHk-BmKIIAwKI1ilEkqjKKISgzGh+BhEhrogI4ji8BI4gIKIMBKLwaEwLYRI8S6qj8YJwkOKIPjlP+pCetJqiyVBLqZHoogiP8UkyZJekHG2tEKQJQkiap6mmTp5m8VZCiiDZSkiU5umuckPiiESRSiOawhkQc2m6ZpFmkLw-mBXA-B5MIIjCW5jgSQgPkuS6cXWAFOCJcl3h2elmUOfMcx2NlcmWfFhVJSlpXFKm5QIJUxQ1TFeUFUVTXCQghZdX5+UJY1JXCXUti1MNuX1X1E2Ma4yrWLNdWjQ1xWpaIeTKgga6Qg4a2xfN43bdmDRmMdPVjVtdniZICy8HoYUISEkU5etvVnXZbAKFlb3BB9tUnRtC3bQg+VmK0djmZp71mSDN2bf1qlPN4GRZIN12nXdwnDAMcUgIgwDzDjYM-cJ1jPNYeRk4DwPdbjqM5hIGQIAMEggOT3146IvCqI4R0M4jTMU3zKgaF4IDcAD8NA6LI286j-D4Z08uM0rt2oxIDhrjz2uLVkQiDTg6taYrc3i6jIA+HrGAGyji3ZlzB2O+DdmQsqwDmwjzkg8M-wOZIHn8SpEiXcdNkqWpIeBBwogR-MvteqQjPRbxEciGglSiMQ9CJwsKdEGQFDUJQPIxUxaBIKxIU7DgecF0nxcg2p8wdcA1oIDAqAKJUGkW-7MWB5aqB5D4Shm+gctD758nU5a7Z8MJCRxQMxPVCL-s4SDEiOOEff-AAMtMg8hOkcCfaQHhMRIG7yy6pCBM0tOEHAHB8gA4nyvAAFqkn4DAAA6gACURDQDwpBOR8gUBIAACohF0KgYDAAfp6J+L9abEDRHyKkVEYAUhgJyegfI9C8FIF-PQMAPA4ApEgg4+8yJOn0jgeB2xiY4EgnAGclRYLb3ngcVAOBOSJRwEgTGV0BGSV3jFGAzQt7yxLuQKgVBK68VaOfYIyiy5qPIBXfA9AQbWG5oDdR8l3SAxdD6PwgZ4JJkzGGCM6xoyYzjNaBMSYUylDap3TMF1cxJgLB0TMPQ+iDGGKMPI4xJhnzrEsYmjY1hRk2MEzs3ZeynAuFcOKw4HhPBeG8EAHwvg-D+ACOcwBQR2OXDCVAcJ1zPhFOiTE2IvyHiJAoDcL4zzUjpAyJkrJ2RckrkGB8gpukijFDId8Mp9zfkVN7VUdjESAW1FSEChpjTRQzi6amaFzEkR8KRQG3EYpaJdIPGK-DH4ITubxJACiuIkBUeXQ5pAhBaN2QcRwEiuLfNIAmeW7zdYXIOMQHs+xSCGF0EGDgZBDCEAYa6J5pyXm6Irg6XCr8FA4AANrR1ErtCOqgAC6sAzJmiYvizRvAQCqSnlUclH0qW4rxbXNoxRGLCRwKMWWzLKU4vxe3KqqgGXKCZRS5yrL8VewQCoXFiQApryQAMAV0qhV4urixMQalBLksvrwGVeLKLUVovRRizFa5sQ4hIcl8hNW7WKB4VQ8xLU11Yo3W15KuCau1da0QkNKjkuNZ5OyKlxK8F4OqokobFLhtErHO1UrY2avbp3K0GBe79yEjGo1mqGriIyFcGeRl5g+GjSm-N1K8UGSMsoYAebjU4GsNwDyqBHBeFVoZUKjaq3GrcqHWyylE3qSbZqwdYaR3jprRyqo3LE4h15TLGdbL+xmGGG6wqPhJ7KCEBgA1Cgr7GuSKJZdbb11uAWIe49fr8Ydq8HRBAq78XIyjaJXtL68XIw9mlZoZgMrvq-T+ym-N-0KEA8FEVtgyX9onczRa3i0ztUlSy+D1tFqDQ6MBhD20pqqFqDhjD21rDLQUNYIjytFq7X+gdO2z64M1pA3zAJZhKOG22g9JOz1hDsadttP6DG0NMdw3ZSGFaFAw1Ynx39aN-gxixpW4TbLmOowJkTEm8wZOgepgMWmWnGMqdE2lBobMHCcxANpvmAshZCcFSJ4jntN7S35YZ19xnRCq0GDgKzOs9ZOF80bHhDg92Be2rbe2dmNUOao+dOorsnA+bc9+jzXtShJeU-i2+cDRXiqJMUL9EgYABRrBIfgClVXkrlQq416QMBIH5v5L9-q65oGANJqACpl52K9HCmkiQiwcGESGDgCA0gjfmIkkbUTlA+EQCNwMABRaK9A0SjJoGiFkFYomrWhUtlba3Aw0BoCNyC+RzJwttfTOFMBlQjd25dmY6wFxwqwyNvIwXkiqFiAO3WAJUC2FENwAbEm8uofs2y0Ai9aK7vy32zLJqqI0Xcmln27qdVevqMm31NboN2FIGDgrnBjX8GsKq3udhE6KgUh3SVxqHDWkcPtUAnmKsDEJ-DiH7mNrvqMgNoHUa1XJfAzXQHjgYNmDdXqpTXOCWL2DvjMOoks4y+i2ywlCvRDx0LsnZrVq67WhJj65t9FLR47FbD8Hav8Uq5zmIfOOuks6NURXY1LWxDL0bg7lu9rjXLzsiqjeGgHJBz4LwIXCP3eN398JSoJQgcOC5twX36GApQ-+DDxlROEc3XT-H-41gEARzgUIFguqs+c+t3i9NVRu7ZoHl+otagLdMRSORnwHhRBokbxI5vDlyMZXyp3sUX7bs5pR2IiRmQ2PJdHuICeU991RdTTWufMerR1FVZvL9SAkD3v+F+pQQtcsCw7ZkOuPCZ8sutLaMQoB6XDAg7wft-AfDE94L4KAeLSWYCuHgPCE89gheSAYgMAwwjgVgRWPg3+UAq29AFcdApA6ImAUBMBcBGIgQaI9Aq2KBxWaBaIWBHAmBxAlAgQuB0B5Kq26IxANBiYNA5BaBdAWIxwlATAqBlBaIrB24WBpozQt8xOxykgBAigBG5az+p6gUfKdE4Gm6IhQaz+OKAO5WRq2WykUgz8r8eQ78n8P8-8gCIC4CkC0CsCCCmAKCY86hWCeQOCeC+ABCRCJCZCFCVCNCdCQAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6c76646eedeafc2181343fc0240a64d8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
6ad0103d8fceee20680b17bdf96ccd7074c7bd79f3c5dbe675b8cf19c03686ce

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:59 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:32:59 GMT
server
istio-envoy
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
55
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHyDGiwB9RBBhQwvHqwDMAQWkAzSThDTeAYWkU0MEBGHJQarCQ0Llq9Xy3S4YNCDPDYwnAAsIAdywXFfCpgaho82nyoAJ7ekmBGJs7mtpaB1qHhPDjIELgQwJ5oyMJwHiBwANb+VsE2MmHS1CRoDiBGUBi1cgE8JMCEnfV8WISIdCDAwhBKrsBNLTjCoLBVfACM6dJiZh5gkTNzjAtLMCs8AAwbfI3NjMJYSJ0pdXUZAh0wwkLCSqCP3UEhWyDfgQDDvT4iVB6U4AgYZKKIRLFHJKNDAREnZL-NJAjI4Qh0HBwGjIJo5YQkSLIP7VQEvaRoOgADwpTCSMiesMumSg3mEjgwHhIdAgLN0ODQ7K6tLh0hAFHG-NB4K+UMxHOxNW58sVbxAHyEMJx9L4DicLjcMD07i83iNWtx0ggCuAYCge3xyGMTAlOVOvX63IQIk8PkmLrdkX9fVlVw+AqFkz8WJl2oQRTUzmE4sl9rpdj4ZSgGYJiElJH1wh1wAwv2TGtTjsL6fcpfLlertZAWaiMTAUhTqQdJp4RZLdDLJArH0S4xI6CwiLMedjo5b+In7Y+WBA3hwK7Txdbm6nldKkhIHgPTbXR43k+nrkIwDyUGvI7Hx4flbEwCwQgwLJDUHHguRvT97y3ClzwrYB3wLW9x2-D4fj0d0QCZXMQLAj91zbU8PgALzyetpSHfNgQg-DH3ualgF0fsaXI1cqJPR9slIXpGUIHd4MovC2MrN1yjKCAeMpPiMlY5DXBwcokCjbDjQQ6SoJAKASBgGgsHKGAIEkuUBJk8BBFIzllP4u9qMrHAxMvMhfAM5srMEj4RQgcp9yU4cVKMqCrX-LAMCcxCvyguhiCEH0QtUgjJmQIQ0D9byKKkvy4svfUIAAryG2Yw8kKgrI8hIXKyNAiyMg8agYD7OJvVMKVzJ84EYCUIoX1gBgIAqU5ityOCb16HI4CrdMQuuFoKUlRhTgAJXlJw7R4ABWFIVvOAAVDw0C8jazl23h9qwCAkn2yIxMG-avERLIeKO84joAUTqFaAA4LlWgBON6AHlyjdG6oAAQme16PqOr6voes5NHIGx9uORT9qUPIYbfVbzmAWBmkkGGd2W-bEEihAwAAOm1K0yBoSRhG8HaskVBrEhCsgoFIJmEmXFLV2GUZFWK2YFkmw5FnU9Vys+kde1iHh4iYFmQKlhC6CgCpUX7YR9GQSBIiXJrum5IQ4FBf8yGEbqKnlxqYvXbsREvXa6e7Soee5F05lpjBYnGPZUA6EK3VINprQEL4JArQPQVVdAPlkM4tfdMrmtShpZhuVoTfE05leBWylBINpolia3FbyiqWoyCOQCaRFhAAFhWxPImT7pVgANnrnh29Wdhe9zjIRdaXRdwWRvm9b6R1hvEfvErEoynKOy2mDueQFd8ucIQoeFlnn8a8VbwhD05by+n3CjzZjmJmZ7nN8qwzL+ga-3HnLAJGAGAJUI1pb4Nxtpbun1ibLAqJ0T6hCkSF8mtUDY1rMWDwwg3qQOJBAGB1B2jY2QIg1Y9cQqo3ARMDcUDGTjEDuzQuaAUAmF9GZTUqc+BB0LnvD4C8Kh2RCnAOA8Zdr-3yjeUAgg6pVgFIyW4xAyFu1sOwAAIgAMlAJAWACAUDoGwPge4iJmBUBpgwEACjwDQHgEgKE6i8CUmpMwYMNowzOnGJGORYh9DMDOHIuehJJQgD0Mwc4K1VhyJzE0GAzAO5dx7n3dgZxu6RNWCtOR+hdBwC8cE+uZxVjnDWOcM4+0u7pPbnI-2i1dzeP8WoAAjv0LASTvGyDkWaRItc2QmJCZ3buvde5fXbitL6dTHCJGLGgF0tDmDzgwLUhJzQQDMBgHI2yz4knMHcXI9oiRmASOALMqYlDgk8FkFQRA9c3oACkACaqwRhKBOUoAAyitI5TIQA8AAOJMiUB4HAJy5HVU-p8HZeykDt0IGcI5TyjkgAAFoADk6BKAAOoAAkZFfQ8Dwa5RzP4AAUgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:32:58 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame BB3C
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:33:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20932

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
date
Wed, 19 Jan 2022 18:33:00 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame BB3C
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:33:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23504

Redirect headers

date
Wed, 19 Jan 2022 18:33:00 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://imprnjmp.taboola.com/
access-control-allow-credentials
true
x-varnish
59935160
content-length
0
sync
sync.bfmio.com/ Frame BB3C
Redirect Chain
  • https://sync.bfmio.com/syncb?gdpr=0&pid=170&us_privacy=1---
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=c222d7c1-8acc-4e56-b834-86840521a4ea
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=c222d7c1-8acc-4e56-b834-86840521a4ea
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Server
3.212.89.65 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 19 Jan 2022 18:33:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:33:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=c222d7c1-8acc-4e56-b834-86840521a4ea
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame 0052
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fsynacorrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%5BUSER_ID%5D
  • https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:33:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23504

Redirect headers

date
Wed, 19 Jan 2022 18:33:00 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=41525FB517A54E5CB6A7A5A36FA7A2D3
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://us-match.taboola.com/
access-control-allow-credentials
true
x-varnish
1062506685
content-length
0
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame 0052
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:33:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20932

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=fdcbd65b-8763-4208-bccc-5f0ff0115bb5
date
Wed, 19 Jan 2022 18:33:00 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
sync.bfmio.com/ Frame 0052
Redirect Chain
  • https://sync.bfmio.com/syncb?gdpr=0&pid=170&us_privacy=1---
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=c222d7c1-8acc-4e56-b834-86840521a4ea
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=c222d7c1-8acc-4e56-b834-86840521a4ea
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Server
3.212.89.65 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 19 Jan 2022 18:33:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:33:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=c222d7c1-8acc-4e56-b834-86840521a4ea
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
usermatch
ssum-sec.casalemedia.com/ Frame 23F3 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
83f9f0748b969c9f4676229404c4a03648d9e7ecc976d25733046fb893c6318e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://imprnjmp.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|65|81|90|191|31|40|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 19 Jan 2022 18:33:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 Jan 2022 18:33:00 GMT
Content-Length
1706
Connection
keep-alive
sync
ssbsync.smartadserver.com/api/ Frame 9503 		0
0
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 91F7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://us-match.taboola.com/

Response headers

server
nginx
date
Wed, 19 Jan 2022 18:33:00 GMT
x-fastly-to-nlb-rtt
23504
access-control-allow-credentials
true

Redirect headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8db5d22b-ce4e-01fc-23ad-96d0bf72cce1
date
Wed, 19 Jan 2022 18:33:00 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
ssbsync.smartadserver.com/api/ Frame 388B 		0
0
YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 23F3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
2600:1f18:4e9:5a05:7530:e049:6d41:d338 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:33:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB
date
Wed, 19 Jan 2022 18:33:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 23F3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3daa6f80f962122e&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGdiqC1zS6tAMGi3QOAAAAAAA&expiration=1642703580&is_secure=true
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGdiqC1zS6tAMGi3QOAAAAAAA&expiration=1642703580&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:33:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:33:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:33:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGdiqC1zS6tAMGi3QOAAAAAAA&expiration=1642703580&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 23F3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=q0WZ2ahNydGwQM-H_hbR2KsWztiwRMXU-UFQF2Ig
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=q0WZ2ahNydGwQM-H_hbR2KsWztiwRMXU-UFQF2Ig
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:33:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:33:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 18:33:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=q0WZ2ahNydGwQM-H_hbR2KsWztiwRMXU-UFQF2Ig
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 23F3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AFA610033CEC41D099D2903D4862471D
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AFA610033CEC41D099D2903D4862471D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:33:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:33:00 GMT

Redirect headers

date
Wed, 19 Jan 2022 18:33:00 GMT
x-content-type-options
nosniff
server
openresty
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=AFA610033CEC41D099D2903D4862471D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 18 Jan 2022 18:33:00 GMT
index
dmp.brand-display.com/cm/api/ Frame 23F3 		0
0
crum
dsum-sec.casalemedia.com/ Frame 23F3
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6959035711058652685P
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6959035711058652685P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:33:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:33:00 GMT

Redirect headers

Date
Wed, 19 Jan 2022 18:33:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q6959035711058652685P
Cache-Control
max-age=35250
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame 23F3
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0734220407d296af809f5cdd&expiration=[EXPIRATION]
0
0
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 23F3 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?taboola_hm=YehZTHaLvzfc9K6Athf-PwAAA-UAAAIB&orig=video&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:33:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21434
cs&eq_cc=1
um2.eqads.com/um/ Frame 5FFF
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.249.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
75032256992fb28e519f601793ffb8efdb01488545f9cbdd238b009d87b63d03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Wed, 19 Jan 2022 18:33:00 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 19 Jan 2022 18:33:00 GMT
pragma
no-cache

Redirect headers

date
Wed, 19 Jan 2022 18:33:00 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
crum
dsum-sec.casalemedia.com/ Frame 5FFF 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=1f31c557-9d3a-47fa-8a6f-f2ebec074a1a&expiration=1650393180
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 18:33:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 18:33:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
search.spotxchange.com
URL
https://search.spotxchange.com/openrtb/2.3/dados/229636
Domain
search.spotxchange.com
URL
https://search.spotxchange.com/openrtb/2.3/dados/229636
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?gdpr=0&callerId=4&us_privacy=1---
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?gdpr=0&callerId=4&us_privacy=1---
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0734220407d296af809f5cdd&expiration=[EXPIRATION]

Verdicts & Comments Add Verdict or Comment

652 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| webviewParam object| hashParams object| outputType undefined| newRelativePathQuery object| trb function| i$ function| _toConsumableArray object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer undefined| metaTwitterDnt function| OptanonWrapper object| zephrBrowser number| uniqueIDValue function| zephrLoad function| determinePaywallInclusion function| createEvent function| arrangeZephrData number| nativoLazyLoadOffset object| baselineServices object| DOMHelpers2 function| _createClass function| _classCallCheck function| DeviceDetection function| LazyLoadService object| lazyLoadService function| FeatureAPIHelpers function| TimestampService function| _typeof object| Helpers2 object| UrlParams function| ScriptLoader string| ANALYTICS_REFERRING_PAGE_KEY string| LEAD_ART string| ARTICLE_BODY string| HOMEPAGE string| HOMEPAGE_STORY_FEED string| PLAYLIST string| VIDEO_DETAIL_PAGE string| LIVEBLOG string| GF_PLAYLIST_PARENT string| ARTICLE_GALLERY string| GA_DEFAULT_CD string| RIGHT_RAIL object| genericHelpers function| httpService function| TrackScrollingService function| trackClick function| trackMessages function| trackScroll function| handleMutations function| trackScrolledItems function| trackTaboolaFeedScroll function| trackClickReferrer function| trackElementRenderImpression function| trackElementFocus function| arctrackListeners object| services boolean| disableDssWebview string| minDss object| googletag object| ads object| oVa object| YieldmoService object| serviceCallbacks object| pageBuilder number| _sf_startpt string| GoogleAnalyticsObject function| ga number| BOOMR_lstart function| StickyAdService object| regeneratorRuntime object| ZeusAdapter string| zeusAdUnitPath object| zeusKeyvalues boolean| isSubscriber boolean| isUserLogin function| TaboolaFeedScrollService object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| confiant boolean| apstagLOADED object| apstag function| setImmediate function| clearImmediate object| doc object| loc object| ggeac object| google_js_reporting_queue function| $ function| jQuery function| infuse object| TRC object| _taboola object| _tblConsole object| _comscore function| checkInfuse object| breakpoints object| _sf_async_config number| _sf_endpt object| otStubData object| pbjs object| lotame_13200 object| zeus object| google_tag_manager function| BOOMR_check_doc_domain number| BOOMR_start object| ErrorStackParser object| UserTimingCompression undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| registration function| udm_ object| ns_p object| COMSCORE object| google_tag_data object| gaplugins boolean| creativeVendorLibraryLoaded function| lotameIsCompatible function| lt13200_ba function| lt13200_b undefined| lt13200_c undefined| lt13200_ca undefined| lt13200_da function| lt13200_ea object| lt13200_fa function| lt13200_ga function| lt13200_ha object| lt13200_ object| lt13200_5 function| lt13200_aa function| lt13200_a function| lt13200_d function| lt13200_e function| lt13200_f function| lt13200_g function| lt13200_h function| lt13200_i function| lt13200_j function| lt13200_ja function| lt13200_ia function| lt13200_k function| lt13200_l function| lt13200_ka function| lt13200_m function| lt13200_n function| lt13200_o function| lt13200_p function| lt13200_q function| lt13200_oa function| lt13200_la function| lt13200_ma function| lt13200_s function| lt13200_na function| lt13200_t function| lt13200_u function| lt13200_v function| lt13200_r function| lt13200_w function| lt13200_x function| lt13200_y function| lt13200_z function| lt13200_pa function| lt13200_A function| lt13200_B function| lt13200_qa function| lt13200_C function| lt13200_D function| lt13200_E function| lt13200_ra function| lt13200_G function| lt13200_H function| lt13200_F function| lt13200_sa function| lt13200_I function| lt13200_J function| lt13200_ta function| lt13200_ua function| lt13200_K function| lt13200_va function| lt13200_wa function| lt13200_xa function| lt13200_Ba function| lt13200_ya function| lt13200_za function| lt13200_Aa function| lt13200_Ca function| lt13200_Ea function| lt13200_Da function| lt13200_L function| lt13200_Fa function| lt13200_Ga function| lt13200_Ha function| lt13200_Ia function| lt13200_Ja function| lt13200_Ka function| lt13200_La function| lt13200_Ma function| lt13200_Na function| lt13200_M function| lt13200_N function| lt13200_O function| lt13200_P function| lt13200_Q function| lt13200_R function| lt13200_S function| lt13200_T function| lt13200_U function| lt13200_V function| lt13200_W function| lt13200_X function| lt13200_Y function| lt13200_Z function| lt13200__ function| lt13200_1 function| lt13200_Oa function| lt13200_Qa function| lt13200_Pa function| lt13200_2 function| lt13200_Ra function| lt13200_0 function| lt13200_Sa function| lt13200_Ta function| lt13200_Ua function| lt13200_Va function| lt13200_Wa function| lt13200_Xa function| lt13200_3 function| lt13200_4 function| lt13200_Ya function| lt13200_Za function| lt13200__a function| lt13200_0a function| lt13200_1a function| lt13200_2a function| lt13200_3a function| lt13200_4a function| lt13200_5a function| lt13200_6 function| lt13200_7 function| lt13200_8a function| lt13200_9a function| lt13200_7a function| lt13200_6a function| lt13200_ab function| lt13200_$a function| lt13200_cb function| lt13200_bb function| lt13200_8 function| lt13200_db function| lt13200_eb function| lt13200_fb function| lt13200_gb function| lt13200_hb function| lt13200_jb function| lt13200_mb function| lt13200_lb function| lt13200_ib function| lt13200_pb function| lt13200_kb function| lt13200_nb function| lt13200_rb function| lt13200_qb function| lt13200_sb function| lt13200_ob function| lt13200_tb function| lt13200_ub function| lt13200_vb function| lt13200_9 function| lt13200_wb function| lt13200_xb function| lt13200_yb function| lt13200_zb function| lt13200_Ab function| lt13200_$ function| lt13200_Bb function| lt13200_Cb function| lt13200_Db function| lt13200_Eb function| lt13200_Fb function| lt13200_Hb function| lt13200_Ib function| lt13200_Jb function| lt13200_Gb function| confiantDfpWrap object| PubMaticSync object| headertag function| sha256 function| sha224 string| p426427121 number| p426427122 function| p426427140 function| oConvTrackURL_ function| p426427123 function| p426427119 function| p426427117 function| p426427129 function| p426427126 function| p426427124 function| p426427100 function| p426427105 function| p426427091 function| p426427090 function| p426427088 function| p426427081 function| oEnableNullChecklistener_ function| p426427133 function| p426427072 function| oPageUnload function| p426427001 function| p426427006 function| p426427125 number| p426426991 string| p426426992 object| p426426993 object| p426426994 boolean| p426426995 number| p426426997 number| p426426998 object| p426427019 string| p426427061 number| p426427002 object| p426427069 string| p426427037 string| p426427038 object| p426427075 number| p426427076 boolean| p426427080 number| p426427082 boolean| p426427084 boolean| p426427134 boolean| p426427109 boolean| p426427136 boolean| oObserverChanges_ boolean| p426427135 boolean| p426427137 boolean| oAudienceListenerEnabled_ object| p426427086 string| oDevice string| oParentHostname_ string| oParentPathname_ boolean| p426427087 boolean| p426427089 number| p426427104 boolean| p426427106 number| p426427107 object| p426427096 object| oAdSlots_ object| otkjs boolean| p426427127 boolean| p426427128 object| optimeraInsights string| p426427138 string| p426427046 function| p426426999 string| p426427000 boolean| p426427068 boolean| p426427048 object| p426427047 string| p426427066 number| p426427050 object| opbjs object| oaudLibjs object| ovpjs number| p426427049 object| Optanon object| OneTrust object| pb_global object| banditoEnv object| clavis object| _smtr object| FeatureCompatService function| CollapsibleService object| collapsibleService function| ShowMoreStoriesService object| keyBoardNavigation object| stickyAdService number| APP_BAR_HEIGHT function| TrayService string| DEFAULT_SEARCH_PATH string| INPUT_IDENTIFIER string| INPUT_IDENTIFIER_UNPROCESSED string| FEATURE_API function| InputAutocomplete function| ScrollToggleService object| initAnalytics function| setupS2NApi object| clsImagesContainer function| _defineProperty function| TaboolaService function| loadError function| initTaboolas function| initTaboola object| taboolaService function| NewsletterService object| OneSignalService function| loadAdmiral function| ScreamerServiceNew object| imageService string| _uri string| _context string| _outputType string| _rid object| Zephr undefined| msg object| PARSELY object| ats object| gaData object| oDv number| p426427003 string| oUrl_ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| scmPrty number| oIndex4_ number| p426427018 undefined| _smtrErr object| shqChromeOnsiteResponse object| _shqdbl object| _shqDebug object| SmtrRmkr object| SWG object| dsl string| subStatus object| _cbq function| admiral object| _mather object| _mg2q object| _matherq object| tid object| google_optimize number| BOOMR_configt object| s2nVideo object| teadsscript object| recaptcha number| google_global_correlator function| 4dm1r11545242527 function| OneSignal object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| UrlCache object| SUBSCRIPTIONS object| teads object| tracker string| lock object| zephrOutcomes string| key object| closure_lm_894574 function| cnx object| c string| testAndVariation object| zephrAccessDetails undefined| activeProducts undefined| activeProductLength undefined| activeProductCount undefined| leftEarOutcome undefined| rightEarOutcome undefined| accountFlyoutOutcome string| topicFlyoutOutcome string| subButtonOutcome undefined| regWallOutcome string| toasterOutcome function| readCookie function| cookieValue string| toasterCookie string| toasterValue object| zephrTestGroups number| leftEarMetric number| rightEarMetric number| accountFlyoutMetric number| topicFlyoutMetric number| subButtonMetric number| regWallMetric number| toasterMetric object| zephrMeters object| zephrTrialTrackingDetails object| zephrCredits string| entitlementName string| entitlementId number| countIncremented object| entitlementObj string| num number| __oneSignalSdkLoadCount function| __jp0 object| cnx_usr_storage object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins function| cnxProxyTask object| closure_lm_387120 object| closure_lm_809159 number| BOOMR_onload string| pm_pgtp number| zephrActiveProductLength string| uType boolean| loggedIn string| ssorId object| sophi function| bx object| GoogleGcLKhOms object| _rmxd boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id boolean| plHookRanOnce function| initSwap object| swapRegionMapping undefined| swapConfig object| TRCImpl number| taboola_view_id string| prop object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.64.1 function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| qi object| _pm_mcg boolean| _tb_vd_pg object| tbopt object| webpackChunksnowplow_tracker_javascript_new object| $OPHI_GN function| sophiTag string| sophiGlobalVariable object| Snowplow object| bouncex object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| _qsie object| closure_lm_798439 object| list object| placementData string| nam object| cmTag function| close_bouncex_ad object| google_image_requests object| _cm_wfCounters object| closure_lm_923028 object| closure_lm_266919 function| cnxAddEventListener

271 Cookies

Domain/Path Name / Value
.taboola.com/tribunedigital-chicagotribune/ Name: taboola_session_id
Value: v2_dfd6e5c480bdafa1a764cce265290c15_922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1_1642617169_1642617169_CNawjgYQrco9GOfJ85znLyABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjbwtakkbOV1QpwAQ
.chicagotribune.com/entertainment/theater/reviews Name: _lbz
Value: 0
www.chicagotribune.com/entertainment/theater/reviews Name: liveramp_id_env_sampling_rate
Value: 0
.chicagotribune.com/api/v2/render/feature Name: _lbz
Value: 0
.chicagotribune.com/api/v2/render Name: _lbz
Value: 0
.chicagotribune.com/news/trending Name: _lbz
Value: 0
.resetdigital.co/csync Name: ckbk
Value: 00000096D50A6558
.3lift.com/sync Name: sync
Value: CgoIgQIQxsjznOcvCgoI4gEQxsjznOcvCgoI5gEQxsjznOcvCgoIhwIQxsjznOcvCgkICRDGyPOc5y8KCQg6EMbI85znLwoJCAsQxsjznOcvCgoIjAIQxsjznOcvCgoIngIQxsjznOcvCgkIXxDGyPOc5y8=
.mrtnsvr.com/sync Name: userId
Value: gzHH8124M
.chicagotribune.com/ Name: _lb
Value: 1
www.chicagotribune.com/ Name: akaas_AS_tronc_chicago_tribune_prod
Value: 2147483647~rv=12~id=8d541f835132c40441046e5caa65641d
embed.sendtonews.com/ Name: AWSELBCORS
Value: AB7769910C09524E3F673477D3796BB23C89D09F9B32C0211B388E8F01C728C90F8FFD6D39526649A7A34046C53C69BF23A13465C21D74FB538059D02697B129752C89191F
.doubleclick.net/ Name: IDE
Value: AHWqTUl3M6UPEiP9OKMnLc0_X_4ynhTvmeW5CGEHCswLc2GGRHxOYyQt522D72Bk9Fw
zephr.chicagotribune.com/ Name: blaize_session
Value: a11f1c12-ac74-4454-bc89-4b1a1422d11c
zephr.chicagotribune.com/ Name: blaize_tracking_id
Value: 69238786-5157-4671-829a-78c3c00c23ca
.scorecardresearch.com/ Name: UID
Value: 15LFWYDHLLK1AN6CESLAMWg1642617165
.chicagotribune.com/ Name: __gads
Value: ID=9df888224eb62b92:T=1642617164:S=ALNI_MZEm9rbH_tHo7tgZrS6gdv8MkxlKA
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 22e505047af2ac4526390b3d8af5fbe
.adsrvr.org/ Name: TDID
Value: c222d7c1-8acc-4e56-b834-86840521a4ea
.chicagotribune.com/ Name: _cc_id
Value: 22e505047af2ac4526390b3d8af5fbe
.chicagotribune.com/ Name: _cc_cc
Value: ACZ4XmOQNzJKNTUwNTAxT0wzSkw2MTUyM7Y0SDJOsUhMM01LSmUAgsQXkT4gGgKE7s54J8M4IZ3hPyMjw9HVHQow9pL7S%2BHspRuXqcHEn51%2BpwNj9yGJH980hQUmvulPIVz54jlw4XNHDzHDxHfvuywAYx9GUrN6%2FVNumPjkE%2Bow5rslCGN6EcI7P1rCVMy4dgnuLgC2WVTX
.chicagotribune.com/ Name: _cc_aud
Value: ABR4XmNgYGBIfBHpA6QggIWBrd8GxGTrlwdR3D5tEKoVSAEAfyoFMQ%3D%3D
.chicagotribune.com/ Name: panoramaId_expiry
Value: 1643221964915
.chicagotribune.com/ Name: panoramaId
Value: de128f9e1906e5c2c2b7d46b78d316d53938a196c8e59cfd9570bed0ee73b422
.liadm.com/ Name: lidid
Value: 22b7cb97-45b4-4cc5-b64b-08cec269566d
.chicagotribune.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.chicagotribune.com/entertainment/theater/reviews/ct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html?spMailingID=7839124&spUserID=NDY1MTU5MjM1ODUyS0&spJobID=1420657417&spReportId=MTQyMDY1NzQxNwS2%22%2C%22sref%22:%22%22%2C%22sts%22:1642617165078%2C%22slts%22:0}
.chicagotribune.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=a7c8c1d05af57acb01b5b145e72b3613%22%2C%22session_count%22:1%2C%22last_session_ts%22:1642617165078}
.rubiconproject.com/ Name: rsid
Value: 1|AsOwY0YD/NGDdiiv4cs9DA3hi90NfvHF0Bo+SpLxVVZ2/pSVYm6PRMWYCqaOieGkTxzCtT3GWjvGeUmnD2WgFA74oVwAuQdeukQVJpiMCxkjzG3GXfABU6uTSg==
.chicagotribune.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.chicagotribune.com/ Name: _ga
Value: GA1.2.1787282497.1642617165
.chicagotribune.com/ Name: _gid
Value: GA1.2.128415961.1642617165
d3mmnnn9s2dcmq.cloudfront.net/ Name: AWSELBCORS
Value: AB7769910C09524E3F673477D3796BB23C89D09F9BDF3CAD96ACF359CA02016D8A94686BEC0482ACAB7C24D59FF89179A5DB1C927F9AD5207E9F00B66941558AB2FE8C9DE0
.casalemedia.com/ Name: CMID
Value: YehZTHaLvzfc9K6Athf.PwAA
.chicagotribune.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Jan+19+2022+18%3A32%3A45+GMT%2B0000+(GMT)&version=6.9.0&hosts=&landingPath=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&groups=C0001%3A1%2CC0003%3A1%2CSPD_BG%3A1%2CC0002%3A1%2CC0004%3A1
.rubiconproject.com/ Name: khaos
Value: KYLVUKBY-X-FLXH
.adnxs.com/ Name: uuid2
Value: 3616449762476959287
www.chicagotribune.com/ Name: _lr_geo_location
Value: CA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 64A49E8D-2CB4-45E4-87A3-2194D8C74E3F
.amazon-adsystem.com/ Name: ad-id
Value: A-ulcuagxUNen4ijUu5OmQM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.chicagotribune.com/ Name: _ml_id
Value: e9cba18674025235.1642617166.1.1642617166.1642617166
.chicagotribune.com/ Name: _ml_ses
Value: *
.chicagotribune.com/ Name: _matheriSegs
Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/ Name: _matherSegments
Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/ Name: c_mId
Value:
.chicagotribune.com/ Name: c_PUID
Value:
.chicagotribune.com/ Name: _gat_trb
Value: 1
.rkdms.com/ Name: sessionid
Value: h-b14ff3703c03c430c2b99e5adef98826_t-1642617165
.chicagotribune.com/ Name: smtrrmkr
Value: 637782139656884005%5E017e739c-d778-4203-a953-7d96721f67e8%5E017e739c-d778-4cd6-b6b8-d8c38360cd5b%5E0%5E149.56.153.187
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YehZTgAABTHFZgAZ
.adform.net/ Name: uid
Value: 4579766571360473542
.mathtag.com/ Name: uuid
Value: ab0161e8-594e-4b00-90fe-576cb3984342
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YehZTgAABTHFZgAZ&KRTB&22978-YehZTgAABTHFZgAZ&KRTB&23194-YehZTgAABTHFZgAZ&KRTB&23209-YehZTgAABTHFZgAZ
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:dc1361e8-594e-4000-912e-fc1e60f60433&KRTB&16736-uid:dc1361e8-594e-4000-912e-fc1e60f60433&KRTB&23019-uid:dc1361e8-594e-4000-912e-fc1e60f60433&KRTB&23208-uid:dc1361e8-594e-4000-912e-fc1e60f60433
.bidr.io/ Name: bito
Value: AABB-E7D0LMAAEHRhEm97A
.bidr.io/ Name: bitoIsSecure
Value: ok
.simpli.fi/ Name: suid
Value: AFA610033CEC41D099D2903D4862471D
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-c222d7c1-8acc-4e56-b834-86840521a4ea&KRTB&22918-c222d7c1-8acc-4e56-b834-86840521a4ea&KRTB&23031-c222d7c1-8acc-4e56-b834-86840521a4ea
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEAKlFOpTZcCm6QSXx5aDNks&KRTB&22987-CAESEAKlFOpTZcCm6QSXx5aDNks&KRTB&23025-CAESEAKlFOpTZcCm6QSXx5aDNks
.yahoo.com/ Name: A3
Value: d=AQABBE5Z6GECEMzNdQUHoxMcr-a5SFlzY7kFEgEBAQGq6WHyYQAAAAAA_eMAAA&S=AQAAAnN5_0kCy5Q2JVDAdA-3XTc
zephr.chicagotribune.com/ Name: AWSALB
Value: MvaDS/hQoOHWwqFTqAKEK/5N3WvnHiJrrDa0w/lsepNFk/MAJQjKEQgjb0XwegsxoigTBrteoN4kmTQwhLqqQqB9VNmRzD6ywqm34AxCU5AkAAJbbhFnM1ZzHW1j
zephr.chicagotribune.com/ Name: AWSALBCORS
Value: MvaDS/hQoOHWwqFTqAKEK/5N3WvnHiJrrDa0w/lsepNFk/MAJQjKEQgjb0XwegsxoigTBrteoN4kmTQwhLqqQqB9VNmRzD6ywqm34AxCU5AkAAJbbhFnM1ZzHW1j
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:AFA610033CEC41D099D2903D4862471D
.technoratimedia.com/ Name: tads_uid
Value: 41525FB517A54E5CB6A7A5A36FA7A2D3
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220119133246-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AABB-E7D0LMAAEHRhEm97A
www.chicagotribune.com/ Name: _cb_ls
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABB-E7D0LMAAEHRhEm97A
www.chicagotribune.com/ Name: _cb
Value: DknGO_BOAqk_CiUOs_
www.chicagotribune.com/ Name: _chartbeat2
Value: .1642617166386.1642617166386.1.D7hwgDDYxJoFDAExfdBrToDziWCTa.1
www.chicagotribune.com/ Name: _cb_svref
Value: null
.turn.com/ Name: uid
Value: 8234736566488735343
.tremorhub.com/ Name: tvid
Value: 6e2b452fca1e40aea24912754e6f364a
.openx.net/ Name: i
Value: d9230e51-8dc8-0f5c-0bd5-5fbe7a285ba8|1642617166
.google.com/ Name: NID
Value: 511=YWSWkovjOPko20Rt_S6G_xNF_P-aE-w4FcEo1RLvhYPraMVvwl5SjxztdSxX22iYKWgDe9AMJOEnbAYPfZRangC09GPw0vdcMUJ8m0zJB1ghVxIMVzcVLtUYgztE2Wlc-ORuineMOjEJW0Rnfd_KxpbkeilDrZ60PZtKe155KrA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8234736566488735343
.pippio.com/ Name: did
Value: vkYgJ4wLEU3fqLJV
.pippio.com/ Name: didts
Value: 1642617166
.pippio.com/ Name: nnls
Value:
.spotxchange.com/ Name: audience
Value: 3298609f-7956-11ec-992c-18f0df000003
.teads.tv/ Name: tt_viewer
Value: 95708d94-b808-445e-a2f8-e7fac4e14b84
.casalemedia.com/ Name: CMPS
Value: 469
.casalemedia.com/ Name: CMPRO
Value: 997
.krxd.net/ Name: _kuid_
Value: OnIYy5vp
.eyeota.net/ Name: mako_uid
Value: 17e739cdbee-68150000010a549f
.eyeota.net/ Name: SERVERID
Value: 21663~DM
.postrelease.com/ Name: visitor
Value: 19612126-2264-4870-abc8-417840092cbd
.postrelease.com/ Name: status
Value: 1
.sitescout.com/ Name: ssi
Value: abe727c9-f5b4-4cec-84be-b2a19768e706#1642617166836
.ml314.com/ Name: pi
Value: 3624536528516022358
.pippio.com/ Name: pxrc
Value: CM6yoY8GEgQIAhAAEgYI7OsBEAA=
.agkn.com/ Name: ab
Value: 0001%3AALdkD0o63Z2B7ciHtpKnojemLS2uWHP%2B
.yieldmo.com/ Name: yieldmo_id
Value: g83f266c2bdfa7a09754%7C1642617166950%7C0%7C
.thrtle.com/ Name: mc
Value: eyJpZCI6IjM3OWNjOTE0LTk5ODAtNDk5MC04ZmMxLTFkMDA1ZDgxNDQyNCIsImwiOjE2NDI2MTcxNjY5NTcsInQiOjF9
.kargo.com/ Name: ktcid
Value: cb8c4659-7d49-0219-508b-84ad116d76f3
.3lift.com/ Name: tluid
Value: 4673296360271624245
.chicagotribune.com/ Name: _awl
Value: 2.1642617166.0.5-71817ed9e2ccb7eea01ca0057501487e-6763652d75732d6561737431-0
.linksynergy.com/ Name: rmuid
Value: c1428f21-a461-433d-9441-471e4cb14c42
.linksynergy.com/ Name: icts
Value: 2022-01-19T18:32:47Z
.openx.net/ Name: univ_id
Value: 537072971|c222d7c1-8acc-4e56-b834-86840521a4ea|1642617167216199
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cSkD72btTL5bfCAJn5TcLyvdS7Oelazgs1XHMcGdQidDp8e5W0XWOZ3lPLsrMC4Q2
.contextweb.com/ Name: V
Value: swO3BX3KC4Qh
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: acc5899ca01b2810
.bidswitch.net/ Name: tuuid
Value: c537c1a7-8b12-48ac-8876-293826cb2880
.bidswitch.net/ Name: c
Value: 1642617167
.bidswitch.net/ Name: tuuid_lu
Value: 1642617167
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5cd5bad5-216b-427c-541c-18869ebc79d1.6vLuW43nPte0krd%2BlGOVD3eSqpRn8sdqKGnSLFcjvwU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-5cd5bad5-216b-427c-541c-18869ebc79d1%24ip%24149.56.153.187.53MiTL0omm%2B8KSit967PxlbPipRxc9Kc%2F1vxyubZbjs
.mathtag.com/ Name: mt_mop
Value: 9:1642617167
capi.connatix.com/ Name: cnx_userId
Value: f021565052754a778cf6ebe173497f87
.casalemedia.com/ Name: CMRUM3
Value: f161e8594e05a0&2761e8594e0b40&9861e8594e05a0&8261e8594f2760AABB-E7D0LMAAEHRhEm97A&9c61e8594f2760968068c7-148e-4ffc-b8eb-2a78cfaf20ae&e661e8594e2760&2d61e8594e05a0&0361e8594e05a0
.ads.yieldmo.com/ Name: ptrt
Value: c222d7c1-8acc-4e56-b834-86840521a4ea
.ads.yieldmo.com/ Name: ptrstk
Value: XNW61SFrQnxUHBiGnrx50ZU4mbs
www.chicagotribune.com/ Name: cnx_userId
Value: f021565052754a778cf6ebe173497f87
.ads.yieldmo.com/ Name: ptrpp
Value: swO3BX3KC4Qh
.ads.yieldmo.com/ Name: ptrbsw
Value: c537c1a7-8b12-48ac-8876-293826cb2880
.advertising.com/ Name: APID
Value: UP33692661-7956-11ec-bf71-0296dfb51d47
.rlcdn.com/ Name: pxrc
Value: CM6yoY8GEgUI6AcQABIFCOhHEAASBgi46wEQAQ==
www.chicagotribune.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.chicagotribune.com/ Name: _pubcid
Value: 749b01b1-9852-406b-bb75-31cfc429fa47
.yahoo.com/ Name: APID
Value: UP33692661-7956-11ec-bf71-0296dfb51d47
.sharethrough.com/ Name: stx_user_id
Value: 56b36cc4-6da5-4c7e-944c-a67b1c0f5738
.acuityplatform.com/ Name: auid
Value: 641253725093
.springserve.com/ Name: ssid
Value: 3a173c21-27ac-499b-ac6f-1650241db444
.springserve.com/ Name: sst
Value: 1642617168235
.quantserve.com/ Name: mc
Value: 61e85950-43fcb-96b29-095d5
www.chicagotribune.com/ Name: cto_bidid
Value: 9msrYl8yMTVwVmwxWTBlWlNrZ3kwNndRSTBBYWVDaUkySyUyQjFHamIlMkZwaHk1aFUlMkZ1YlhWeSUyQlVMUldIcVZsdUhabHd3WHB3Um5vaVl0eXBucEJxTExDQ2M2bTVRJTNEJTNE
www.chicagotribune.com/ Name: cto_bundle
Value: oEc9nl8lMkJwc3JPeEhvNnRmNkZOZXElMkZhTURMUEFUWENtYXA4b1VXWTNzWGMzeDlUUmMwd2k2dHI4Nk1OWFNqbmFmRk9iMnRGWnQwZ1BnT1RVeTUlMkJMeVlGYnMlMkZnVkwxQmhjMUNUJTJCemU0dWZIUTZOSHlUbXJMdzlscmNsd0tFaHE5MlU1cm0
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FLQXJJR0d6SXpkbUZzZGtOWFJHSnJZM0J6Wlhsb2JucG5RbTFyVkdJek43b0dOd2lSVGhJeVlXSmxOekkzWXprdFpqVmlOQzAwWTJWakxUZzBZbVV0WWpKaE1UazNOamhsTnpBMkxUWXhaVGcxT1RSbExUUXpOREc2QmlrSW1VNFNKR00xTXpkak1XRTNMVGhpTVRJdE5EaGhZeTA0T0RjMkxUSTVNemd5Tm1OaU1qZzRNTG9HRVFpbVRoSU1OalF4TWpVek56STFNRGt6dWdZRENLcE91Z1lEQ0s1T3VnWURDTEJPdWdZeENNbE9FaXg1TFZkdWJubFNNemxGTW5WSE4wdG5lR1ZvYWxSc1QydFhVREZJYkY5cWNrWTFRWEZuVERGUWR5MStRYm9HS1FqTFRoSWtOVFppTXpaall6UXRObVJoTlMwMFl6ZGxMVGswTkdNdFlUWTNZakZqTUdZMU56TTQiLCJpYXQiOjE2NDI2MTcxNjh9.JEqzWzCkgUtXtUKShhTUZqrDODofBTScikM15_92TibsTEAGnHPCqHDcS6CtK8RBEuwSi6GCkz2ubqEPFaK1UQ
.bing.com/ Name: MUID
Value: 19B933C2079A6FCA09D722F306306EC7
.c.bing.com/ Name: MR
Value: 0
.zemanta.com/ Name: zuid
Value: dqJbbnEkDteeGpaflQ6V
www.chicagotribune.com/ Name: _tb_sess_r
Value:
.linkedin.com/ Name: li_sugr
Value: bbc9c1d6-1d35-4fef-b6d7-7a902ff8b88c
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6abc6243-2838-496c-8b1c-491875d233fb"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2581:u=1:x=1:i=1642617169:t=1642703569:v=2:sig=AQEljqJnC3LyBCewrPV_M15SPkJ0igmw"
.chicagotribune.com/ Name: sophiTagses.f6cf
Value: *
.chicagotribune.com/ Name: sophiTagid.f6cf
Value: 97e4ea38-a2d9-4f9f-ae48-09d87e589811.1642617169.1.1642617169.1642617169.766adfc1-6c26-4db7-9d7f-e2e53680a7bd
.chicagotribune.com/ Name: _sp_duid
Value: 97e4ea38-a2d9-4f9f-ae48-09d87e589811
.creative-serving.com/ Name: tuuid
Value: cdf5c145-0ef1-456c-b6ed-852e66eab5ae
.creative-serving.com/ Name: c
Value: 1642617169
.creative-serving.com/ Name: tuuid_lu
Value: 1642617169
.adsymptotic.com/ Name: U
Value: 2503b2dd4f439a771f8197ca57085f88
.taboola.com/ Name: t_gid
Value: 922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
www.chicagotribune.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
.cdnwidget.com/ Name: __3idcontext
Value: {"cookieID":"22M5TJXUEWM4KV32QMJ7SE7NYOMYDWBJYDPJJNM6PGSQ====","deviceID":"22M5TJXUE7KL6RAMXQN4KBHJ635YHZDVTKV37GMEN2WA====","iv":"4S7MXNW4TC34GAS2SAKH6TG7DU======","v":1}
.cdnwidget.com/ Name: __adcontext
Value: {"cookieID":"22M5TJXUEWM4KV32QMJ7SE7NYOMYDWBJYDPJJNM6PGSQ====","deviceID":"22M5TJXUE7KL6RAMXQN4KBHJ635YHZDVTKV37GMEN2WA====","iv":"4S7MXNW4TC34GAS2SAKH6TG7DU======","v":1}
.chicagotribune.com/ Name: __idcontext
Value: eyJjb29raWVJRCI6IjIyTTVUSlhVRVdNNEtWMzJRTUo3U0U3TllPTVlEV0JKWURQSkpOTTZQR1NRPT09PSIsImRldmljZUlEIjoiMjJNNVRKWFVFN0tMNlJBTVhRTjRLQkhKNjM1WUhaRFZUS1YzN0dNRU4yV0E9PT09IiwiaXYiOiI0UzdNWE5XNFRDMzRHQVMyU0FLSDZURzdEVT09PT09PSIsInYiOjF9
.openx.net/ Name: pd
Value: v2|1642617166.1.3|iKvMgakWgy.bwvPhEgKg2.mmuYvJeSf8ke
.yahoo.com/ Name: APIDTS
Value: 1642617170
.bounceexchange.com/ Name: bounceClientVisit2051c
Value: %7B%22vid%22%3A1642617170267015%2C%22did%22%3A%224012022120052042126%22%7D
.rlcdn.com/ Name: rlas3
Value: miBW67NpbAtr1uaq1sOJ6XtTV28mXNTWD1UFjFoiPl8=
.tapad.com/ Name: TapAd_TS
Value: 1642617170428
.tapad.com/ Name: TapAd_DID
Value: e8871f41-f1ff-4faf-98aa-f84c2a6df530
.ipredictive.com/ Name: cu
Value: 35045f58-7956-11ec-88c6-5d8ea439b083|1642617170527
.extremereach.io/ Name: userid_prod2
Value: 8913f5ae6e02ee82d758098b5c43dead
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.chicagotribune.com/ Name: bounceClientVisit2051v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0AxnAJYUCGA5gPYIBO1ARgK4B2AppSYBbInx4I+rBHWo8hYhEQRw+dCayKs+AN2p9i6AhQQBaBSaYBrMHTjC6JjqyZ0AJsToBPEwiZdWJlS0jEwmWrr6JrgADLgxAIzxGBbaAGYAjhASFCg8HAgArEwolp5c1EwUuOl0AOxCJii+rJ5kiEJgmPgoEACyMmCyDACSACKYo7UAHBgAnPG4ACx4AGw9AKookmMTAHKjAJrxvQAq6wW9AFa98QDyo+ueAMrRqz0AUkwcOxij8YsxFYFWqLeK1N4QABKfAgTCkw1cE1OAEVPL1DvFdgAvZEAD12xCeuBAABoQKwYCBSSAtgwYABtAC6AF8gA
ssp.behave.com/ Name: tuuid
Value: bde0e284-72fd-49ae-98a6-16c0eb1d3efc
ssp.behave.com/ Name: c
Value: 1642617170
ssp.behave.com/ Name: tuuid_lu
Value: 1642617170
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~22r6:18y3~22r6:18za~22r6:191l~22r6:187s~22r6:1776~22r6:195y~22r6"
event.clientgear.com/ Name: mkuuid
Value: mkf2339889-8b16-4350-bb5e-db4427194736
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156512:3
.pubmatic.com/ Name: DPSync3
Value: 1643760000%3A228_236_201_197_219_221%7C1642636800%3A174%7C1643155200%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1643155200%3A15_2_223_38%7C1647734400%3A69%7C1642982400%3A216%7C1643414400%3A63%7C1645142400%3A224%7C1643846400%3A35%7C1643760000%3A7_240_239_81_243_220_13_231_204_55_233_222_71_3_238_22_5_99_96_56_234_21_178_48_8_57_104_176_166_54_165
.tremorhub.com/ Name: tv_UISTB
Value: <taboolaUserId>
.tremorhub.com/ Name: tvssa
Value: 1642617170907
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTM3+o11c2VyTWF0Y2hpbmdJZCQEkpFsYXN0RHJvcFRpbWVNaWxsaXMlAT8cc04JqphsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQE/HHNOCaqPdGhpcmRQYXJ0eVVzZXJJZCH7gTI5+kIkukMlAT8cc05epkQlAT8cc05epkVjYzUzN2MxYTctOGIxMi00OGFjLTg4NzYtMjkzODI2Y2IyODgw+4A2+kLMQyUBPxxzTl+2RCUBPxxzTl+2RSH7+4Z2ZXJzaW9uwvs="
.quantserve.com/ Name: d
Value: ENwBEgGeJfijD9r7EA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-XNW61SFrQnxUHBiGnrx50ZU4mbs
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0MjYxNzE3MDk2OCwiMTciOjE2NDI2MTcxNzA0MDUsIjciOjE2NDI2MTcxNjY5NjJ9
.adgrx.com/ Name: ADGRX_UID
Value: 35483968-7956-11ec-bad7-68220af88a6f
ssp.behave.com/ Name: um2
Value: !2,c537c1a7-8b12-48ac-8876-293826cb2880,411895970
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-641253725093
.pointmediatracker.com/ Name: c
Value: 121c18eb-9fd4-4f8f-b270-d286ef47e505
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4579766571360473542&KRTB&23263-4579766571360473542
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-35045f58-7956-11ec-88c6-5d8ea439b083&KRTB&23011-35045f58-7956-11ec-88c6-5d8ea439b083
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-KIG15iuJ5e4zhOO4fdL95yjS4uczgOnreoWKOWKb&KRTB&19420-KIG15iuJ5e4zhOO4fdL95yjS4uczgOnreoWKOWKb&KRTB&22979-KIG15iuJ5e4zhOO4fdL95yjS4uczgOnreoWKOWKb
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-abe727c9-f5b4-4cec-84be-b2a19768e706-61e8594e-4341
.fiftyt.com/ Name: fifid
Value: 24c5dd63-6c0f-42d8-5fe6-fb8b2948dc41
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-35483968-7956-11ec-bad7-68220af88a6f
.deepintent.com/ Name: CDIUSER
Value: di_00cf62e5a3f24a0f952bf
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D9e98d77b-7461-43b2-8bb3-0c6790007fa0
.bnmla.com/ Name: rx_uuid
Value: 9e98d77b-7461-43b2-8bb3-0c6790007fa0
.bnmla.com/ Name: rx_maxage_10738
Value: 1643913171
.w55c.net/ Name: wfivefivec
Value: NpJI2n1H1NafLl5
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q6959035711058652685P
.owneriq.net/ Name: pmc
Value: 1
.inmobi.com/ Name: idsp_c
Value: 5375b53f-8e0d-471e-ae4c-f4330ef2339e
io.narrative.io/ Name: io.narrative.guid.v2
Value: 3552cd10-7956-11ec-96af-0e9f37bd45a9
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-b0a984ec-42ea-409f-952b-be1ac433cef2
.w55c.net/ Name: matchpubmatic
Value: 5
.fiftyt.com/ Name: cs
Value: MTY0MjYxNzE3MXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fCfJHuVaG8p3giuwmmUHRG9UUZt243c0S8eouINmNI2p
.fiftyt.com/ Name: fppm
Value: 20220119183251
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-5375b53f-8e0d-471e-ae4c-f4330ef2339e&KRTB&23266-5375b53f-8e0d-471e-ae4c-f4330ef2339e&KRTB&23285-5375b53f-8e0d-471e-ae4c-f4330ef2339e
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_be68cba0-cb4a-4afa-8482-29e8b683058d
beacon.lynx.cognitivlabs.com/ Name: UID
Value: a86c5780-09b2-45aa-bd8b-6da93279b09f
beacon.lynx.cognitivlabs.com/ Name: ss
Value: jO%2BI1kADptCN5QXVRhISrAcacBNtnq6d9BlQiCkriAiT4U9HTMiXd3TphZUSuukvlz3n5vvpNHfeAUC4ZvdA9Q%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:NpJI2n1H1NafLl5
.mfadsrvr.com/ Name: tuuid
Value: e48bbc8b-9aa5-4c03-89e5-b8538c7fd3d8
.mfadsrvr.com/ Name: c
Value: 1642617171
.mfadsrvr.com/ Name: tuuid_lu
Value: 1642617171
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005%22%7D
.dotomi.com/ Name: DotomiTest
Value: 44d96eb27edf122d
ads.playground.xyz/ Name: connect.sid
Value: s%3AG-OGgJCkDwqZvMadLqD5NJT6_ayNv2p2.RVPldh7%2FYiXr8IeJ2nLrGERUPhAJ9dsOji8Q74MYJU4
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3616449762476959287&KRTB&23339-3616449762476959287
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23175-00000096D50A6558
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c537c1a7-8b12-48ac-8876-293826cb2880
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q6959035711058652685&KRTB&22521-Q6959035711058652685
.mfadsrvr.com/ Name: bsw_uid
Value: c537c1a7-8b12-48ac-8876-293826cb2880
.casalemedia.com/ Name: CMDD
Value: AARQEwIAAu-4CQ**
.mxptint.net/ Name: mxpim
Value: R1B342_E9F3C299_BC591F2A.1.000000000000000061E85953
.tribalfusion.com/ Name: ANON_ID
Value: aNnseFyg6AarA7u8QGkw4puiTFnU22tIDwPFy0hUo3ZbnQF1HYPLGCKtM0i84AopAw2yRQn5frF4deCKZbPDTa
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGdiqC1zS4xgMdpxkIAAAAAAA&KRTB&22713-AAAGdiqC1zS4xgMdpxkIAAAAAAA&KRTB&22715-AAAGdiqC1zS4xgMdpxkIAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_308
Value: 22925-9e98d77b-7461-43b2-8bb3-0c6790007fa0
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B342_E9F3C299_BC591F2A&KRTB&23092-R1B342_E9F3C299_BC591F2A
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005%22%7D
.onaudience.com/ Name: cookie
Value: d3c4f10e2eb70103
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-4fe7cdc2-39ca-4e4d-aa28-917aad06f796-005
.onaudience.com/ Name: done_redirects161
Value: 1
id.sharedid.org/ Name: sharedid
Value: 01FSSSSVBSKADAZ5QCX8B4DDHN
.chicagotribune.com/ Name: _pubcid_sharedid
Value: 01FSSSSVBSKADAZ5QCX8B4DDHN
.adsby.bidtheatre.com/ Name: __kuid
Value: 4562d301-91df-46c4-9bf1-cc1356430190.411831171
.exelator.com/ Name: EE
Value: "12ae88a8f07eddf037347430bb7d00e6"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHQKDHVwiLRIs3APDUlJc3A2NzYxNzE2CApyTzFwCDVbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvoiZ8fFRSlpDItKik8F77c8BwB%252BJyoo"
.c.appier.net/ Name: _auid
Value: mPPSdJz3A-Gnd4vIU1noYQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-mPPSdJz3A-Gnd4vIU1noYQ&KRTB&23130-mPPSdJz3A-Gnd4vIU1noYQ
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects109
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxKB0h4itbKjpu1WuCoMxA8a+JUixCbOKdrbqElguRJooPC3g3T1iK9uuNe2Yxfyx1Dg/ajqo5sELLsyV++To7Vc4HEYI5ehIrXOs1hOtGWC1/1bbe4SiDkk
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1bp1|5Ql.0.922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1|7TZ.0.1
.pubmatic.com/ Name: KRTBCOOKIE_1235
Value: 23226-922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1:$UID
.pubmatic.com/ Name: PugT
Value: 1642617171
.criteo.com/ Name: uid
Value: 9964d0d6-5fb3-494e-b572-b755310d3d19
.mfadsrvr.com/ Name: ssh
Value: !taboola,1642617171!bidswitch,1642617171
.lijit.com/ Name: ljt_reader
Value: 3ea4a8059346696beeb4c1b7
.omnitagjs.com/ Name: ayl_visitor
Value: 1e19965aa0bbf1e9e24e923c9c74871d
.fg8dgt.com/ Name: tuuid
Value: 3b785fa1-b845-4665-8cbc-f008c91c6933
.fg8dgt.com/ Name: c
Value: 1642617171
.fg8dgt.com/ Name: tuuid_lu
Value: 1642617172
.id5-sync.com/ Name: id5
Value: b9bcb81e-93fc-4c89-91a1-294387a74794#1642617172209#1
.smartadserver.com/ Name: pid
Value: 2200892378350975080
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:922f4155-cef3-4b25-a204-2731f70f5bd6-tuct8e1ded1
.casalemedia.com/ Name: CMTS
Value: 3803
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjupJztg-GtOhAFEhUKBmNhc2FsZRILCPKKufeD4a06EAUSFAoFb3BlbngSCwikw_v3g-GtOhAFEhYKB3J1Ymljb24SCwj82vz5g-GtOhAFEhYKB3N2eDl0NTASCwiW652KhOGtOhAFGAEgASgCMgsIgN7O2ZrhrToQBTgBWgc4aDl1MTFoYAI.
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.pubmatic.com/ Name: SPugT
Value: 1642617172
.go.sonobi.com/ Name: __uis
Value: b87b2c55-ced3-4bdd-956f-54276ce1d199
.go.sonobi.com/ Name: HAPLB8S
Value: s8652|YehZV
.adnxs.com/ Name: icu
Value: ChgI99FAEAoYBiAGKAYw1bKhjwY4BkAGSAYKGAj4wUMQChgBIAEoATDNsqGPBjgBQAFIARDVsqGPBhgG
.casalemedia.com/ Name: CMST
Value: YehZTGHoWVUC
.id5-sync.com/ Name: 3pi
Value: 464#1642617172327#-1832939149|2#1642617172464#1940667493#3616449762476959287|434#1642617173095#1298024813|3#1642617172609#-608458961#ab0161e8-594e-4b00-90fe-576cb3984342|264#1642617172740#593012239#c222d7c1-8acc-4e56-b834-86840521a4ea|136#1642617173429#943728679|108#1642617173237#-1587669477|429#1642617172884#-1859742613
.id5-sync.com/ Name: callback
Value:
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQNzJKNTUwNTAxT0wzSkw2MTUyM7Y0SDJOsUhMM01LSmUAgsQXkWHf%2Fv%2F%2Fzw%2FigIHQ3RnvZBgnpDP8Z2RkOLq6QwHGXnJ%2FKZy9dOMyNZj4s9PvdGDsPiTx45umsMDEN%2F0phCtfPAcufO7oIWaY%2BO59lwVg7MNIalavf8oNE598Qh3GfLcEYUwvQnjnR0uYihnXLsHdBQBxTVjj"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIfBEZBqQggIWBrd8GxGTrlwdR3D5tEKoVSAEAgLAFOw%3D%3D"

16 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pi979-10rsz.ads.tremorhub.com/ad/tag?adCode=pi979-bkhbg&playerWidth=740&playerHeight=416&srcPageUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&supplyCode=pi979-10rsz&schain=1.0,1!sendtonews.com,g4nkrAVSzVCp8H-G4jRi5w,1,,,&transactionId=040086f4-2471-4640-a56d-7a7a9c9f7258&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fentertainment%2Ftheater%2Freviews%2Fct-ent-oklahoma-broadway-tour-chicago-review-20220113-ovfqptecsnbt5oskyuioc2qa7m-story.html%3FspMailingID%3D7839124%26spUserID%3DNDY1MTU5MjM1ODUyS0%26spJobID%3D1420657417%26spReportId%3DMTQyMDY1NzQxNwS2&hb=1&fmt=json&_tur=T
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=3616449762476959287&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YehZTgAABTHFZgAZ
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c222d7c1-8acc-4e56-b834-86840521a4ea&gdpr=0&gdpr_consent=&expires=30
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1436
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=gzHH8124M&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
173bf111.akstat.io
63cae183affa97044b8cb5582b7200aa.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
ampcid.google.ca
ampcid.google.com
api.bounceexchange.com
api.rlcdn.com
as-sec.casalemedia.com
assets.bounceexchange.com
assets.zephr.com
ats.rlcdn.com
aud.pubmatic.com
authenticate.chicagotribune.com
b1sync.zemanta.com
bc-ssb-cle.springserve.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
beacons-ipv4.extremereach.io
beacons.extremereach.io
bh.contextweb.com
bid.g.doubleclick.net
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.go-mpulse.net
c1.adform.net
ca1.qualtrics.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.blisspointmedia.com
cdn.cookielaw.org
cdn.districtm.io
cdn.jwplayer.com
cdn.onesignal.com
cdn.parsely.com
cdn.resonate.com
cdn.sophi.io
cdn.taboola.com
cdn1.extremereach.io
cdnjs.cloudflare.com
cds.connatix.com
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
cks.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
collector.sophi.io
confiant-integrations.global.ssl.fastly.net
core.iprom.net
crb.kargo.com
cs.emxdgt.com
csi.gstatic.com
csync.loopme.me
d15kdpgjg3unno.cloudfront.net
d1n00d49gkbray.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d3mmnnn9s2dcmq.cloudfront.net
data.cdnbasket.net
dfp.bouncex.net
dis.criteo.com
dmp.brand-display.com
dmx.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
dyv1bugovvq1g.cloudfront.net
e1.emxdgt.com
eb2.3lift.com
embed.sendtonews.com
eus.rubiconproject.com
event.clientgear.com
events.bouncex.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id.sv.rkdms.com
id5-sync.com
ids.cdnwidget.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
imprnjmp.taboola.com
insights.zeustechnology.com
io.narrative.io
ir.surveywall-api.survata.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
links.engage.ticketmaster.com
loada.exelator.com
m.fg8dgt.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
ml314.com
mug.criteo.com
mweb.ck.inmobi.com
news.google.com
onesignal.com
p.adsymptotic.com
p.rfihub.com
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
pd.cdnwidget.com
pi979-10rsz.ads.tremorhub.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.pointmediatracker.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
play.google.com
player-files.remixd.com
player.sendtonews.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
protected-by.clarium.io
ps.eyeota.net
pubads.g.doubleclick.net
pubcast-files.remixd.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtd-tm.everesttech.net
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
s8t.teads.tv
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
sendtonews-d.openx.net
simage2.pubmatic.com
simage4.pubmatic.com
siteintercept.qualtrics.com
smoggysnakes.com
sonata-notifications.taptapnetworks.com
sqs.us-east-1.amazonaws.com
ssbsync.smartadserver.com
ssor.tribdss.com
ssp.behave.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.teads.tv
taboola-supply-partners.tremorhub.com
tag.1rx.io
tag.wknd.ai
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tags.remixd.com
thrtle.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr2.smarterhq.io
trc-events.taboola.com
trc.taboola.com
tribune-chicagotribuneclassic.zeustechnology.com
u.cdnwidget.com
u.openx.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
vast.extremereach.io
vid-io-cle.springserve.com
vid.connatix.com
vid.springserve.com
vidstat.taboola.com
view.cdnbasket.net
visitor.fiftyt.com
visitor.omnitagjs.com
vpaid.springserve.com
widget.perfectmarket.com
www.chicagotribune.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.tribdss.com
x.bidswitch.net
zephr.chicagotribune.com
zn3mj4uj3nxslnmih-tribune.siteintercept.qualtrics.com
dmp.brand-display.com
dsum-sec.casalemedia.com
search.spotxchange.com
ssbsync.smartadserver.com
104.102.253.139
104.118.8.253
104.16.190.66
104.16.68.69
104.17.208.240
104.17.209.240
104.18.12.242
104.18.99.194
104.36.113.24
104.36.115.111
104.36.115.114
104.45.178.220
104.77.8.143
107.178.246.49
107.178.250.234
107.178.254.65
107.23.41.144
13.224.214.23
13.224.214.91
13.225.214.29
13.225.222.69
13.225.230.11
13.225.230.117
13.225.230.118
13.225.230.53
13.225.230.54
13.225.230.62
13.225.230.85
13.33.46.111
13.33.46.43
13.33.46.45
141.226.224.32
141.226.224.48
142.250.65.194
142.250.72.98
142.251.32.98
142.251.35.162
142.251.4.154
143.204.150.36
151.101.1.44
151.101.130.137
151.101.193.194
151.101.194.137
151.101.2.49
156.154.202.36
159.65.197.210
162.55.120.196
169.197.150.8
169.61.103.241
172.105.203.31
173.223.56.123
173.231.178.77
18.207.77.150
18.209.139.57
18.209.200.15
18.210.180.232
18.211.94.94
18.215.192.237
18.223.14.89
18.223.204.51
18.233.240.143
185.167.164.37
192.132.33.46
192.35.249.120
192.35.249.142
193.122.128.135
195.244.31.11
195.5.165.20
198.148.27.140
199.127.204.147
199.127.204.163
199.187.193.166
199.38.167.128
2001:438:65:11::1720
2001:4998:14:800::1001
204.2.255.233
207.198.113.169
216.200.232.249
23.10.88.241
23.217.25.136
23.39.175.77
23.52.162.21
23.52.164.7
23.64.109.237
23.73.244.44
23.88.75.188
23.92.190.69
2404:6800:4005:81d::2003
2600:1400:b000:4ac::11a6
2600:1400:d:18f::26e5
2600:141b:13:6ad::11a6
2600:141b:13::17d7:823a
2600:1f18:4e9:5a05:7530:e049:6d41:d338
2600:1f18:612b:4216:369e:8f18:e653:ef27
2600:1f18:612b:4216:ea4:d95f:6e76:faa7
2600:1f18:66e7:fb11:219f:3941:9d50:b09d
2600:1f18:66e7:fb12:6f41:d484:66e:dd06
2600:9000:202c:8c00:8:48e:53c0:93a1
2600:9000:2162:ba00:5:82fd:2500:21
2600:9000:21da:a000:18:1fcd:34f:cdc1
2600:9000:21da:b400:1:a3fa:7cc0:93a1
2600:9000:21dd:da00:15:6f6c:b180:93a1
2600:9000:21ec:2800:11:b309:9100:21
2600:9000:21ec:5600:1b:5138:8a40:93a1
2600:9000:21ec:6c00:e:f240:cc80:21
2600:9000:21ec:8e00:1d:e9ba:f480:93a1
2600:9000:21ec:cc00:9:7c30:be80:21
2602:803:c002:300::99
2606:4700:10::6814:b844
2606:4700::6810:135e
2606:4700::6810:9540
2606:4700::6812:c05
2606:4700::6812:e234
2607:f8b0:4006:808::2003
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::2006
2607:f8b0:4006:817::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2001
2607:f8b0:4023:1404::9c
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:d7a4:3372:2f4a:f3b0
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42:400::300
3.139.192.142
3.212.89.65
3.214.225.122
3.215.1.222
3.215.189.212
3.221.247.3
3.236.169.120
3.33.189.65
3.33.220.150
34.102.163.6
34.102.253.54
34.107.191.194
34.107.221.36
34.117.4.53
34.120.155.137
34.120.253.250
34.149.130.207
34.204.245.180
34.225.172.55
34.228.250.212
34.233.103.61
34.237.23.137
34.98.64.218
34.98.67.3
34.98.72.95
35.186.239.31
35.186.253.211
35.190.38.143
35.190.60.146
35.201.103.212
35.201.96.126
35.207.10.239
35.207.24.140
35.211.141.197
35.211.165.199
35.211.178.172
35.227.192.160
35.227.232.15
35.244.159.8
35.71.139.29
38.27.122.101
44.196.113.69
44.196.51.251
44.235.12.17
45.35.192.162
47.252.78.131
50.19.97.153
51.195.5.38
51.210.112.63
52.0.156.250
52.1.1.63
52.200.157.223
52.201.9.166
52.203.12.126
52.203.251.126
52.3.54.123
52.45.33.138
52.46.130.91
52.54.80.180
52.60.182.80
52.72.29.190
52.86.156.15
54.144.144.142
54.146.207.8
54.174.249.39
54.204.0.108
54.205.198.81
54.210.163.148
54.226.209.67
54.70.210.121
54.82.87.39
54.89.1.168
54.89.130.42
64.202.112.63
68.67.161.212
68.67.179.77
69.166.1.10
69.90.254.78
74.119.119.139
74.119.119.150
75.101.165.252
8.28.7.109
8.28.7.81
8.28.7.83
8.43.72.97
8.43.72.98
99.84.125.40
99.84.125.64
99.84.40.238
0192b32f7dede66f038286641d89b7254738b847ce0b4151bdcbb5c4ac332606
01937c9481039111d9c0f243edc9dc1fd987dde3ecfa0e7082c3500f82477807
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
0263e1cae993e2ffc249131d904643bc99dfbaaac022fa762a34d9459af4c8f0
04739796ed54947985c6a70a57a13f5fc3535dffff70f426905cfa52058e9b26
04ab6bcb12a8a4f8289456b474b9b3d49a9cd81a4336279bb0ebc23c34d666d8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05745b4cf6f956c780806fd0c49f589b0fb56eb8203f46ea0653adf06d451a97
05759c56fd37bf9c521547bd3ece71410a9410379afa4a1d72efe91ce638ab32
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
05e19d44d798adf888ed6dd3853f541158751ebf823af1c12d676b01ae6fc40e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
083b9eba039025fa98bb9203240e445c96785a091c507d9efaa317c1d2199c69
0878ac9d72ab07cb40807864943f8d8e79fc6bf1bff174b5f280dbdf4c45935c
091ec084a0358833ca37c3555b08169ec1f856ddcb5d9257310a988b73bddcb1
09914fb1e88b57561d64915978b0a6064c3e964e3e68dd33e0d006f52c3272e7
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a15a6c44ba88f460140342742241389ecce4f4992e22b24652393316530d53d
0a8034b21a12455ed581c42cd3b2015b248ba92664ded7395b3f40bd4469871b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f2757beee4375d5cdd8cfae17e838f565ea7b7d6651a4e084a60d7a79bd3b8a
0fc34bddc73c9b7b1bfed7ade59c0228dc514339027a4ad46da7c669ba328d14
12908fba830466a63d701246d2ab82c2728d680f333e7b32dd09eb8ad7b0a413
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
155c5eaf88c7ba9eb83567560f6dc5140c38560727adaad1a4f1c44854932aa1
15eb458a8b63a49893f42a42e4b75717eae7329408ecc6f9552c2ffd1d31106e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18977e2e60e3aa80ea2c0c96490ab192c47a4eb8334705da0eb41a938965c3bf
196a72cd2990438eea408c1a0e2e735144cc9aef26e4c6c650e12c25207ac8a0
1bdee82bd1b2246a29b892c39bbdc2a34897fa62f5db0b12249f53ab38d2ad50
1c9fcb4cd145028b548ae0f64f0ca7cdcf13bee2df97bbba3c6c00c5603aecdc
1cc9f616bd372ae964eec0a11061ac73c070372be1f6442dda535b69b12cb28d
1d35b9bf6969429f0ef82cfc95ee3f13fccb1c7130436d8610dae3cf9fef0b90
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
1d9f635db32caf65f5ad91298a4dffc3195ef6d4ad1235a04593c3db9749a190
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2027db5d0eadd49f42a261c36b107d03af905139fd2b59367cd71e34895f8d96
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
207a80f66469eeeecfb0555abf54eb5f40efa921903c0f2e129cf0955fb98268
20bc275111a5ae7955099dcc60403f8e432642886dae6e6f1ad452d30cec73c8
20f374999252598f9cd80fa7212e45b5eefa92b99086307535b564701e99ddc4
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22a5d6575219d8be186eeb75cc6c0c13c4ce7204ee1a50ba3d3ca408e37ca74e
22b740da7a21ff66361a410f2cec7590948b3f5d9217618f8603f7141f6f42d4
23fcb50289d554a6e6962c35a161a01dfdcb8410a0ab96dff1e0729b2764885a
24ff83a982170f3c31a232cf5f6bfa33f09ef23ff97a12896817d377c1fc5487
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38
2644489183988cada3bc1fc4eaa123348f0d3a7800811bea4d927ea98affa503
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c71dd1c6e6c880c9b09ddcdaec5d15c47904f3e52e23c1105f7af7e5b735a6
292bcd0551ee500b1cc5c1416ce840c056f16075b5f83fb84c3cbcbd422fa5ee
29726e833f4940e76823406599378dfda2812b5c91a6653cec78e722f1e40df8
29fbc17868e9644622bb67bc81adff298e042b1b32a9a84fbeffe6d8d00ce009
2a0370da744467626db6b2310636b1ad718f709ed7a45a62c73e6b7e7c145c49
2a89e52f88d6e4b6c27bf7b6592e0f2858436a2ca39219e2fc62a92d1bc0d727
2b726738f3e7aded2bdbc9c57e27086583974f79f8da3e0ec4fea3889bb42468
2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2
2e56eb824ff3ca591260475caea689584cd402e45e5da4d90b8e7c1c1644744a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8aafd3013777f4d17aed478bfee42d328514bda26c4754137a7d48b69c7070
3056fe8925744c3c29212a1134944df956bf4744ef944759729d20c6819a16dc
319a3cc5c9b91c326cd8b31930650ec7afa7d00dfb4c8f59bf0d4ed0f5ca1526
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c7d8467ebdc79ef911338d57c01b0e8ac31741378b738884a102603f9de276
3395fc11e65740db3d9234b7c4151746121568d05abf14acb922698eff866926
34d8018a1e207d62f45ef8d5515f743a0a4439761a3fded8450e19fc389916d3
356b62a0395aa56a302efad78666b9a5895aff01a3a6f7a9f4a027835108ab8c
35a107208fcd8cefc2db5f3dfff2101269118d8cf0e404fc2605579249517d25
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37aa3970b6801c9d286464f7d86e50bf41c88e54c7b4d08f3ff61935b3f59c3c
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
37fb63c826cdf317767a90c89cde83b5c8eaf0fd24152059ae50b8fc55f60441
39a716efa199c8c1125712ec1c169579b6191bd33a8f84cf6ff65c9a56823aa4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a6fe6ecad2e989d2f6d31de39d548486c6f19f96e30ba9c07a1984c686b2355
3b1f538b40a37db8c2ebcdf9e21c876efe0d64f26a5add226f9dc2238e79c8df
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3bde0dffa88379b4dde1facb2dafeeaa885723600e9171cbd4a3ca64dae9b920
3be09b57f4ddbc74f8d4e72fea0807bf03ac934a74d71e841309558aefde7b0c
3c77a313693cc0241105c15b2c2bb6a1a7744fbe39c0321809a53155ff819519
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edaf427cc899b4afa99dcdc1c01dd8966b27f3bc1066490f62e53e2abfcca88
3f6e6f66884107b36b66f72696d85a0cfad0a58f9f621f46a352978b0fc87ba4
3fa83cb7e565862aca7c40718b96a2befae23f74dd84709ae159809b4819614d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405df4948e1f3bf99effba360c508b5f832dfddcb54963abf00509df103de4a8
41a6dcafeaf8911227dafb124e8b23ea8b786a5ce25fce1a5e33534f315f71fc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43658f52ad67036e5980b67dd3372146180e3b34749f0655c8d885098b664430
43fbbe355f40735e833eb1acd033f1cec8e3d31a8531c1ca1e7b0a1c6e5a66fb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45dcd51afe9f550dc1293e43dcd998dab72a8426445a4d8571f55f3e97722062
46000ec09e1d01b1035c574e9915ceffce6b27c116f5237f4c3455a47eae77b0
4616d3b636053cc63e0c2f09e9bf57fcffc699d097f00f38332790f4d4740a1d
4713f88e60b533702faa797c3e3a33f40621379636afa3c00f835e280099eb96
47507d0e4459c1c0c8459dd1f6ca95aa86bfad8e506b4e2f1234a23de1925cc4
477f3b8e0298b400bd6bb8b624f0e7e264bd8d3c719505ce441a8298f4372e19
4850230c5b30c91c650dfc9bba8072fef62960e6671854c5e70e04e97829ffcd
48690aaa6fff4d84b3d1de64a8ec77ed01ca244492e10fb776c794ba6c171639
486df4dc8b49fe2995950a5f0b60c6356d531486ee4b218412d71e28ac3f2d95
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
49ba0de84483504c384641f4cd8bd04988377587639b935f53681b75b1adcd85
4b5d3b280099658f3729cd13965738963c2d86fcc624912a7f9fdd8db269c52f
4d386e0af4fa7e2303195da19f826c85d7c15b1bbf41ff9e1d0c82121d6a9448
4d46b9cf533d460ad479908c269a802f8bd08c5b44dfefccff56c0e327ae4ff2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e172099f3fb15b56035f7e15b6d5ac930ce8393b999d438173dc1385f5c69a1
4e22df4207409d7ca862a0d6ccec223fef2aae82791751e1ba15b60c5267fe93
4ee5647d5c3226ab9b4eb16f26ccc14aa8243f45c45b7e250aa5154d0da88ecd
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f4c254dfcb53069d134d7bbf7ca2d57dcb94de607821d050c424932b75d2912
4f528df21233bd9d866cedd222df5ed38555e828bf42d630943ed6688e5c08e3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fce706b6186c5a2ad061c09ff0924f2e6d5a8ea28711d2cf8bf5f17f549b9e5
4ff73cad857395688f746b261fc822517535fe99ea76d723b0e0ae754540fe62
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50f185635a2b8a1d9eddc2f6086f3d5e8bb2fc9b3784b4374c4573ad1c8429ed
511cd8a1d38e0b4ad309352d6c09f88a9d3ab4e722aff6ad4ab6b5ed91ffc83b
51509702e237f631eb0b9c2023e86e19fadee71428085f137fa25ba3f9ebfbf0
51c3a1cc05ece372e5772e194f0e937fda42b662682417bf3a1cf9a68ae53246
51c525608454f2cc3380757cfcbdefda3dc03a0a28bf066496b1b4c57bc2774a
5212fad71bff9515ab18e998bf38cbfdf2403a8dc0a2ebe77d3dafdd43d8674f
5242573f326d8744097c6d1630743cf5fa555560999c6db706132525854effdb
52a1bcfe57d41720ea9ca3591ee85d582aae3f2ac61d865ae746bf3db06a3998
534ba7298a4fe4431fbd9868cb63d4333d236bf383e19414dd8311a3dcf0063f
5442f87efbd6d519174909df3299423a48540ab21842316daa021299fc65012f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56adbe07c82c9139b343257a7e0035220c0c0ace2e9ad38ebf8aea67fd88d725
572286d478b5ffd58a5a7807202682602f2b471341ba9a85ad6ec49b5a44ca7b
580b4c3474a67e0248ef88a63aeaff4c3a071323c85240ff6aa54b200d21d8b9
588c087a9f0927174091373b182e608acae9dc844426367290a3b9536a5590db
5890823e225cc14b81fd6fd92d66b2d4985093512dd7a8646c025e370295f3bb
59aa75d8f3d155c209d389e3909d3d4eb8338d17b644a1439f8446bdb41f9c63
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5ab0551586971ad8cb22e94983fda6914257297643c0526864a9acd0f6416c72
5af94e2be85cef202cb2881adf63e354c39098a1225af1c17ddc56dfebbaa08c
5b70a92c89770489de4c36712a56086122ada635e94c48670854fd6c08bb78bb
5b9e14d715735265ef2a440f07ea9bb0e0738028232e1579de99b13cbce91cc1
5bf4fc433fe159de07ff65784867caa7beb8d330d6d05750c8e79334c66d3acd
5c6ba10d2f34f01279e8d20c06f41652269635c93509efb5ae06ded06c11e4c4
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
5e866094e65c416b49e81b370293c612c80d6d62e7f887fe1ef45f62494a8942
5f3b21dd38a78c9e6d5466c3a0223517da6a3714bea974eedef8a1bde497d22f
603034e4d9730524178c703560f855a8f712a717551fdc0f58ec7be07eb3995d
603f27feb83928414d7fbf3b8649bff4089a37df5ae0fc1421f4a8192a95d03c
60ce250983d50c530dcc3942dd7a8c05dd1c40a6e68456eeba10f8685fd35c06
60de22f54cc58673248512de11eeaef5e4dcdd9d90883727ec2ba1de23e4c57b
614a8c9aa2bfa3d009761657bf689d82d24e287e6fbf6f865becf81428899bd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98
66edb824bc7ae85906a0d36ddad0a4022527ddeb318870732609a71d85b4213a
680d52d4b962b9cb99efcf5a65629bdf50b9edf6a177df10a1b61c3714a70f0a
68186ed6736de5e1bded858e95fe66bc7942b8243e5127947bfefa46cfca907a
692cd198d39de5e4a4c49a30dce32b21db460636304d471dddf7927fad68aac8
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69e8531db195f42f0b7cd771687416c235c0d3e54db19ecf7bd9cbcac6f5573f
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6aa129fe8f708a7105f4078f4aea66dc20d981216fb9f1b97a445870b476a3dc
6ad0103d8fceee20680b17bdf96ccd7074c7bd79f3c5dbe675b8cf19c03686ce
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c6ec9139b7077f3b5365e999af492a9945f9d1f0a4fa5d032e2c92792a03c7b
6cd5675b2b3e888eb7551ce1ee4a443f5bbb7de2d344b9d3d22f0db0cf01f420
6d04863918a276cbadae680d584db0cc2f5e364a41738c159b890c758ecd59bc
6e64d9e6c81d3136be63ccd57ef420e280373009d9ef87e12737ef1dbd227554
70e4fc2a8979459134e1227b13e622f4fdf763ca397c53cc23e20b5ec11f2d07
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
71fc3d606de54d75ae0fd2bad54bcd0287a2f647cf77082b8a52e8f064357fa7
7266a97365b32d93471ea7b4bb67e55de3e81baf143aff04121194f819837fb9
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
733fd666dc2991fb256df68dab6493635805bfe66a1e8fb853c726181b964dc5
741f747b3f19f9974e460e15ef7ed739c88621a040df2ecedf2e9c24b1bb144c
7493364adaa8794b3877396e419c88b3ac793d82ba596b9203fe125779fb7a4a
74b1612d1cb16d432cfd6542a7efe8f9297f1197025e044b9e0d9fa8e54befab
75032256992fb28e519f601793ffb8efdb01488545f9cbdd238b009d87b63d03
7588b18d78fe7296996b2d76ce84458f66b4658078d891835907e88b5a5477d1
771196c556ce9fe2914aa0d336cf0f11fbd579c7cdd52e8436b19e0fffdd783b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7774f37c9b2fdd06cc0be8f08ebfe8ccc394cfe71af84655e370a7911115a2cf
77db1f6f7f1f36fa9bcb99253f1d514e11f13243201d2bd37a9e2f0d4069c4fe
78ef4987b0bdae622bc66679ca352937f99a9cb06411a8b4b6599fe9f099eb2f
79eeaf911b12cf08fffe564cc1929ce4022376b5857d2bc11763278a6e3df664
7ae8649a0b56e9d46ab21a754038f2f8d7dadd18c426efe3f38dd398c1710dcf
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7f48cb0b1cac43ec06e73c4bce8d41bfc606637d52e3877749b8ff1f9923928b
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fb26c7aa8a0f21eb4cf37124706d49b568d5417e06c39bfa755b1613a1f8373
8065e67ca329afb1a2cf53016a56586663f42d9ee41b180b605310c50c9a11e5
82a76ee061ef89a78b9b2c25cce8b143fe3befc544a1a27d2a06e94113eea6aa
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
83f9f0748b969c9f4676229404c4a03648d9e7ecc976d25733046fb893c6318e
84205b2c684651045ed4e2b2ab21e007a3180ef39769b05493bc8889a07869e9
8429c3967fdb669fed0ca1b1b1931eec3044b60344942a6e7bc23a371f60bf84
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
878227787bfdfdc233209277b711325be189981949e62797f2b8413f1931c261
8786744e07b6de2109b10b047a7997c5d0aaf29444ba2fc96bc0e97a3b474c0e
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
885a0370d66dce2bbb28da1a0cd90d8a3a2489de1d5021690cd765592273e41f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a96447f6c2508fd5d0c5d3a3c7b279c012c6e8125c81847b2eae58daa09dbc9
8b0179bb6b1ad361e29d0b1ab6ffea7288d4040836aea29445548aa2c898fe6e
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
8c2318c302115bbeaf2822217568280854a9a131435102283706fa143e4751c8
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3a18ce159c76eaccf88eade3a8506067bf8683a9bc92cf4af13d86b80e8e98
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8eda494584c9f29d8d5eb0e34b7ae64ea4ed785b690de8d436adaaac43713fd9
8fadbd07a956d4100d9b4b02098ac270500331dce0df83385b6965dfff086953
9007fdfd87c232240845c1bc50533856b88d30ef94cf9e67f2e07dcde9b5d37c
904c0259b4288465428ba044c7bea47f726db94beada0c833f3d25859a379354
90636c8778429e3e23805401eb296f7c950cfa0fc0da1597534023e24ebe1f1d
91cd9c71121e89724d63fb9339eb01a4c7fe806457d7eaaa31643cbebf16892b
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
951187dfd48bc4b69e7184db9465f6f2579025c0ac22fdee670c0640c716feab
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
9608a2b1edb731650d7cde16f6636dc48246b0c0ed5852f2f98fa167d4bfcca0
9665c2a4b280bee46d900e9b12730d3d85ff82adc06b8b3e80c93edd1a991b2c
96792d25d9a63bc92d6bedbcf3a9db4c9ff956fc49d7f737134f8a19f6544d9d
9696e5149c76e12ac5b9a2e67abec83b206463ae2bf1dc3bb93503e5ba17c68e
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
988f49713b4e6d097ee78b2287463d47e764bee1f21c34694ec34106dfa1a3f6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b035024d78ce5199c1ea0dbe7c7a2a33e096d4235145be6373b4d3319765c7e
9bbc4cd0f37b3b941b6f36ace2651b2cad44aa68be191507241e7aeaf011d2a2
9c2ec7d5ff9fb725d7b33f32264297b6720da89f8ea715770bb9d32371c06272
9c67c6ca53fca0eef341d51edaec7d3e4111b3260bc0dfab22407901a9246ec3
9cbcb93e44d802bc9ee970f60c3c1ac8af22fea7e6cfb57356d7b9b2727663a2
9cff98dc251e9b39b595276929c85b751c7fab28a8b077374632c1901fc7a9a2
9d346288a7a4521aff0802cfd44fdd0d4429ea44c96e6d149d0fa4544b1a3a06
9d44e09ffe9cd7c33f2ccaade8f874bffde15319f6e6530a62a76e32c95c0f23
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9e92525b4b30c9f2f45893dcf36cffbf77f655699ddaaf48017c6f937d4b6acd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a148a5ed05b066010db63ac8960223775c52e0edea2967e5ae0168d3072214c7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a258e14757773eba10e7940ffd91a3fb062e8e47fbd08ff1201fea1b37e97220
a2ab2186824a0c23aa7994a32f1a97f4da24a2b8ac23b91c5a58bfa18577bd6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52353c2f4c441c1f50d634fcf160da6abaa62f36ad3a90e6e457b367479a0dc
a6d9fa8ea6ae772a57fd764ef36294cfe3ebfb8b5667f50e0af86c0959131355
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f1837ccdd94ab85bcd4cbdb16d55a12ccb269fb2756cf82dec91316ce6fbe3
a83049a3fded5c0dc1a4f1da300745dde9f8c0dc56398a02124d31dacd5c4dbc
a993e2062bd2a30415a8def633462599360a2b346c39c202682649ea43a953ab
aa8acae55af2687e4def8fd9c2ab60ddb636c6895b70304fb0d295fcedf453ed
abaa14bc9ba8365110c46ae56ee4ca498f7c34f2cf361ea50bd3005936db1f60
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af02cb1ff9424892ff97abc531a0f6ad7b9a8fb5557289b06514e90827f91303
b012a1266a30659c75a4b302358a189ae59b83782146ca879a37a5fb846e9ee1
b09381440d0772c2389d038fd14d5eed2557ab4f8b49c59ba8a92a8aabd968f4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b269a736baabe6bfc0c4f211172df1c6fc6319d92c59ad1ef9a19bfcd77afe2b
b3df4337e1e17c20ba59a5551604f3d49df19ee829f46eed154f966055bb9af3
b44a0f699e1076ed5217e1f5c824fe842e7f5bc9ac0e94fbde2a7c3a4d421027
b6988ad54a1633d04cd176f32f897e6dc5395d629cb7c28181dbd5aa8506a888
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
b6d047a865505d2d83a4337a07187288f67193f087a87613f3e7d0890050f5bb
b6e899a3d465133c5d1f2aa8bfcbf5dc1d27e78338e1090d45697325c81c6821
b7fb9aeafd2d878c9105c3dbda844cbc6b86855b92dfe660b0117f692284bc7c
b85641108961858527d6ae42cc27acdd6f6bf724fd40b49f4d1652e9a9ac616d
b8f8f90930f67c0db40f428dc26b0e92e018f9410276e001b9da0b30f5cc7619
b93deb2f2f99a6dcd6ba15e31633e827712bebda802d21de182dcd417c5173c1
b97a0672693cc6dc8dcbc8db83fd8fd44f94ca32cbe8c747ffadc9fbb6d5b029
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8ebeb7743e7e3ab931404a3967882beddbbe1d71c8b62c203ab0d7c2335fd5
bb9e9435d0cc948f3a1fc9728eb49542f481e0b1686f68d3ac6670dbf500f2b9
bd2fe5da812b2a99f6b739f2a64bbedde3d5482e92678f8fd5f30efc6da49cdb
bdd33a0b1fac0beb2036cb287de9d5513055190a3815e2c2849cfc58b02c4fbe
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2327e157e0a35b98e49e5e3cc190d494f1308f74b4d013500f132f37339df17
c27b1292e8242baa87e1b5a5a6d4aeeb76618fadc97c715b5d0249e803cf8768
c325ca5a70e154cc55e283b62ef8da857ede9e922b4ac0281e71c2163cb156a3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c406bc405c2b65a95534f6531332c59e11c719cadc4ec00b735b291a7d6f52b0
c4136d0d7197a842bce2936755c964243a25e0420f15071c8ee9493822aaf8c0
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc
c74c2a26f0acfd2038a261a507656a6f85d7db5143653431c0fb214377f7aaa2
c74d1211080076361959841f46d2ff7417043a72575ecfb28c549f35678f02eb
c7e9e7aaa25cad2e2ae46e5b175a0aac69f9dd691c6e1ae5ee033bcf3199516d
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16
c83fe8bec1c3ee0999674d43b303d3557095aaa5fb6cd5ceef620f3ada7361a9
c89d3edd5838560bf4e4aa0b6b50afaa0c8b3f6f4d34c23e23a907c78d490d66
c946c94e8fb7f04cfdeaec4a5ec381fd91e8b329c051dfc0c0734ffba4da8439
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc129b705a4e5f1bec06e65e4faf57219d5b34628771d6c3880a8fe19c303f87
cc290aa434ec98b189698bbfe6f5cdeeaaeaa5beff84143c3b2dac44fbc62f6f
cc4eca99f3be380b1c6b5e543846081ee3c25bb2d666c138c9ca3ad84efba582
ce69a290657a84acc2fc481c50a39807521d77430e0c284e4eb83ba2726dfe39
ce9c6aa4e4eaacd6692a77ca792c8869240b0059248a69cdf947346444ec0cbc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00ded7dae774cd8c135cc51657503e66ff219761ebadec07a3b451bbf727591
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55
d11f7db0b489ac1a01abf2883f4fe739ffb5528e2f8d459e1b25a0c4d7ac98ee
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d156f5c7dc7c61898c1b90e344dc9ed65cda0cb340669bb5e375a432f3a784b7
d1ab7c15e7bc09bd9a36851cc67246cad70381d95ed839cd5fd629db42de8be2
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d359aecf56b0cdaeeab7cee03d687618fff2b0b84412b442c48a7015ba6a8b7a
d59f78249615f8cc8b7f29deed1574a3196ecd89f6bf378b79a59871d3a05ec0
d6f6e232e872798c49c7c26b5d71cd5743adcdd05ef86d776262e8a2cc853064
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7603c393d5636bec476bd298d12e034dfd533a402cb03e8ae896f345b70c6fc
d840bed0ba3cc1cceaa9a611021f9ba6b0c3e6d8a716061f369225a107fbbd33
d8cee304988f27fb9f0cea0d942f1fd0a7bb2a7cc854fe28de5862f5c127bfbd
d8fbae96bb2e29753ef294d8edadf872e89364f2a841b3fe2e708c355d1c6801
dad581249db6959518aa23220584a4148dd0b5a87bee48eaa9f4469950458456
db24d9fda9ac59e3c2d919d0d5e78fa9adc765566bfdee74aa1fa0d5b8ac8832
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
db9e0c4651c1e479da83b85c6cc2745131ed2fb0f865ebdea39259bf12c49fc2
dcac9c1c8438932dba6ff4e8f1222bddfab8ee4b7296de1ce237a60451fe0f05
dd099208b93569f53d0436fdac3b7536b17dfcff8a69af65e5b776bc8a570206
de0b4e640fb9c9982a8743c69e8b035f4b96f7993eebe745657bd8ab10249ecd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
decd969e47a0378a9b6fff5fb8dc2ce8f60a09bbde0a35c4fc3632fc598878f3
def2f3738c66669e117c3541b4d59e871e186dd759ead0b212435944bb3c26c9
df7146a147e356dcd91fda7cc92d50ebcf2b6e080667d3f426e06b7236fd1dd0
df77da0d8b536795fa5ee4524e6cbd92e1df56a814a4f4e4b2a8d8a45c9a396c
e103728733a60be279827e2e2fa2118f0370f48e09e9ee61e7c5d8f45b828058
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e22d5e7782be3137b8d7beccf72fdf074fbc86ddac23a30c632c7b791d3390c7
e2508ec3c93e05cb54a1b7d723ab514da5aa327f05887d234adf377b9349ee36
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e367417f5dbe0078f7412f5ae03652c31ed387fc2922e75f63b55e5747e1fc3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41ca8071170f4b05270ad898caf7281fc709fb1f4c8282b280fa1f240487ea7
e5d942221e5e5d42b6bf14ba6ce865881770cd344f51d53d6ff4329d285bb4c5
e74b4a43cf679980ff1ddf614a8f75621937e4bb44e030bd9adda76278b8a9d8
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
eca3631f140d44043b030fa87263be6f3186d2035578d9bef7feb55895979a0e
ed0d56caa6e03c41666af2836bd362028d472f2de3946e6573465d11f4c56072
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a
ee7d8c947b23e0c4589efbe5f0ec8bd02c4b3166631c41f75cdaefe1d3705530
eef441bd0291d50370d4d29ad3725d32feb3caa34fd29f0f49dca776553c6af7
ef0432d59c83edcd6003aa3dc020cec5a81878fa5379ecf775c1c07566a1f636
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f047789dcd78e7b23eeb93b63e7dd7b968f91d4536a32657dac7b7a00ff810b2
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f51ee42a58f6e464463793434db9ec9d50d409d5b7c8cfcbb7959a6b3fc34097
f5b7c42e442751a5e0ab3656d433067c30bf7d6577da809c8bda38f24bb813a6
f5dbd2985ef2d22745931d04bb5d212624b46d3f79458331e8625a7c2e61b287
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
f67f66cc748f595fa1a16ffa26cd6813fbcbc65cf901a421ff7b242a6febacb2
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f72f5b1326930b667eab20288f76b0ddfb0646ba79a8b33274fcf2fb619e552f
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7a3fd7aeec7713ccb0b87a5d1daecf5f2046f4d9773fc0ddfae01ec4fe7d67a
f7addc574e929f1437af8f0a2f1f84b56be2fd7170044e4e91f5e6b65f9cbe4f
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f882794de0be4e98685ad6394703e7f828b72adba0da7c839c0d6d684fecf7b4
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6
fa0d4781631334587a7d69cd58e2c687415ea8c6862ba9e0a071e4cedc63e286
fa46ac01d783ae2ce5b6ddda82b7686955a53d0cdc88d24c5ae7f7ceaf7fe072
fa88731d3dfcba3466dd05250f89afb97ea729d2787d08929e41d23b23184ff0
fbbdd33732199f781d74f68055b95d7229ae98fcb4a07191baf4128824ab89f2
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f
fd3f93f729909fd4b39390fbd69f6505503d7f9a0fab820907bd88c22f0853ca
fe4b17e7a80ce38d3197dc2bf578bb2100aba88cff88f281fdf3c4fe173234f5
feb0b87806971fc6a6816c673865ba4c6167552ced2fde7463a5388be93a74e2
feca1468c9947fb8e9c90399078d45e0134e84625ed26b761207810baa9fbf3e