chicago.suntimes.com Open in urlscan Pro
13.32.121.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.e2ma.net/click/24aoqf/ip90s7/20z8zk
Effective URL:
https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Submission: On January 30 via api (January 30th 2024, 8:57:48 pm UTC) from US — Scanned from DE

Summary HTTP 206 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 75 IPs in 8 countries across 57 domains to perform 206 HTTP transactions. The main IP is 13.32.121.86, located in United States and belongs to AMAZON-02, US. The main domain is chicago.suntimes.com. The Cisco Umbrella rank of the primary domain is 104421.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 28th 2023. Valid for: a year.

This is the only time chicago.suntimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.216.121.120 44.216.121.120	14618 (AMAZON-AES) (AMAZON-AES)
2	13.32.121.86 13.32.121.86	16509 (AMAZON-02) (AMAZON-02)
8	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	18.244.28.129 18.244.28.129	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.39 13.32.27.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:e2:... 2606:4700:e2::ac40:8f06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2606:4700::68... 2606:4700::6812:dff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	18.239.70.203 18.239.70.203	16509 (AMAZON-02) (AMAZON-02)
3	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.200.60 52.222.200.60	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:266... 2600:9000:266e:dc00:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6811:c276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:480... 2a02:26f0:480:387::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1	18.238.243.129 18.238.243.129	16509 (AMAZON-02) (AMAZON-02)
1	52.222.209.4 52.222.209.4	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.207.36.169 52.207.36.169	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.169.108 52.222.169.108	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
6	23.53.42.114 23.53.42.114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	207.244.71.144 207.244.71.144	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	107.22.55.106 107.22.55.106	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.102.196 52.217.102.196	16509 (AMAZON-02) (AMAZON-02)
6	3.226.186.188 3.226.186.188	14618 (AMAZON-AES) (AMAZON-AES)
9	2606:4700::68... 2606:4700::6812:a07e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	167.235.124.59 167.235.124.59	24940 (HETZNER-AS) (HETZNER-AS)
1	23.43.60.191 23.43.60.191	16625 (AKAMAI-AS) (AKAMAI-AS)
21	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.122.108 18.66.122.108	16509 (AMAZON-02) (AMAZON-02)
1	52.48.163.18 52.48.163.18	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	89.149.192.76 89.149.192.76	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 9	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	3.222.95.234 3.222.95.234	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	23.19.226.132 23.19.226.132	396362 (LEASEWEB-...) (LEASEWEB-USA-NYC)
1	34.235.26.56 34.235.26.56	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.122.39.115 104.122.39.115	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.210.29.170 52.210.29.170	16509 (AMAZON-02) (AMAZON-02)
1 1	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
2 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.225.71.4 3.225.71.4	14618 (AMAZON-AES) (AMAZON-AES)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	63.32.187.129 63.32.187.129	16509 (AMAZON-02) (AMAZON-02)
1	3.77.188.218 3.77.188.218	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.216.230.55 54.216.230.55	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
206	75

1 44.216.121.120 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-121-120.compute-1.amazonaws.com

t.e2ma.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-86.fra60.r.cloudfront.net

chicago.suntimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.244.28.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-28-129.cdg52.r.cloudfront.net

cst.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-39.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8f06 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:dff8 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.70.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-70-203.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

player.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcd-playlist.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api.aamapiv2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.200.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-200-60.cdg50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:dc00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:387::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-129.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.207.36.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-36-169.compute-1.amazonaws.com

collector-1.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-108.cdg52.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.53.42.114 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-114.deploy.static.akamaitechnologies.com

mcd.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.244.71.144 (New Castle, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

p.channelexco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-05.channelexco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.55.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-55-106.compute-1.amazonaws.com

gpv.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.102.196 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.226.186.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-186-188.compute-1.amazonaws.com

sync.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:a07e (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.124.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0037.cxense.com

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.60.191 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-60-191.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-108.fra60.r.cloudfront.net

graphics.suntimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.163.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-163-18.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.76 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.222.95.234 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-95-234.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.19.226.132 (New York, United States)

ASN396362 (LEASEWEB-USA-NYC, US)

e.channelexco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.26.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-26-56.compute-1.amazonaws.com

collector.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.122.39.115 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-39-115.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.29.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-29-170.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::25 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.71.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-71-4.compute-1.amazonaws.com

vop.sundaysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.187.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-187-129.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.77.188.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-188-218.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.230.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-230-55.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	191 KB
20	ex.co player.ex.co — Cisco Umbrella Rank: 9660 collector-1.ex.co mcd-playlist.ex.co — Cisco Umbrella Rank: 15871 mcd.ex.co — Cisco Umbrella Rank: 15760 cdn.ex.co — Cisco Umbrella Rank: 10387 gpv.ex.co — Cisco Umbrella Rank: 10820 sync.ex.co — Cisco Umbrella Rank: 3443 collector.ex.co — Cisco Umbrella Rank: 9822 rtb.ex.co Failed	481 KB
16	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 8537 cdn.tinypass.com — Cisco Umbrella Rank: 6134 id.tinypass.com — Cisco Umbrella Rank: 15009 buy.tinypass.com — Cisco Umbrella Rank: 6622	416 KB
13	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	63 KB
10	typekit.net use.typekit.net — Cisco Umbrella Rank: 463 p.typekit.net — Cisco Umbrella Rank: 566	271 KB
9	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622 htlb.casalemedia.com — Cisco Umbrella Rank: 478	6 KB
8	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1933 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4251 mv.outbrain.com — Cisco Umbrella Rank: 2586 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6708	108 KB
8	brightspotcdn.com cst.brightspotcdn.com — Cisco Umbrella Rank: 104383	218 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 5068 p1cluster.cxense.com — Cisco Umbrella Rank: 9714 comcluster.cxense.com — Cisco Umbrella Rank: 4535 id.cxense.com — Cisco Umbrella Rank: 10570	82 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395 s.amazon-adsystem.com — Cisco Umbrella Rank: 326	78 KB
6	piano.io api-esp.piano.io — Cisco Umbrella Rank: 12543 c2.piano.io — Cisco Umbrella Rank: 5593	20 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	123 KB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	169 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967 eus.rubiconproject.com — Cisco Umbrella Rank: 579 token.rubiconproject.com — Cisco Umbrella Rank: 477 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 777	13 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	160 KB
4	channelexco.com p.channelexco.com — Cisco Umbrella Rank: 10967 s-05.channelexco.com — Cisco Umbrella Rank: 88431 e.channelexco.com — Cisco Umbrella Rank: 10001	20 KB
4	gstatic.com fonts.gstatic.com	204 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373 targeting.unrulymedia.com — Cisco Umbrella Rank: 863	693 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 547	2 KB
3	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 683 rtb.openx.net — Cisco Umbrella Rank: 625	914 B
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	26 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	625 B
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 9980 flint.defybrick.com — Cisco Umbrella Rank: 9041	20 KB
3	aamapiv2.com api.aamapiv2.com — Cisco Umbrella Rank: 64219	7 KB
3	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 10980 log.outbrainimg.com — Cisco Umbrella Rank: 2921	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	220 KB
3	suntimes.com chicago.suntimes.com — Cisco Umbrella Rank: 104421 graphics.suntimes.com — Cisco Umbrella Rank: 339297	76 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 843	859 B
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 550	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	573 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 535 image6.pubmatic.com — Cisco Umbrella Rank: 805	6 KB
2	gumgum.com js.gumgum.com — Cisco Umbrella Rank: 5086 g2.gumgum.com — Cisco Umbrella Rank: 1535	41 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3040 p1.parsely.com — Cisco Umbrella Rank: 2229	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 Failed	6 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 7889	125 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	280 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 698	105 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1229	844 B
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 978	149 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2323	319 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1011	256 B
1	sundaysky.com vop.sundaysky.com — Cisco Umbrella Rank: 2650	365 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 562	523 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	507 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579	514 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 1515	425 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	smartadserver.com ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724	45 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 671	175 B
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9228	448 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 7784	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	29 KB
1	e2ma.net 1 redirects t.e2ma.net — Cisco Umbrella Rank: 23386	498 B
0	insiderdata360online.com Failed insiderdata360online.com Failed
206	57

	Domain	Requested by
21	cdnjs.cloudflare.com	buy.tinypass.com
13	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com cdnjs.cloudflare.com
12	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com chicago.suntimes.com
8	cst.brightspotcdn.com	chicago.suntimes.com
8	use.typekit.net	chicago.suntimes.com use.typekit.net buy.tinypass.com graphics.suntimes.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	sync.ex.co	cdn.ex.co ssum-sec.casalemedia.com chicago.suntimes.com
5	api-esp.piano.io	cdn.tinypass.com code.jquery.com
5	connect.facebook.net	chicago.suntimes.com connect.facebook.net
4	cdn.ex.co	player.ex.co cdn.ex.co
4	fonts.gstatic.com	fonts.googleapis.com chicago.suntimes.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
3	sync.1rx.io	3 redirects
3	collector-1.ex.co	player.ex.co
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	www.google.de	chicago.suntimes.com
3	www.google.com	chicago.suntimes.com
3	api.aamapiv2.com	www.googletagmanager.com chicago.suntimes.com api.aamapiv2.com
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	www.googletagmanager.com	chicago.suntimes.com www.googletagmanager.com
3	widgets.outbrain.com	chicago.suntimes.com
2	id5-sync.com	cdn.ex.co
2	targeting.unrulymedia.com	cdn.ex.co
2	secure.adnxs.com	2 redirects
2	u.openx.net	2 redirects
2	eus.rubiconproject.com	cdn.ex.co eus.rubiconproject.com
2	e.channelexco.com	cdn.ex.co
2	ad.turn.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	i.liadm.com	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com cdn.ex.co
2	ssum-sec.casalemedia.com	1 redirects cdn.ex.co
2	mcdp-nydc1.outbrain.com	widgets.outbrain.com
2	mcd.ex.co	chicago.suntimes.com
2	mv.outbrain.com	widgets.outbrain.com
2	log.outbrainimg.com	widgets.outbrain.com
2	www.facebook.com	chicago.suntimes.com
2	flint.defybrick.com	rock.defybrick.com chicago.suntimes.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	p.typekit.net	use.typekit.net graphics.suntimes.com
2	player.ex.co	cst.brightspotcdn.com player.ex.co
2	securepubads.g.doubleclick.net	htlbid.com www.googletagservices.com
2	fonts.googleapis.com	chicago.suntimes.com client
2	htlbid.com	chicago.suntimes.com
2	chicago.suntimes.com	cst.brightspotcdn.com
1	lb.eu-1-id5-sync.com	cdn.ex.co
1	ad.360yield.com	cdn.ex.co
1	prebid.media.net	cdn.ex.co
1	ib.adnxs.com	cdn.ex.co
1	rtb.openx.net	cdn.ex.co
1	prebid-server.rubiconproject.com	cdn.ex.co
1	htlb.casalemedia.com	cdn.ex.co
1	btlr.sharethrough.com	cdn.ex.co
1	id.crwdcntrl.net	cdn.ex.co
1	api.rlcdn.com	cdn.ex.co
1	vop.sundaysky.com
1	ads.stickyadstv.com	1 redirects
1	g2.gumgum.com	js.gumgum.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync.targeting.unrulymedia.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	collector.ex.co	player.ex.co
1	cms.quantserve.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	s.company-target.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	dis.criteo.com	ssum-sec.casalemedia.com
1	ssbsync-global.smartadserver.com	cdn.ex.co
1	s-05.channelexco.com	chicago.suntimes.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ap.lijit.com	chicago.suntimes.com
1	graphics.suntimes.com	buy.tinypass.com
1	ads.pubmatic.com	cdn.ex.co
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	c2.piano.io	cdn.tinypass.com
1	ams-pageview-public.s3.amazonaws.com	chicago.suntimes.com
1	gpv.ex.co	cdn.ex.co
1	p.channelexco.com	cdn.ex.co
1	code.jquery.com	api-esp.piano.io
1	mcd-playlist.ex.co	player.ex.co
1	cdn.id5-sync.com	chicago.suntimes.com
1	js.gumgum.com	chicago.suntimes.com
1	id.tinypass.com	cdn.tinypass.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	p1.parsely.com	chicago.suntimes.com
1	region1.google-analytics.com	www.googletagmanager.com
1	rock.defybrick.com	widgets.outbrain.com
1	cdn.tinypass.com	experience.tinypass.com
1	cdn.parsely.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	widget-pixels.outbrain.com	chicago.suntimes.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	experience.tinypass.com	chicago.suntimes.com
1	www.npttech.com	chicago.suntimes.com
1	www.googletagservices.com	chicago.suntimes.com
1	t.e2ma.net	1 redirects
0	rtb.ex.co Failed	cdn.ex.co
0	insiderdata360online.com Failed	chicago.suntimes.com
206	101

This site contains links to these domains. Also see Links.

Domain
elections.suntimes.com
graphics.suntimes.com
legacy.suntimes.com
ads.suntimes.com
marketplace.suntimes.com
jobs.suntimes.com
hiring.suntimes.com
www.publicnoticeillinois.com
marketing.suntimes.com
paper.suntimes.com
suntimesdeal.com
stmiservices.newscyclecloud.com
newsletter-hub.suntimes.com
secure.iwantmytvmagazine.com
chicago-suntimes.careasy.org
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com
getpocket.com
www.reddit.com
share.flipboard.com
www.outbrain.com

Subject Issuer	Validity	Valid
*.suntimes.com Amazon RSA 2048 M01	`2023-07-28` - `2024-08-25`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
origin.cst-web.production.chorus.brightspot.cloud Amazon RSA 2048 M02	`2023-03-01` - `2024-03-30`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
npttech.com GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-09` - `2024-02-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.ex.co Go Daddy Secure Certificate Authority - G2	`2023-06-08` - `2024-07-09`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-03`	a year	crt.sh
aamapiv2.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2024-01-02` - `2024-04-01`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gumgum.com Amazon RSA 2048 M02	`2023-08-13` - `2024-09-09`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdn.ex.co R3	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.channelexco.com R3	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.sundaysky.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-11` - `2024-07-11`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Frame ID: 1896E5B123F3E3A5A18EC238399C302D
Requests: 125 HTTP requests in this frame

Frame: https://cdn.ex.co/sync/0.0.1-7abf705/cookie_sync.html?network=368531133%2C2027467594&gdpr=0&gdpr_consent=
Frame ID: 98BA5B845A78E542E39EFEE1624E3A41
Requests: 8 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTCVVMBM6RUW&templateVariantId=OTVBQFL5FK4JU&offerId=fakeOfferId&experienceId=EXKQDKQWFNAM&iframeId=offer_5a5eced7d2e19ed74be6-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com&customVariables=%7B%7D
Frame ID: 3DF364727A411F81CC4C6048D88616DB
Requests: 16 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82
Frame ID: E7EB1C270E3C84687DDD8B7BD6F71651
Requests: 22 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 1EC43AA6D19CFE6BEADE1D41809D7412
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fpubmatic%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Frame ID: 7C03AB0C3DB2AC893957FA8DF9A485E8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ex.co/player/pb/2.6.0/expb.js
Frame ID: 3E58BB3BA78D21A3315F56456CBE36BD
Requests: 16 HTTP requests in this frame

Frame: https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%2Fsmartadserver%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Frame ID: 9CDAD4047B4B1C3C9EC88462783280E3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Frame ID: A0DB4CF26F93C022A02999D0A75D6C43
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Frame ID: 110105C2DB2B7354820759445B92698D
Requests: 3 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=986fa6c3be8892d2e51a67587109dc3
Frame ID: 4DF0E17980BCC132E983F6EC27873E7A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

White Sox in ‘serious’ talks to build new South Loop stadium at The 78 site - Chicago Sun-TimesclockCST_

Page URL History Show full URLs

https://t.e2ma.net/click/24aoqf/ip90s7/20z8zk HTTP 302
https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-relate... Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

206
Requests

94 %
HTTPS

35 %
IPv6

57
Domains

101
Subdomains

75
IPs

8
Countries

3240 kB
Transfer

10131 kB
Size

62
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://elections.suntimes.com/
Title: Chicago Elections Voter Guide

Search URL Search Domain Scan URL

URL: https://graphics.suntimes.com/chicago-city-council/
Title: City Council Directory

Search URL Search Domain Scan URL

URL: https://legacy.suntimes.com/us/obituaries/chicagosuntimes/browse
Title: View Death Notices

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/obits/index.html
Title: Place a Death Notice

Search URL Search Domain Scan URL

URL: https://legacy.suntimes.com/obituaries/chicagosuntimes/
Title: View Death Notices

Search URL Search Domain Scan URL

URL: https://marketplace.suntimes.com/cst-marketplace/
Title: View Classified Ads

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/cstclassified/flow.html?_flowId=adportal-classified-flow&action=jump
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://jobs.suntimes.com/
Title: Find a Job

Search URL Search Domain Scan URL

URL: https://hiring.suntimes.com/purchase/post-now/
Title: Post a Job Opening

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/cstclassified/flow.html?action=jump&_flowId=adportal-classified-flow&categoryName=Main+News&classificationName=Main+News
Title: Place Small Business Ad

Search URL Search Domain Scan URL

URL: https://www.publicnoticeillinois.com/
Title: View Legal Notices

Search URL Search Domain Scan URL

URL: https://marketing.suntimes.com/post-a-legal-notice
Title: Place a Legal Notice

Search URL Search Domain Scan URL

URL: https://paper.suntimes.com/
Title: E-Paper

Search URL Search Domain Scan URL

URL: https://suntimesdeal.com/Offers.aspx?Zip=60607&PriceType=1
Title: Get Home Delivery

Search URL Search Domain Scan URL

URL: https://stmiservices.newscyclecloud.com/cgi-bin/cmo_stm-c-cmdb-01.sh/custservice/web/login.html?siteid=CST
Title: Manage home delivery account

Search URL Search Domain Scan URL

URL: https://newsletter-hub.suntimes.com/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://secure.iwantmytvmagazine.com/order/zipcode/1
Title: Manage TV Weekly account

Search URL Search Domain Scan URL

URL: https://chicago-suntimes.careasy.org/home
Title: Donate Your Car

Search URL Search Domain Scan URL

URL: https://twitter.com/Suntimes
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thechicagosuntimes
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvU3ALK4osa_RV4znIToB2Q
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/chicagosuntimes/
Title: instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&text=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20stadium%20in%20South%20Loop%E2%80%99s%20%E2%80%98The%2078%E2%80%99
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=425672421661236&display=popup&href=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Title: Facebook

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Title: Pocket

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&title=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20stadium%20in%20South%20Loop%E2%80%99s%20%E2%80%98The%2078%E2%80%99
Title: Reddit

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20stadium%20in%20South%20Loop%E2%80%99s%20%E2%80%98The%2078%E2%80%99&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Title: Flipboard

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://marketing.suntimes.com/media-kit
Title: Media Kit

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.e2ma.net/click/24aoqf/ip90s7/20z8zk HTTP 302
https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1

Request Chain 162

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Zblix5UrVlisw5XUQZX1DQAA%263168&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Zblix5UrVlisw5XUQZX1DQAA%263168&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6575df5a796849bf8c5901430edfedd0 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 163

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zblix5UrVlisw5XUQZX1DQAADGAAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zblix5UrVlisw5XUQZX1DQAADGAAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 164

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Zblix5UrVlisw5XUQZX1DQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOG4f_DkkxdzuEPCXLowUkM&google_cver=1

Request Chain 165

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722373063&external_user_id=54184038-1b58-4833-8721-8b6c559f336a

Request Chain 166

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=Zblix5UrVlisw5XUQZX1DQAA%263168 HTTP 302
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=db9aec36-2d0e-4091-855f-f9324ae08d5a

Request Chain 167

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=pzuYRqc8mUi8bc1H9DvXHaRqnki8O8kcqD44pTnX

Request Chain 168

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2870017063413044696

Request Chain 172

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136_2&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east

Request Chain 174

https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fopenx%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fopenx%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://sync.ex.co/v1/setuid/openx/?gdpr=0&gdpr_consent=&uid=9e77d90a-afed-4f5b-a87b-6c5ff4b20201

Request Chain 175

https://sync.1rx.io/usersync2/rmpssp?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Funruly%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Funruly%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1706648264992 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3170179502 HTTP 302
https://sync.1rx.io/usersync/turn/2870017063413044696?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Funruly%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3DRX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003 HTTP 302
https://sync.ex.co/v1/setuid/unruly/?gdpr=0&gdpr_consent=&uid=RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003

Request Chain 179

https://ads.stickyadstv.com/user-matching?id=3684&gdpr=0&gdpr_consent= HTTP 302
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=986fa6c3be8892d2e51a67587109dc3

Request Chain 180

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fappnexus%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.ex.co%252Fv1%252Fsetuid%252Fappnexus%252F%253Fgdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://sync.ex.co/v1/setuid/appnexus/?gdpr=0&gdpr_consent=&uid=4489389140557941881

206 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf Show response
chicago.suntimes.com/white-sox/2024/1/17/24042048/
Redirect Chain

https://t.e2ma.net/click/24aoqf/ip90s7/20z8zk
https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

204 KB
39 KB

586ms
473ms

Document
text/html

13.32.121.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-86.fra60.r.cloudfront.net

Software

istio-envoy / Brightspot

Resource Hash

6ac8c58889f19992f6fdcaa6d365739c906cba09a763d79fd00736226df81b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 39848
content-type: text/html;charset=UTF-8
date: Tue, 30 Jan 2024 20:57:41 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-id: J7fWWXTi_Hr3dNxrusAyeB5mdne5Q7pbzWwONSO9ArIxH9gASF-QBQ==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-envoy-decorator-operation: brightspot-frontend-verify.cst-web.svc.cluster.local:80/*
x-envoy-upstream-service-time: 355
x-powered-by: Brightspot

Redirect headers

content-type: text/plain
date: Tue, 30 Jan 2024 20:57:40 GMT
location: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
server: Apache
x-robots-tag: noindex, nofollow

GET
H2 200 qzq4qkv.css
use.typekit.net/ 5 KB
1 KB 192ms
144ms Stylesheet
text/css 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qzq4qkv.css

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

437f4bddeb87450be7fb5c6929d840216361a3b7ca98d1df263ad18fa3e72e07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 30 Jan 2024 20:57:41 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 889

GET
H2 200 All.min.b9a4c7c8b4050d037678283863df3ba2.gz.css
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 326 KB
39 KB 77ms
19ms Stylesheet
text/css 18.244.28.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.b9a4c7c8b4050d037678283863df3ba2.gz.css?v=1212
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-129.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc03bcfed436e9ac36f792dc6dc3912d557e698cacfebdd8e73e9136a88a17ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:06:22 GMT
content-encoding: gzip
via: 1.1 b4c8533b83ba8966d6389995da777118.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jan 2024 17:06:10 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 100280
etag: "f782b3997c78be67a81c99239fe3eca2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 39224
x-amz-cf-id: n8Fk65KsbPNlBYuh9pq_qAIyx9EG-nhzqI-RxkosqBfZKQW_1HMYNA==

GET
H2 200 webcomponents-loader.ce44f83d1399e8dd41e607b70e0642c9.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/ 3 KB
1 KB 75ms
17ms Script
text/javascript 18.244.28.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/webcomponents-loader.ce44f83d1399e8dd41e607b70e0642c9.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-129.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a89881560c77b1a6e5260763c747e15708565f025ab634ea3909f23c2b83c82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 13:37:33 GMT
content-encoding: gzip
via: 1.1 b4c8533b83ba8966d6389995da777118.cloudfront.net (CloudFront)
last-modified: Wed, 03 Jan 2024 13:37:20 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 2359208
etag: "6c1e29d53fecb68e43095741097f62cb"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1088
x-amz-cf-id: rpVqtExbY6UlwxX1zgA_f_klaeYUg4rDh2wqjlvEHUsrHHyREHansQ==

GET
H2 200 All.min.f28440e3f676e789f6df59be0445abf1.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 305 KB
100 KB 22ms
19ms Script
text/javascript 18.244.28.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.f28440e3f676e789f6df59be0445abf1.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-129.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b896024be40aa138f6f4c4ea5e829cb1560d76b657391bf0c969160b8544839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 13:37:34 GMT
content-encoding: gzip
via: 1.1 b4c8533b83ba8966d6389995da777118.cloudfront.net (CloudFront)
last-modified: Wed, 03 Jan 2024 13:37:19 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 2359208
etag: "54a386b75a696cf6e7e0d6cf554d36a9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 101872
x-amz-cf-id: pS8BPcMRNms6YRexqO3Q9Qej7zonMAscrKkaexQ6Uby5i3cyVvcGBA==

GET
H2 200 htlbid.css
htlbid.com/v3/chicago.suntimes.com/ 6 KB
1013 B 56ms
9ms Stylesheet
text/css 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.css
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbc0f850edd3b87092bf3fe03e5b203000eb7175001e2ce3d98823556c7bbba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:49:41 GMT
content-encoding: br
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 17:10:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 481
x-amz-server-side-encryption: AES256
etag: W/"6a1f9751e4b06b39d0e0d66a7b6a8e7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: 7zknVFEC-jGpmMRykqOsG2Tz9Ot4ZtsVM5dxajaOJL5x2OsSGocmIg==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/chicago.suntimes.com/ 543 KB
124 KB 12ms
10ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 503a9b0ef52a4f63142a6707e26cbd6655b1b9d93b2b9e52c07759b316559486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:49:41 GMT
content-encoding: br
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 17:10:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 481
x-amz-server-side-encryption: AES256
etag: W/"0ce215389a7b7b0ebb0a652287068e84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: x356G0fndvspK0yefWjjpFw6Roy1YPBSzdmvXe2SYOXUjBDKpbsp3g==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
29 KB 88ms
59ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec75a28b1ec3bff55f7ccb1e4bf47236a608db37d38df19af485c0414d44e3b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29575
x-xss-protection: 0
server: cafe
etag: 903 / 19752 / m202401250101 / config-hash: 15960758023833535727
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 20:57:41 GMT

GET
H2 200 ctimes-logo.svg
cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ 3 KB
3 KB 19ms
17ms Image
image/svg+xml 18.244.28.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ctimes-logo.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-129.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:24:11 GMT
via: 1.1 b4c8533b83ba8966d6389995da777118.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:50:22 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 4329211
etag: "e87f670b52b097530289da1acb82568e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2576
x-amz-cf-id: Oznb2wkscxWgiFvFtRXiOdZNMtjPRQA2IjjLuqvYitY-Y2kGerB6ig==

GET
H2 200 logo-mobile-cst.svg
cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/ 1 KB
2 KB 39ms
38ms Image
image/svg+xml 18.244.28.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/logo-mobile-cst.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-129.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:07:00 GMT
via: 1.1 b4c8533b83ba8966d6389995da777118.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:52:10 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 11393442
etag: "872e5a087c60467941e5d72da5703323"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1182
x-amz-cf-id: woYxtL6snOQ0kv2Eiz2gsv8UucNv7VHzWnKg7fPAOYyDS2bxx6b_Hw==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 238 KB
86 KB 64ms
12ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-86.deploy.static.akamaitechnologies.com

Software

Resource Hash

f90a499ca4d771d60c26b6babedff7b162f5bad81df8a44379617ddc9ceea89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 30 Jan 2024 20:57:41 GMT
edge-cache-tag: widget-cheetah-stg
x-traceid: 47cb65f432fe49dba6d826e866b4c316
content-length: 88038
last-modified: Mon, 29 Jan 2024 13:55:52 GMT
etag: "23-w0srDV8RbMq8KdChp8HRcc3iPY4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14500
access-control-allow-credentials: false
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 ctimes-logo-inverse.svg
cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ 3 KB
3 KB 39ms
37ms Image
image/svg+xml 18.244.28.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ctimes-logo-inverse.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-129.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:43:18 GMT
via: 1.1 b4c8533b83ba8966d6389995da777118.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:51:15 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 11322864
etag: "adb236ef72a30b7d3eefd7c947693d02"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2862
x-amz-cf-id: 7xOuqp3JYsR-WYdIioasj0i--e7yLZtIaOPZboAtky31XtGa_K6TNg==

GET
H2 200 bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/ 9 KB
3 KB 18ms
18ms Script
text/javascript 18.244.28.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-129.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 00:09:58 GMT
content-encoding: gzip
via: 1.1 b4c8533b83ba8966d6389995da777118.cloudfront.net (CloudFront)
last-modified: Thu, 10 Feb 2022 19:08:47 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 11652464
etag: "c066757a8992615b576ac565d39d182d"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3003
x-amz-cf-id: mXutgjXsG8wywmoohKQjjVLCpvV6u7J5vnSVaDe6nHItISxFcSBKGg==

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 327ms
112ms Script
application/javascript 2606:4700:e2::ac40:8f06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8f06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VYK42BF71DXT0FW4
age: 2835
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aZaTN3EmUOBhvEaY3TlEv+QRBohXtgeAfOSxvFDw/psQ3bZV9knI+sJwlmmlPSoBPCpvtI42X8M=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQdUnr%2FPixaYMUca3zihmQJdXDmn%2Bh%2BCRcM6Gik1PAjXoxiLUfEklzDDaB9FWNPK%2BmApqum8aa%2FhazYlpAC9NmE%2BNWSF5%2BXY96HB6ZVvVjWJcygMb8lyTBHE6E0NduIyx0J%2Bp%2B6AisjQIpzNbhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 84dca0f1fff681f4-IAD

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
82 KB 61ms
33ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff08f431f3adb05e5103505cad423797d3e1ef7b7e92b732e88d177c874b2157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84159
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 18:23:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jan 2024 20:57:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
59 KB 50ms
22ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJS7ZKP

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7342ed716f2f206e9e6120b11c2786bb29ea550972ccbce5eeec1e215708beca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60521
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 18:23:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jan 2024 20:57:41 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 27ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cf34085c33dffd0843b2b5b9e75bec69bb6fe1f5c4715097a24ce318019078f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 20:57:41 GMT
content-md5: /z3LMtJ7z7B45+k7pv1XZg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: M4nzX5I+mKJLLwjXqyQtoc07kVK86wznO39SU93qM0d+QwKcXLroFUSboQAV6SvbbBFAji1ue3KY1mJ7hn1S5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 64409c63c7de330f06b9d82eb651a083
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "668f324aa4eea3d8d141aecc6fdf80fb"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 30 Jan 2024 21:15:28 GMT

GET css
fonts.googleapis.com/ 0
0

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d7805992cf7b7a6eb820f848e9eed600cb66123bcf4a71bb94f6851ebc1eb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec8aacd0332a870d8bb973a32815e640c76ad05cd17fe3ea40cbf8147575029

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26a6913b44459539eef3e57f0806fb078e6faa76ae2c289f479c31d8d35e58dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 341365f404f5657516ee66ba318b5f61ac14ecf7920502e04adff6fb813085a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 5 KB
2 KB 68ms
22ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8572450f390cda56ec83f6a4094901b012c4f3b3ebbe5ddcade91db1a5f96ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date: Tue, 30 Jan 2024 20:57:41 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2024 20:07:08 GMT
server: cloudflare
age: 3033
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 84dca0f0fafc9bef-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: b3ycxvy29k
expires: Tue, 30 Jan 2024 21:27:41 GMT

POST
H2 403 _track Show response
chicago.suntimes.com/ 1 KB
1 KB 9ms
8ms XHR
text/html 13.32.121.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chicago.suntimes.com/_track
Requested by: Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-86.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: e2af68ff4b461dd37e70fb35c0a26ee113e2b0ed63ae6fe98eb18de7f05b7c63

Request headers

Referer: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
x-cache: Error from cloudfront
content-type: text/html
content-length: 1053
x-amz-cf-id: 5eUww4vzfCuSOk_40giZvfTerjcF8OupO0138QRxPGZgUVphPbQ9Iw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 84ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e74e8880555a234a4f100207fba9375dc20427df6df3951d39fd7b2ae03ec6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29575
x-xss-protection: 0
server: cafe
etag: 521 / 19752 / m202401250101 / config-hash: 15960758023833535727
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 20:57:41 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 283 KB
71 KB 57ms
14ms Script
application/javascript 18.239.70.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-203.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:18:58 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 20:58:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 2324
x-amz-server-side-encryption: AES256
etag: W/"bfb1a1567d75287f0c63152bfd796b6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: RLqZfAeY2HUzyBkk1owFPjRXIePFcOs5BMuJGvrnLEnfJowD6skJqA==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 19ms
11ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3ca871af6573a91af600103f3cfda083

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64c466f9688d10018d1f1b08285b60e5e4675b7475a409a0ec296b4a979bc694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 20:57:41 GMT
content-md5: brTxqlmvNHSoUbEz4m7jkw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87028
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: 2KVquWk3w3hefhITVFYWwKfU+NUUEG9oo/3+Voe27g+XRCQ7JeLFM9E8ALCCoiCqbtzjLDHAi6K9D30jgcqyrw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0ae8c77e86af7adca36a66a25c71a311
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b58159a2e32873f1eaee38363c319419"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Jan 2025 20:43:39 GMT

GET
H2 200 592cbffd-a1d0-4eb8-a31c-5b1269e51126 Show response
player.ex.co/player/ 447 KB
151 KB 68ms
8ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126

Requested by

Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.f28440e3f676e789f6df59be0445abf1.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b0cfaf7a12c15787db6e75409b349e04dec4524a79bab1b7c8cb99e99c63af55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 20:57:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1332
x-cache: HIT, HIT
content-length: 154166
x-served-by: cache-iad-kcgs7200162-IAD, cache-fra-etou8220041-FRA
server: nginx
x-timer: S1706648261.390882,VS0,VE2
etag: W/"6fdc5-1I39jhaKo71P+1mM4ND6lYeQw4c"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1, 1

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 57ms
15ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
last-modified: Fri, 14 Jul 2023 12:44:32 GMT
server: nginx
etag: "64b14330-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/5ddba31/2147483647/strip/true/crop/3000x2000+0+0/resize/840x560!/format/webp/quality/90/ 67 KB
67 KB 19ms
19ms Image
image/webp 18.244.28.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/5ddba31/2147483647/strip/true/crop/3000x2000+0+0/resize/840x560!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2F7tNejfTgWx6RkxAU5Zd7-no9VDQ%3D%2F0x0%3A3000x2000%2F3000x2000%2Ffilters%3Afocal%281500x1000%3A1501x1001%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F25233130%2FSOX78_011824_4.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-129.cdg52.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 0f5e844cbc6a7b466126345c2b7547766cd38e9e92b7cf027f7f89bb8b634e13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 01:19:28 GMT
x-envoy-decorator-operation: brightspot-dims-verify.cst-web.svc.cluster.local:80/*
via: 1.1 b4c8533b83ba8966d6389995da777118.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: CDG52-P5
age: 1107493
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 568
content-length: 68422
x-amz-cf-id: 0OH1P9z73Y3AwIh31Zmy63HPwG6e8dR4Qt7M94bBlGMNYATZAVZRzQ==
expires: Fri, 17 Jan 2025 01:19:28 GMT

GET
H/1.1 200
OK Y2hpY2Fnby5zdW50aW1lcy5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
535 B 66ms
11ms XHR
application/json 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/Y2hpY2Fnby5zdW50aW1lcy5jb20=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-161-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 30 Jan 2024 20:57:41 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31896
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 482ed3b154de80651589ba6ae644ee9e
Content-Length: 15
Expires: Wed, 31 Jan 2024 05:49:17 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 32ms
9ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 29 Feb 2024 20:57:41 GMT
date: Tue, 30 Jan 2024 20:57:41 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/ 3 KB
2 KB 73ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/712386318/?random=1706648261379&cv=11&fst=1706648261379&bg=ffffff&guid=ON&async=1&gtm=45He41t0v9103452528&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&label=OYbCCNXP0_kDEI7O2NMC&hn=www.googleadservices.com&frm=0&tiba=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&pscdl=noapi&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJS7ZKP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6a894b80a9326ad0b3f754eac4b673e6bfa775f63ef0804bbd437395da70639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
56 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 20:57:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: raGGzkwCCEMRjICd2WBOz0OeWwmVkIPr9nv3UydoR8p1OA1c5QjytlnAQvtIDQNPPBkVkeEBYoeEX2Kp/ZTP6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET platform.js
insiderdata360online.com/service/ 0
0

GET
H2 200 init-10040ov9ws04c72xz9c7.js Show response
api.aamapiv2.com/api/ 463 B
847 B 417ms
350ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aamapiv2.com/api/init-10040ov9ws04c72xz9c7.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a188b735870120e23dd6624cc1f6ff2bddee1be60b8380be614526c4a8cfd0ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPxrXbPNB3jAkPuqugjVcZOAbbbQJ2wqV0cYODXf%2FqrEKQAH%2F8j7dWOXKZRaf0v45adbEZAO67D7Vg6HzyZSBtnSvBqkxJnvbXbevKQeNWO6YueCCssYSKfV34GiZPMFND04aEFxs%2BjSBLM6dt3O"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84dca0f22fd66323-LHR
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 19:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4172
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jan 2024 21:48:09 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/chicago.suntimes.com/ 57 KB
21 KB 78ms
18ms Script
application/javascript 52.222.200.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/chicago.suntimes.com/p.js?gtm_ver=3.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-60.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: 5795275e05ed8b48374fce0cca26e7696aa9f1cf8a4979277c965353cebfa3a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Jan 2024 07:43:38 GMT
content-encoding: gzip
via: 1.1 51e38e49e0ed8139bfe27f40adfc4628.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 16:41:43 GMT
server: nginx
x-amz-cf-pop: CDG50-P2
age: 47726
etag: W/"649c62c7-e28e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: nEjNxxbyviKQWoW0U8JRvlLGcdf8jzbwjpfKOjln1qzP-val51xK7g==
expires: Wed, 31 Jan 2024 07:42:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K0F0MB46T8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56236d90727622361d914b19e8dd0a712e4b1a8a547b7db598212e4cbc87dcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80116
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jan 2024 20:57:41 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 436 KB
136 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6289
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139565
x-xss-protection: 0
server: cafe
etag: 12534472742743793976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:12:52 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 389 KB
115 KB 57ms
47ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92ed82b092d14e3ed65b5ee14cb854e3c7576da39396d56a694ea558fb43cb3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
x-amz-version-id: pDCxXTfVKq2h50mR8Qqo7jTeaIYwbqVP
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: 83GVADBH8JNN8EK7
age: 8306
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6f3gYTMgN2M+XNPJlW/0BwraDCJ72mAHCcrR7tjLAxUW2EE86ymxOpxbza/rNGKIykD4JoRT4IM=
last-modified: Tue, 30 Jan 2024 10:38:25 GMT
server: cloudflare
etag: W/"44d456678619fa0ed8147ed0ca06f5f3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84dca0f21c609bef-FRA
expires: Wed, 31 Jan 2024 00:57:41 GMT

GET
H2 200 l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ 39 KB
39 KB 37ms
11ms Font
application/font-woff2 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
server: nginx
etag: "aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39712

GET
H2 200 l
use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/ 38 KB
39 KB 45ms
19ms Font
application/font-woff2 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
server: nginx
etag: "9a0ddb2a9b3aa5e4eb0cc25f50e612d5ae59958a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39344

GET
H2 200 l
use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/ 38 KB
38 KB 36ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f0b2aa044e220b8f9ec02d387f0a408309d8563232656a8700338f293598e1e0

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
server: nginx
etag: "3bd094436e8172ab61cda9f0fed997dd1ff37d39"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38868

GET
H2 200 l
use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/ 39 KB
39 KB 47ms
30ms Font
application/font-woff2 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
server: nginx
etag: "788f540305918e8b77e6fded33fe357dbe2b001f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39616

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 43ms
7ms Script
text/javascript 2600:9000:266e:dc00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:dc00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 14:04:01 GMT
content-encoding: gzip
via: 1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P8
age: 24820
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: FdxAK0j-Ug1mXhyU_ZSwsIA8F1LLwe4lfN-d3NjbhalIuLmLpgUW7Q==
expires: Wed, 31 Jan 2024 02:04:01 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 39ms
13ms XHR
application/javascript 18.239.70.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-203.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 b6b3214c2f1500227643824508cb5d1c.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 04:35:50 GMT
x-amz-cf-pop: AMS58-P4
age: 59723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Y_PTgJlL1oe3rDdblGlG_HLYBFpbPdP47FdjWUM2qnJIHHs8t51veA==

GET
H2 200 config Show response
player.ex.co/ 2 KB
2 KB 45ms
29ms Fetch
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.ex.co/config?sfid=0010J00001r9agUQAQ

Requested by

Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ae32279f508038263e489e0752c3a63353994eeba14d35f447fd90f11576544f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 20:57:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 38960
x-cache: HIT, HIT
content-length: 1712
x-served-by: cache-iad-kiad7000136-IAD, cache-fra-etou8220064-FRA
server: nginx
x-timer: S1706648262.597129,VS0,VE2
etag: W/"7db-W4lpm4JxNnlzwqweEOWweos4PDk"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vary: x-pb-domain
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 22, 1

GET
H3 200 1401480206566122 Show response
connect.facebook.net/signals/config/ 56 KB
13 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1401480206566122?v=2.9.143&r=stable&domain=chicago.suntimes.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a36f94be22794b858d703836d2ef8a07a4caf4248c83d59fb98f8716d6a6aa36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 20:57:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12737
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: TlGiheSo2n+lI3bB57ldM3dhFgTSdPidFGsqZupWK1sbuGHMCuR9zqsG+6h62hXd15rXeYX+P+0WdQR05cvLrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 17ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 15ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=137332564&t=pageview&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ul=en-us&de=UTF-8&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=383365489&gjid=510713576&cid=1242362127.1706648262&tid=UA-52083976-1&_gid=1746434843.1706648262&_r=1&_slc=1&gtm=45He41t0n81PRHXFPNv858910465&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=23806089&cd2=article&cd4=Fran%20Spielman%3ATim%20Novak%3ADavid%20Roeder&cd5=2024-01-17%2020%3A17&cd8=2024-01-19%2017%3A51&cd9=17&cd10=south-loop%2Ccity-hall%2Cwhite-sox%2Cbridgeport%2Cpolitics%2Cnews%2Con-instagram%2Cfront-page%2Cbusiness%2Cthe-watchdogs&cd11=chicago.suntimes.com&cd12=chicago.suntimes.com&cd20=chicago.suntimes.com%3Achicago.suntimes.com%3Asouth-loop%3Acity-hall%3Awhite-sox%3Abridgeport%3Apolitics%3Anews%3Aon-instagram%3Afront-page%3Abusiness%3Athe-watchdogs&cd22=dated&cd26=20&cd33=no%20value%20set&cd53=1397&cd55=White%20Sox&z=89112997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=137332564&t=event&ni=1&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ul=en-us&de=UTF-8&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Data%20Layer&ea=Loaded&el=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1242362127.1706648262&tid=UA-52083976-6&_gid=1746434843.1706648262&gtm=45He41t0n81PRHXFPNv858910465&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1122142349

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 18:53:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7474
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 49ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K0F0MB46T8&gtm=45je41t0v9123617824z8858910465&_p=1706648261170&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1242362127.1706648262&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706648261&sct=1&seg=0&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&en=page_view&_fv=1&_ss=1&tfd=1505
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K0F0MB46T8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/712386318/ 42 B
455 B 48ms
19ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/712386318/?random=1706648261379&cv=11&fst=1706644800000&bg=ffffff&guid=ON&async=1&gtm=45He41t0v9103452528&u_w=1600&u_h=1200&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&label=OYbCCNXP0_kDEI7O2NMC&frm=0&tiba=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ygxI0WZymouTNybjiMJGHumI0NBlsw&random=61395867&rmt_tld=0&ipr=y

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/712386318/ 42 B
455 B 49ms
20ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/712386318/?random=1706648261379&cv=11&fst=1706644800000&bg=ffffff&guid=ON&async=1&gtm=45He41t0v9103452528&u_w=1600&u_h=1200&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&label=OYbCCNXP0_kDEI7O2NMC&frm=0&tiba=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ygxI0WZymouTNybjiMJGHumI0NBlsw&random=61395867&rmt_tld=1&ipr=y

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 61924087 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 71ms
32ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/61924087?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5ea00db9b77d1a861264801f9fb3629c91868356b6f186f90a8f78ee224ba0c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WrWJ9yr0m4TZIfOTCOkpqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-WrWJ9yr0m4TZIfOTCOkpqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTDcfTo07VsAicmvfzJBAAtH1vq"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 154ms
30ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1706648261749&plid=1e2c1666-8103-4610-be9a-3c645ecc0dbf&idsite=chicago.suntimes.com&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&sref=&sts=1706648261744&slts=0&title=White+Sox+in+%E2%80%98serious%E2%80%99+talks+to+build+new+South+Loop+stadium+at+The+78+site+-+Chicago+Sun-Times&date=Tue+Jan+30+2024+21%3A57%3A41+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=631af36a-e9ba-4ea8-88df-0ca54fb383ee&u=pid%3D8f12831c-3805-4633-a6c1-b5467f7a8d64
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:41 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 30-Jan-2024 20:57:41 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 57ms
27ms Script
application/javascript 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 27718
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 Jan 2024 10:08:30 GMT
server: cloudflare
etag: W/"1bbec-18d59d77b75"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 84dca0f45bb537fd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Wed, 29 Jan 2025 20:57:41 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 36ms
10ms Script
application/x-javascript 2a02:26f0:480:387::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:387::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 11:02:02 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6055
Expires: Tue, 30 Jan 2024 21:57:41 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 63ms
25ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-52083976-1&cid=1242362127.1706648262&jid=383365489&gjid=510713576&_gid=1746434843.1706648262&_u=YEDAAEABAAAAACAAI~&z=487595563

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 Jan 2024 20:57:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 414ms
141ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=13718260712070189596028000012290530190371556882418011790571563517558&nc=0&tsf=0&tsfmi=&pv=0&cb=1706648261909&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3007465733&at=&bid=e30%3D&di=W1siZWYiLDgyMTZdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NDMsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTAy%0D%0AMTQ5ODkxLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCI3LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBv%0D%0AVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2Ynpj%0D%0AdVNBUEovR3QiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixc%0D%0AInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInBhcnNlbHktdGl0bGVc%0D%0AIixcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wi%0D%0AOjAuMDAzOTM3MDA3ODc0MDE1NzQ4fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFst%0D%0AMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIw%0D%0AMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFst%0D%0AMjAsIjEyNDIzNjIxMjcuMTcwNjY0ODI2MiJdLFstMjEsIkJzaUI0cGtiIl0sWy0yMiwiW1wiblwi%0D%0ALFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6%0D%0AMjYwMDAwMDAsXCJ1amhzXCI6MjMxMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJb%0D%0AMCw5LjgsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIntcInZcIjpbMiwy%0D%0ALDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0s%0D%0AWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwNjY0%0D%0AODI2MTg5OSwtMV0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgw%0D%0ALSJdLFstMzgsImksLTEsLTEsMzA3LDAsOTEsMCwwLDIxLDU2Niw5NiwwLDEwNjQuOSwxMDY0Ljks%0D%0AMTcyOSwxNzMwIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIs%0D%0AXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDNdIl0sWy00MCwiMzMiXSxb%0D%0ALTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAx%0D%0AMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiRXVyb3BlL0Jl%0D%0Acmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw5%0D%0ANV1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A9708%2C%22w%22%3A1600%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=K59622Mhjn&sdd=%7B%7D&pto=1739
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cbf4c9a985d23c0d59289a0307ff3386b8c858ba8088fdc8f0f097277c49309c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 30 Jan 2024 20:57:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1861
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 30787d05-7895-471e-9cdf-d931d7b5ea5d Show response
config.aps.amazon-adsystem.com/configs/ 564 B
832 B 51ms
13ms Script
application/javascript 18.238.243.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-129.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 653b367c322558cb2e60712a158f56c2929b62408a35ad4dfec09359c25b34b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:25:33 GMT
via: 1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 1928
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: dZxYNCgjWH11qKGq7jOKiXtZIeSZmJrw0Ep1bWZczFoKm2kpl-dfQg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 14ms
13ms XHR
application/json 18.239.70.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fchicago.suntimes.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-203.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 5ae4511cca9105f1d4a785b54345acc66ba7a06dd9352fa9b5b280475cb05d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:30:33 GMT
via: 1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 8827
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1029
x-amz-cf-id: 0bGkurhKd5wIh8vuNQoY6Prvn6x4RxExnl0X07pDVE1XpR_e6rR-7w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
360 B 113ms
50ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&pid=dxX7X4IWjVFbI&cb=0&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F61924087%2Fsuntimes%2Fchicago.suntimes.com%2Fmlb%2Fwhite-sox%22%7D%2C%7B%22sd%22%3A%22htlad-6-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F61924087%2Fsuntimes%2Fchicago.suntimes.com%2Fmlb%2Fwhite-sox%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!hashtag-labs.com%2C1000000560%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-4.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:41 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dnX9EtdMKHTC2mbYUjqc2p8R3fuCmtSl1jB8RvQ40mWSIJ3Mdi1S-Q==

GET
H3 200 146698685967099 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/146698685967099?v=2.9.143&r=stable&domain=chicago.suntimes.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98%2C171%2C170%2C172%2C177%2C178%2C179%2C175%2C167%2C114%2C166%2C168%2C105%2C133%2C127%2C130%2C111%2C162%2C202%2C99%2C203%2C140%2C103%2C125%2C118%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77bfded545f2b84f8820d9c78577de079af251d8630b4cf1ab6d605fe3d0a349

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 20:57:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2657
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: Fxmf1VS+wTnFLmL6TVD5AceOzchIqTlL8WXWiL7LSZb8s4qUgMlbQK8z2jcn4OS0o7DvxiH0F7EHB787g8bQQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1401480206566122&ev=PageView&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&rl=&if=false&ts=1706648261944&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706648261943.754073887&ler=empty&cdl=API_unavailable&it=1706648261571&coo=false&exp=e1&rqm=GET

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jan 2024 20:57:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
collector-1.ex.co/main/ 17 B
155 B 331ms
96ms XHR
application/json 52.207.36.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-1.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.36.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-36-169.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 Jan 2024 20:57:42 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
585 B 49ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 20:28:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jan 2024 20:57:42 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 60ms
45ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52083976-1&cid=1242362127.1706648262&jid=383365489&_u=YEDAAEABAAAAACAAI~&z=523964728

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 49ms
35ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52083976-1&cid=1242362127.1706648262&jid=383365489&_u=YEDAAEABAAAAACAAI~&z=523964728

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 198 B
860 B 415ms
400ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?browser_id=ls0ub6oed2bb6o5i&page_view_id=ls0ub6oeq2z3n1i4&content_type=article&page_title=White+Sox+in+%E2%80%98serious%E2%80%99+talks+to+build+stadium+in+South+Loop%E2%80%99s+%E2%80%98The+78%E2%80%99&callback=jsonp3263&client_id=FV0czWAOfe&site=https%3A%2F%2Fchicago.suntimes.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afdfa31c33e2f210499ff619c542c741c7d2c376d474b7b9ac7a98968ec757bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M68e38sBTlA
pragma: no-cache
wn: prod-id-10-0-89-36
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
server-time: 0.001
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 84dca0f599389bef-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 services.js Show response
js.gumgum.com/ 111 KB
41 KB 216ms
32ms Script
application/javascript 52.222.169.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-108.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 426e68ed10acbe146be46d72ba08af6566ace670b23781f9047b37c8472b136e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: PpBun5vF8csJECCAJ2RubsW4ddAXOymN
content-encoding: gzip
via: 1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
date: Tue, 30 Jan 2024 20:57:42 GMT
x-amz-cf-pop: CDG52-P2
age: 14099
x-cache: Hit from cloudfront
x-amz-meta-access-control-allow-origin: *
last-modified: Wed, 24 Jan 2024 00:21:03 GMT
server: AmazonS3
x-amz-meta-timing-allow-origin: *
etag: W/"97fc73e441b45bef14081509ffd888bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: G7eUa4VrAOfVEb84lU6F_2wWa-xn45x04qUcHazat2y5HcJwOLmeuA==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 87 KB
25 KB 56ms
24ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2024 10:08:32 GMT
server: cloudflare
x-amz-request-id: MRHNYRYTP1ATNJ13
age: 1528
etag: W/"e88c8a94cbeb20543c62bf06c653a335"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84dca0f5aa8f9150-FRA
x-amz-id-2: FeELyL2e7yOkKT7VHrC8vgFv3WUk5TTBbRMc0HxndOD65/UA+HncQC5KM2oTBsELvetDZDzPbrU=

GET
H2 200 playlist Show response
mcd-playlist.ex.co/api/v2/ 6 KB
1 KB 26ms
18ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mcd-playlist.ex.co/api/v2/playlist?id=64554d9bb9ac68001213182c&targetedPlaylist=false

Requested by

Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

de84a8816ca70d5526b39397da26d7e1327f1cf0358074112fb4887d03ee455f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 20:57:42 GMT
via: 1.1 varnish
age: 1744
x-cache: HIT
content-length: 1330
x-served-by: cache-fra-etou8220064-FRA
server: nginx
x-timer: S1706648262.033040,VS0,VE0
etag: W/"19de-pt3jXlrgO7Po1iD1bJFcYJXJT+c"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 2

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
444 B 389ms
89ms XHR
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1706648262014&sessionId=85e5f506-5191-2507-3016-c94891ee62e7&url=chicago.suntimes.com&cheqSource=1&cheqEvent=0&exitReason=3

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Jan 2024 20:57:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b02c06f7ae1d961c68c46aec4287355b
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 40 KB
12 KB 559ms
390ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&idx=0&rand=86377&widgetJSId=AR_1&va=true&et=true&format=html&clid=85e5f506-5191-2507-3016-c94891ee62e7&fdu=chicago.suntimes.com&px=0&py=10233&vpd=9033&cw=1600&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010631&sig=BsiB4pkb&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b92ef4f048d64d9aaaf24630d137becf6b96d9614b424985fec8960a9bf8a1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-lga21941-LGA, cache-fra-eddf8230039-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Tue, 30 Jan 2024 20:57:42 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1706648262.188159,VS0,VE382
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-traceid: 128877eeba7d02dafd51b0bd90e935e9
accept-ranges: bytes
content-length: 11944
x-cache-hits: 0, 0

GET
H2 200 pp.js Show response
api.aamapiv2.com/s/ 15 KB
6 KB 32ms
31ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aamapiv2.com/s/pp.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b68b35d7a7958fdfc7cfae0c8d6eaf4fdeea76cb8f389899486c0cd9c160df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Feb 2023 17:56:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6664
etag: W/"63e68540-3c2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dApw0WuNFzayz6u9mUcz1H9bzt1AYJeMFe9OAKE9s1MAmVcimSoUyZ%2FvfuN%2BxmHW19ExXzOnoITD5INhoKj6PjEN3Eggvhb4bkZTPP7CpnzU1HkbRNxu%2FlX0yiZhDAKUe3QPZ2a3Ca52I087MuPN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84dca0f5b8546323-LHR
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 112 KB
37 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:480:387::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:387::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4e337343893c619cdcd204af70347c93078b7226bfc80123ce646e54a76ab1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2024 13:48:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37323
Expires: Tue, 30 Jan 2024 21:57:42 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 171ms
18ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 11846063
x-cache: HIT, HIT
content-length: 29875
x-served-by: cache-lga21967-LGA, cache-fra-eddf8230028-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1706648262.188983,VS0,VE0
etag: W/"28feccc0-14e55"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 13, 87638

GET
H2 200 AGSKWxV7YvzlVyBTVYZ3-7NcIsCN2eK2J-WW_38yFFvrRMepQHgOa5M6EV8mbC1VXsU6_DE3qjjQaFXBbgxpyT3Jl8tgtfIxMs3fTuGMd68YHGKv77rdQWstwQiONkFnNWrtEuh7FnUmvA== Show response
fundingchoicesmessages.google.com/f/ 413 KB
61 KB 103ms
102ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV7YvzlVyBTVYZ3-7NcIsCN2eK2J-WW_38yFFvrRMepQHgOa5M6EV8mbC1VXsU6_DE3qjjQaFXBbgxpyT3Jl8tgtfIxMs3fTuGMd68YHGKv77rdQWstwQiONkFnNWrtEuh7FnUmvA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjQ4MjYyLDQ1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2NoaWNhZ28uc3VudGltZXMuY29tL3doaXRlLXNveC8yMDI0LzEvMTcvMjQwNDIwNDgvd2hpdGUtc294LW5ldy1zdGFkaXVtLTc4LXNpdGUtc291dGgtbG9vcC1yZWxhdGVkLW1pZHdlc3QtcmVpbnNkb3JmIixudWxsLFtbOCwibE1JemRBS0tERVkiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26992f8f1907d15864bf8f9977fc19304735d1c0f0ffa1f820b918fdf81f5056

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HKnNJCxB4qcaGg5oWwRyXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HKnNJCxB4qcaGg5oWwRyXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTNcezo07VsAg0L1zsAAMUIWrA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 14ms
9ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146698685967099&ev=PageView&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&rl=&if=false&ts=1706648262090&sw=1600&sh=1200&v=2.9.143&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1706648261943.754073887&ler=empty&cdl=API_unavailable&it=1706648261571&coo=false&exp=e1&rqm=GET

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jan 2024 20:57:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK landscapec1af06a5-1bd3-481b-b8a2-ba5be57550d9.webp
mcd.ex.co/video/upload/w_800,so_4/v1490095101/ 25 KB
26 KB 94ms
9ms Image
image/webp 23.53.42.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcd.ex.co/video/upload/w_800,so_4/v1490095101/landscapec1af06a5-1bd3-481b-b8a2-ba5be57550d9.webp
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-114.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 21181537c7307e1b607bf2c76ec6b34a243d10df34955627082f729c6e24f97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:42 GMT
Cache-Tag: 330553356347107964343161165545496202658,473281262405526930053610213462331028430,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Disposition: inline; filename="landscapec1af06a5-1bd3-481b-b8a2-ba5be57550d9.webp"
Connection: keep-alive
Content-Length: 25378
X-Served-By: cache-iad-kiad7000107-IAD
Last-Modified: Tue, 30 Jan 2024 20:28:23 GMT
Server: cloudinary
Surrogate-Reporting: width=800,height=449,bytes=25378,owidth=1280,oheight=718,obytes=49408,ef=(18,63,69,99)
X-Timer: S1706646558.410999,VS0,VE1
ETag: "fc96f31130e6c9f671f4a94d095ce05e"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31555918
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 98ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:50:29 GMT
x-content-type-options: nosniff
age: 7633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:50:29 GMT

GET
H2 200 player.js Show response
cdn.ex.co/player/ap/4.18.0-e715985/ 325 KB
90 KB 77ms
8ms Script
application/javascript 23.53.42.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ex.co/player/ap/4.18.0-e715985/player.js
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-114.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ba68e72c0a4e8e97c5e930cfa2c410eb1415ba43f241571b3a0d073076bdff8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
content-length: 91320
last-modified: Tue, 30 Jan 2024 09:28:39 GMT
server: AmazonS3
etag: "f3e5de30587049a070071fe250d6a73b"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 06 Feb 2024 20:57:42 GMT

GET
H3 200 css
fonts.googleapis.com/ 100 KB
5 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx30KSgFiR5BFnNJbpBGjmlO4oozg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8dafdf9ef6affe7075b6fad200e065100934a702c198812b41a48d1570e34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 20:57:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jan 2024 20:57:42 GMT

OPTIONS
H3 200 19
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 156ms
133ms Preflight 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://chicago.suntimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84dca0f77d981cb9-FRA
date: Tue, 30 Jan 2024 20:57:42 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H2 200 19 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 462 B
476 B 130ms
128ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa90860f247da62513a253d80866d976693bd17d5beeaa509f3f2c44b7bcca57

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"1ce-5wxAk9VYxFCCKBX0AFX52RrOD9M"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 84dca0f8589f37fd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 14ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:59:51 GMT
x-content-type-options: nosniff
age: 7071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:59:51 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 19ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 00:59:33 GMT
x-content-type-options: nosniff
age: 71889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 00:59:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chicago.suntimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 42448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 09:10:14 GMT

POST
H3 204 AGSKWxVRRseLsKPI8oBu1P-PaXY6BGiDy0XsVu8uCKU1e6r7-kkYqC8qyFXckw92Zsmp0WFGAkR6xRiQpebrlF3FT0-8bS-zLjtUR3ig--dBEjhz_wEdUevEEVzfZVapCIUrHMCJhgzO0w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 39ms
20ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVRRseLsKPI8oBu1P-PaXY6BGiDy0XsVu8uCKU1e6r7-kkYqC8qyFXckw92Zsmp0WFGAkR6xRiQpebrlF3FT0-8bS-zLjtUR3ig--dBEjhz_wEdUevEEVzfZVapCIUrHMCJhgzO0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uSM-_XAatF7n-wbiHxtXVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-uSM-_XAatF7n-wbiHxtXVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH49jRp2vZBE60tOxjBADusCCC"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie_sync.html Show response
cdn.ex.co/sync/0.0.1-7abf705/ Frame 98BA 412 B
627 B 8ms
7ms Document
text/html 23.53.42.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ex.co/sync/0.0.1-7abf705/cookie_sync.html?network=368531133%2C2027467594&gdpr=0&gdpr_consent=
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/4.18.0-e715985/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-114.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2c8c95f475d5dec0bdc14b70bf400311e6daebb6727d90a75963e324de116f05

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: must-revalidate, proxy-revalidate, max-age=26494, s-maxage=31536000
content-encoding: gzip
content-length: 275
content-type: text/html;charset=utf-8
date: Tue, 30 Jan 2024 20:57:42 GMT
etag: "07dd85d1d0ababd70ae97ea4d60bb6de"
last-modified: Fri, 26 Jan 2024 17:08:03 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

POST
H2 200 events Show response
collector-1.ex.co/main/ 17 B
154 B 93ms
92ms XHR
application/json 52.207.36.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-1.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.36.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-36-169.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 Jan 2024 20:57:42 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H2 200 player.js Show response
p.channelexco.com/player/ 32 KB
19 KB 660ms
439ms Script
application/x-javascript 207.244.71.144
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://p.channelexco.com/player/player.js?pv=117.59&p=1939140775&cb=9ee266d4-8280-4cae-b6d6-26b54d016bb9&d=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&schain=1.0%2C1%21playbuzz.com%2C0010J00001r9agUQAQ%2C1%2C%2C%2C&w=800&h=450&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&rv=true&sid=&sid2=default&sid4=4.18.0-e715985&pub=1&pageLoadUid=13ae913b-29c1-447f-a928-c5b692a76daa
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/4.18.0-e715985/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.244.71.144 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: openresty /
Resource Hash: c9dda8173336de699b15cbede5dac58d64548b6978db9f1e519bf039b8d33421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 30 Jan 2024 20:57:43 GMT
cache-control: no-cache
content-encoding: gzip
server: openresty
vary: Accept-Encoding
expires: Tue, 30 Jan 2024 20:57:41 GMT

GET
H2 200 d Show response
gpv.ex.co/player/ 2 KB
2 KB 361ms
99ms Fetch
text/plain 107.22.55.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%2213ae9%C4%90b-29c1-447f-a928-c5b6%C4%A3a76daa%22,%22country%C4%8D%22DE%C4%B2%22browser%C4%BCch%C5%83me%C5%80os%C4%BCwind%C5%84%C5%91%C4%B3networkI%C4%8C%C4%8E2027467594%C5%80hu%C4%8D%C4%B9ue%C4%B3p%C4%BC193%C4%94407%C5%AA%C5%80%C5%A2%22https://%C5%8Aic%C4%83o.s%C4%B7ti%C5%8Ds.%C4%B5m/white-sox/%C5%A424/1%C6%A87%C6%A4%C5%BC4%C5%A448%C6%9A%C6%9C%C6%9E%C6%A0%C6%A2-%C5%9Aw%C6%A0t%C4%88ium-7%C4%A5s%C6%9D%C6%9F%C6%A1uth-loop-rela%C6%9Ed-m%C4%8Bwest%C7%8Fe%C5%94s%C5%96rf%C5%80u%C5%86r%C5%A1%C4%BCr0%C5%9F3rq%C4%BA1v%C4%B8tc%C5%B6}

Requested by

Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/4.18.0-e715985/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.22.55.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-22-55-106.compute-1.amazonaws.com

Software

Resource Hash

7774120f01feade76bd269ca62f839c5fa4c45a5edfe81317e8d3164a8e32c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
etag: W/"6c5-S1bgdhvX51h2JcyKNeJekA"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type
content-length: 1733

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 319ms
106ms Image
image/png 52.217.102.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=feb6b46121fe
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.102.196 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:43 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: CRCKNMEQ9FZN9551
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: 9O2VX+puM2Ru8E+Dm8T0Q1hroLx8VM2xarhvfyIOAonoOQOWw7vNQl9V8nLUYMgfe7uSnrTmGtQ=

GET
H2 200 sync-2435d567.js Show response
cdn.ex.co/sync/0.0.1-7abf705/ Frame 98BA 7 KB
3 KB 20ms
16ms Script
application/javascript 23.53.42.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ex.co/sync/0.0.1-7abf705/sync-2435d567.js
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-7abf705/cookie_sync.html?network=368531133%2C2027467594&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-114.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8bf2c5d28ba5403debe4799fb6519d1541ce1f17e900acf33557b56f766f2a8a

Request headers

Referer: https://cdn.ex.co/sync/0.0.1-7abf705/cookie_sync.html?network=368531133%2C2027467594&gdpr=0&gdpr_consent=
Origin: https://cdn.ex.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
content-length: 2918
last-modified: Tue, 19 Dec 2023 08:56:00 GMT
server: AmazonS3
etag: "b21713c7c85a6c6949322d5c2a99a056"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 06 Feb 2024 20:57:42 GMT

POST
H3 200 x Show response
api.aamapiv2.com/api/ 0
426 B 380ms
331ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aamapiv2.com/api/x?7prnRuESmYxdDcoL$dXJsJDAkaHR0cHM6Ly9jaGljYWdvLnN1bnRpbWVzLmNvbS93aGl0ZS1zb3gvMjAyNC8xLzE3LzI0MDQyMDQ4L3doaXRlLXNveC1uZXctc3RhZGl1bS03OC1zaXRlLXNvdXRoLWxvb3AtcmVsYXRlZC1taWR3ZXN0LXJlaW5zZG9yZiIsInJlZmVycmVyJDAkIiwiYW5jZXN0b3JPcmlnaW5zJDAkIiwidmlkZW8kMCQxNjAweDEyMDB4MjQiLCJmcmFtZSQwJDAiLCJoaWRkZW4kMCQwIiwidmlzaWJpbGl0eVN0YXRlJDAkdmlzaWJsZSIsImhhc0ZvY3VzJDAkMSIsIndpbmRvdyQwJDE2MDB4MTIwMCIsInBpeGVscmF0aW8kMCQxIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJDEiLCJzZXNzaW9uU3RvcmFnZSQwJDEiLCJhcHBDb2RlTmFtZSQwJE1vemlsbGEiLCJhcHBOYW1lJDAkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDAkNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQwJHRydWUiLCJkZXZpY2VNZW1vcnkkMCQ4IiwiZG9Ob3RUcmFjayQwJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMCQ0IiwibGFuZ3VhZ2UkMCRlbi1VUyIsInBsYXRmb3JtJDAkV2luMzIiLCJwcm9kdWN0JDAkR2Vja28iLCJwcm9kdWN0U3ViJDAkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMCRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwid2ViZHJpdmVyJDEkZmFsc2UiLCJuYXZpZ2F0b3ItaGFzaCQ0JGQ2NGI5ZGE1IiwibmF2aWdhdG9yLXRpbWUkNCQzLjIiLCJzZW5kQmVhY29uJDQkMSIsImZvbnRyZW5kZXIkNSQxIiwidGltZSQ1JDE3MDY2NDgyNjIxMjYiLCJ0aW1lem9uZSQ1JC02MCIsInBsdWdpbnMtdGltZSQ1JDAiLCJwbHVnaW5zJDUkYjZkMDU1NTgiLCJtZW0tdG90YWxKU0hlYXBTaXplJDUkMjYiLCJtZW0tdXNlZEpTSGVhcFNpemUkNSQyMy4xIiwibWVtLWpzSGVhcFNpemVMaW1pdCQ1JDM3NjAiLCJ0aW1lLWZldGNoU3RhcnQkNSQzMDciLCJ0aW1lLWRvbWFpbkxvb2t1cFN0YXJ0JDUkMzk4IiwidGltZS1kb21haW5Mb29rdXBFbmQkNSQzOTgiLCJ0aW1lLWNvbm5lY3RTdGFydCQ1JDM5OCIsInRpbWUtY29ubmVjdEVuZCQ1JDQxOSIsInRpbWUtc2VjdXJlQ29ubmVjdGlvblN0YXJ0JDUkNDA1IiwidGltZS1yZXF1ZXN0U3RhcnQkNSQ0MTkiLCJ0aW1lLXJlc3BvbnNlU3RhcnQkNSQ4OTMiLCJ0aW1lLXJlc3BvbnNlRW5kJDUkOTg1IiwidGltZS1kb21Mb2FkaW5nJDUkODk2IiwidGltZS1kb21JbnRlcmFjdGl2ZSQ1JDEwODEiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0JDUkMTEyMCIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDUkMTEyMSIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQ1JDAiLCJuYXZpZ2F0aW9uLXR5cGUkNSRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQxMSQwIiwiZ2xvYmFscyQxMiQ3ODBiODI1YyIsImhpc3RvcnkkMTIkMiIsImRvY3VtZW50LXRpbWUkMTYkMCIsImRvY3VtZW50JDE3JDVjZmE0NTJhIiwiY29ubmVjdGlvbiQxNyQiLCJkb3dubGlua01heCQxNyQiLCJnZXRVc2VyTWVkaWEkMTckMiIsInBhZ2UtZnJhbWUtY291bnQkMTgkNCIsInBhZ2UtZnJhbWUtbGlzdCQxOCQweDAjIDB4MCMgMHgwIyAweDAjIiwicGFnZS1oYXNoLXRpbWUkMjAkMi43IiwicGFnZS1oYXNoJDIwJGQ4ZDBhOTNkIiwiZm9udCQyNiQxMDAwMDAwIiwic3R5bGUtaGFzaCQyNyRiZjJiZTdkMyIsInN0eWxlLXRpbWUkMjckMC43IiwiYXVkaW8tY29kZWMkMjckMjIyMTIiLCJ2aWRlby1jb2RlYyQyNyQyMjIwMDAiLCJjbG9jayQ1NyQ2Mjc5Iiwic29ydCQ2OSQxMS4zIiwic3RhY2skNzAkMTI1NjciLCJzdGFjay1lcnJvciQ3MCRSYW5nZUVycm9yOiBNYXhpbXVtIGNhbGwgc3RhY2sgc2l6ZSBleGNlZWRlZCIsInN0YWNrLXRpbWUkNzAkMS4yIiwid2ViZ2wkNzckMSIsIndlYmdsMiQ3NyQxIiwid2ViZ2wtdmVuZG9yJDc3JEludGVsIEluYy4iLCJ3ZWJnbC1yZW5kZXJlciQ3OCRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDc4JDQ0OTUzOTY1Iiwid2ViZ2wtdGltZSQ3OCQ3LjUiLCJiYXR0ZXJ5JDkwJDEgMSAwIEluZmluaXR5IiwicGVybWlzc2lvbi1nZW9sb2NhdGlvbiQ5MCRwcm9tcHQiLCJhdWRpb2NvbnRleHQkOTEkZjdlNzEyZDkiLCJhdWRpb2NvbnRleHQtdGltZSQ5MiQzOS4xIiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDEwMSRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQxMDEkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDEwMiRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQxMDIkcHJvbXB0IiwiZnJhbWVyYXRlJDE2OSQ0MCIsImFkYmxvY2skMTk0JDA~
Requested by: Host: api.aamapiv2.com
URL: https://api.aamapiv2.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPn7J1zvsz3e9ZY2gwmVOv6BPZWprGUtts4X7EkBFlMA4GPEHZNvTehmQ10XzsPBpNBTYKl91MG76YHWRLl5fZieZGvvA0SH9S9xeH2hMa6yeOFUGPQ0zO%2FnkfN37tO1Z%2FYwDq6Cz3ayH7TQbA1G"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 84dca0f8dbc16343-LHR
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
444 B 88ms
87ms XHR
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1706648262521&sessionId=85e5f506-5191-2507-3016-c94891ee62e7&url=chicago.suntimes.com&cheqSource=1&cheqEvent=2&responseTime=1049

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Jan 2024 20:57:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 75eb58062b9a5ae07b26360e9838a4f0
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 94ms
93ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00126ae8c131e2458c9f9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60635f578afe6d4b1474fbd498fbd39e821da61c45085052aae2d05f91e46042ccc5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82e1808f77f69a8991d7aecdaff64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e9f18eb9b5197ff12ae0b9f32d0361bad766c4b040e24d1055de5e0c83d5d39a81b2c527df21d6deedc85ec54d5814aa5f0ddb90961f2484ee73f857b4974bc676af28461b009d66ed59d89cfa24ebd56ac11da7c19ccc7780191c2dfc541f527d4c738bbd74b853dfc38035e99f68f2dd39d089fff9329ebdfd12362cd8bf131796e45c1752a2beb464a43e92f51bb7b96ae761e36edd4e8a4190b57f834b73bdebcf7b38377d40734f090ae9bec9288a1feb1a110334bae1138edc4d58e3e586eefb3981a9f9bed3a1f1b21f107ead559aa40d3b91496407c52108202fa925bd7c1adef9833f986abc3882ab2ccca40e85660e23271e611094c3f8d83e7d49991b4c89cedfbbb1d64e039eb4a16095c97367c5d4123e75e490d95621b73b985e9f1ae33c870fdac813f8bc2eff9a88d298407ef2e13b63827eba90b1ab169f6c280b0494684051adbe5e8fec17c88586c954cd83812f133647be39ac19b754b2816c965f5f331228776d952f9c9d2107ab65c1bbe77088dd47886861ec443e6acaaaa2551fb035acd047c80d75420fe9273ec1efc562cb1a&cb=1706648262520&cri=K59622Mhjn
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 30 Jan 2024 20:57:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 29 KB
5 KB 137ms
125ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=FV0czWAOfe

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f29a4cfbcb50ac59b8828d582738ead69bf63e1db01a1cd933b52faced474847

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: 4csaww37r5
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 84dca0f9095d37fd-FRA

GET
H2 200 cookie_sync Show response
sync.ex.co/v1/ Frame 98BA 2 KB
2 KB 284ms
91ms Fetch
application/json 3.226.186.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.ex.co/v1/cookie_sync?network=368531133%2C2027467594&gdpr=0&gdpr_consent=
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-7abf705/sync-2435d567.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.186.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-186-188.compute-1.amazonaws.com
Software: /
Resource Hash: ec4b9eafb0647fb378c36a118ee0265ca915d9186968c6221e7d515e6b513515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ex.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://cdn.ex.co
date: Tue, 30 Jan 2024 20:57:42 GMT
access-control-allow-credentials: true
content-length: 1770
vary: Origin
content-type: application/json

OPTIONS
H3 200 40
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 119ms
118ms Preflight 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&visitor=yeiboa2u2wofymi2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chicago.suntimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84dca0f92f871cb9-FRA
date: Tue, 30 Jan 2024 20:57:42 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 40 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
565 B 131ms
130ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610285af420067cd91f0d39c1dabfa6563f9fe73242fadcb7e8d3801e88c3943

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"41-jWo6rNMKjkL39FRIItXB1sDut8I"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 84dca0f9ea943664-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 47ms
46ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 29 Feb 2024 20:57:42 GMT
date: Tue, 30 Jan 2024 20:57:42 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1701762095.019634"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 48ms
47ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 29 Feb 2024 20:57:42 GMT
date: Tue, 30 Jan 2024 20:57:42 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 365ms
90ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=def5ef4435900a89cd59c7c8bacf979e_38719_1706648262271&tm=1225&eT=0&widgetWidth=1600&widgetHeight=65&widgetX=0&widgetY=10253&wRV=2010631&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=569&oo=true&lo=1079&obreq=1054&mvreq=1845&mvres=2414&cet=4g&to=1706648260172&umv=1&ll=0&chs=1&eme=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: e2771d3234b881d72c5876a274624aa0
Content-Length: 6

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 389ms
90ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=8cb355cbd7d4cf6ff25365d40cec4fb6_38719_1706648262514&tm=1232&eT=0&widgetWidth=904&widgetHeight=262&widgetX=348&widgetY=10292&wRV=2010631&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1079&obreq=1054&mvreq=1845&mvres=2426&re=2428&cet=4g&cs=1&to=1706648260172&umv=1&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 80b41cd6d3d422fbc1bdfa32e3cc2812
Content-Length: 6

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 20 KB
4 KB 313ms
312ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&idx=1&rand=90657&widgetJSId=AR_64&va=true&et=true&format=html&t=NGFjNDUyMzJmZTBhYjgxZjc4NmI1ZGQ0ODdjYjNmZDQ=&clss=wxPCx%2FnJK4VYabwU0TzTvGGJp6BKJzdqZquESCcUfzJjNkrEUwxV4XY4f2WzZ9JiwATI6Pg9U4rEzjcA&px=0&py=2400&vpd=1200&cw=1600&em=1&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&wdr-cosc=1&activeTab=true&version=2010631&sig=BsiB4pkb&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

36fea5fc240e3d149125a6e7fc15997874568fd0ed85a56faa95e2dcbbfac1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-lga13622-LGA, cache-fra-eddf8230039-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Tue, 30 Jan 2024 20:57:42 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1706648263.624558,VS0,VE304
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-traceid: 2bfdb25c7db22d742ffce7594bef6cb1
accept-ranges: bytes
content-length: 4254
x-cache-hits: 0, 0

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 590 B
667 B 148ms
121ms XHR
application/json 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=FV0czWAOfe

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30aa768161469e84aef745d915df39a6c5e215387546c73d5707b353ae740738

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M68e38s6vMN
pragma: no-cache
wn: prod-dash-10-0-123-69
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.005
cache-control: no-cache, no-store, must-revalidate
cf-ray: 84dca0fa2ca15c2c-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 3DF3 9 KB
3 KB 125ms
120ms Document
text/html 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTCVVMBM6RUW&templateVariantId=OTVBQFL5FK4JU&offerId=fakeOfferId&experienceId=EXKQDKQWFNAM&iframeId=offer_5a5eced7d2e19ed74be6-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com&customVariables=%7B%7D

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00eac1d4c5f759c9018377e85bb770701aa2dc25ff6e36725ba941d2a0b2ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 84dca0fa0fd09bef-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 30 Jan 2024 20:57:42 GMT
expires: Tue, 30 Jan 2024 21:12:42 GMT
last-modified: Tue, 30 Jan 2024 20:57:42 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.002
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-88-160
x-forwarded-https: on
x-request-id: M68e38swOZ7
x-xss-protection: 0

GET
H2 200 show Show response
buy.tinypass.com/checkout/offer/ Frame E7EB 565 KB
50 KB 172ms
172ms Document
text/html 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee489afd81a5de5ad721bc6168ee2bf23a18c6237fc2ba3a01f79f323efa25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84dca0fa0fd59bef-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 30 Jan 2024 20:57:42 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server: cloudflare
server-time: 0.063
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-116-83
x-forwarded-https: on
x-request-id: M68e38slpao
x-xss-protection: 0

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 1EC4 456 B
659 B 10ms
10ms Document
text/html 2a02:26f0:480:387::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:387::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer: https://chicago.suntimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Tue, 30 Jan 2024 20:57:42 GMT
Expires: Fri, 09 Feb 2024 20:57:42 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 1EC4 112 KB
37 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:480:387::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:387::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 45c30844eec1accd74992758427c1d49aa0479b284de22199cb6d4e92c4d192d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2024 13:48:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37323
Expires: Tue, 30 Jan 2024 21:57:42 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 1EC4 47 B
638 B 40ms
5ms Script
text/javascript 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: a98ad5c62e1a42216f7e840e4462a300e4d69237461b034547e1762d1d4c5b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
last-modified: Sun, 30 Jul 2023 20:57:42 GMT
server: Jetty(9.4.28.v20200408)
etag: 28ojh3l5iytgl3b680ph23rczn
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 47
expires: Thu, 30 Jan 2025 20:57:42 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 1EC4 43 B
468 B 17ms
6ms Image
image/gif 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.47&typ=pgv&rnd=ls0ub6oeq2z3n1i4&sid=1148697685424599205&loc=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&new=1&arf=0&ltm=1706648262168&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=ls0ub7ez48x6rlu0&ckp=ls0ub6oed2bb6o5i&glb=&amo=1705704667&cp_userState=anon&cst=28ojh3l5iytgl3b680ph23rczn
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Tue, 30 Jan 2024 20:57:42 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 102 B
675 B 17ms
6ms Script
text/javascript 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22ls0ub6oed2bb6o5i%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2228ojh3l5iytgl3b680ph23rczn%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2228ojh3l5iytgl3b680ph23rczn%22%7D%5D%2C%22siteId%22%3A%221148697685424599205%22%2C%22location%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf%22%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0037.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

12741d04232c52999413e59f0c0d3bb1a62f3118dc036f7ae1e72d881acc0c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:42 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 102
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7C03 16 KB
6 KB 142ms
21ms Document
text/html 23.43.60.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fpubmatic%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-7abf705/sync-2435d567.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.60.191 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-60-191.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://cdn.ex.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=109759
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 30 Jan 2024 20:57:42 GMT
expires: Thu, 01 Feb 2024 03:27:01 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 3DF3 26 KB
5 KB 25ms
20ms Stylesheet
text/css 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTCVVMBM6RUW&templateVariantId=OTVBQFL5FK4JU&offerId=fakeOfferId&experienceId=EXKQDKQWFNAM&iframeId=offer_5a5eced7d2e19ed74be6-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com&customVariables=%7B%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTCVVMBM6RUW&templateVariantId=OTVBQFL5FK4JU&offerId=fakeOfferId&experienceId=EXKQDKQWFNAM&iframeId=offer_5a5eced7d2e19ed74be6-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com&customVariables=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1104
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jan 2024 11:22:54 GMT
wn: prod-dash-10-0-134-183
server: cloudflare
etag: W/"26850-1706527374000"
vary: accept-encoding
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 84dca0fad8ad9bef-FRA
expires: Tue, 30 Jan 2024 22:57:42 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 3DF3 95 KB
30 KB 53ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2166554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfF30S4ypYirLkyE%2Bgi2TXR2t4J2VR9Az2Ey6eNZH9sCwHqpq9L0V6at80V4HIPiiT4%2B9YrpvDfs%2FC6809Rb4q8ap5W2ZwNiOD%2Fw7VUrDqMH9GXs7qbpM6QkvckXJ4kR5EYJ%2F1Ilk0ANF%2FWT5yapHzT0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9bd3a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 3DF3 10 KB
4 KB 42ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 578526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B81UIPkGtCBquMW%2B4HfOtUQb6LBUR3zVsxSSllk4dKqeVVAMNGEzNxZTUGuGWFfDOwXpEp0YUHQgIqxA27ZpKPM5MSyM8YiCeQT34BtLuKEQdI%2FForsA1IzupIptbnTSSBj2S0DAbvkhj6COoUsRl%2BP0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9b73a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3DF3 104 KB
35 KB 47ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6973599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaGC9w6Z6uHpHVGmswcFpDO2KIDg9o1k%2FfBZ6m%2B4CbgNNziXu4K8%2Bs51LiJq2KvOM5D7XK9WzFQ1nxVZ6tjOjjOKWZiDxuAj%2B%2BsoGoc4kZYbPCRvqezE%2BfW8sP2QVGFFL8CqQXa819IO1w%2FLtFyoSchH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9b83a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3DF3 11 KB
4 KB 59ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 417212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3978
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-2bd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQ9Mds2VxNwLhMjiKotm3%2BIOtKrZGSFa%2Bblb%2FSHBCFGLftb%2B0Xj4vqoUDvzl4%2BZ4zjNyJFvciIYQuu3twmfYBAKtBB7Wst2e9e%2BvJh8VAjr%2B8U3E0rwSKqiqPTnmvaFVxdOpEdwPc0sWv%2FkpKgyOywjk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9bc3a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3DF3 825 B
751 B 45ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3424182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=489p2Ye%2FO32%2Bri2MuaSZIPCuGe7CUXOTkUqO%2FRi3sTaJAWm%2BGGKGRu5dIA5NJwFte1QtwgL32vV624UtVt7ItPeNWQynHnLn2vWocCBA65ZGhKvokG6S6WXPoNS2z5L1wSPGeCZNLpTyIhXdQ7hLE76h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9ba3a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 3DF3 4 KB
2 KB 43ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7029410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLB6dFee6OpLLIVQzYBy4wyLX1nBf%2FOt5vI%2Fj7003AChncYjFZTXxIaGPc7y%2B22Yr%2BVQ7MomUIRAiZ9IsMoenkLjPhE76qEol1u25fdv%2BSvShk9blK8Y9mAns3kQUWay3f39Da3gURb9l6B3y54LIwsz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9b33a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 3DF3 3 KB
2 KB 45ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5423415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N17SATkEwZz6FXH59on0tqBSFP%2Ft9Yg6nBSfn6MIRV038dXwyVu8iDF0RfGzizgu2VfVqxkx8rgeaAU0urZdHLtuOgo3iGaKeBAZFcfz4uculCgntN8fGOiahvWUP276QsE7LSc1vZhC9npCqwIzfIgT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9b23a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 3DF3 23 KB
8 KB 38ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4986567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gT2Ee4JHac0hFWnLLEdNa4q5sOJOg4IGzgKnLGvTzPOdahqgsNGVSx07j2Bis3Uw1J8CPdzd5%2Fpl7drgyAwIlGH3iq9WPO8syCOMm0MmvEkKxbAumBFEVMBDxRz0mKSfmFDuvLezeaxdP1o0YbR%2FcDiq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9b53a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 3DF3 2 KB
1 KB 42ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4065162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mk497ilKrL6RCl76gRb%2FO8MZswvUPpEZ5WoNJ9jKr7IO8bl5j7RsW%2BGlvbkc5wgwClWaQILBGfhcUh3Rqz%2FO3PUbcyYGp9toixi9LjtCQZi8tano9iM7bDAyEB1ezF7XL%2B3af%2B7Tmy3HidQaPobevrOs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9b63a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 3DF3 20 KB
7 KB 39ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7136839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TudV7hIRG1a%2BgsBz%2BoE%2FpvkdFmNmJzMmDuBO%2BbmA8ch9wvnwv2SrBBCOPAJjSYdeKZlprxZaiaMvOTmzpTabFyA%2BtdMSsToGK4SHbzZuJb%2BN5NLniS4uZXareGIqsPEtwzyg%2BGJrWJgcccbEkpR4OEUp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0faf9b13a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 3DF3 121 KB
38 KB 32ms
31ms Script
text/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.99.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTCVVMBM6RUW&templateVariantId=OTVBQFL5FK4JU&offerId=fakeOfferId&experienceId=EXKQDKQWFNAM&iframeId=offer_5a5eced7d2e19ed74be6-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com&customVariables=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1096
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jan 2024 15:37:20 GMT
wn: prod-dash-10-0-123-69
server: cloudflare
optimized-by: _sam
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=603704
cf-ray: 84dca0fad8b09bef-FRA
expires: Tue, 06 Feb 2024 20:39:26 GMT

GET
H3 200 pn-spinner.css
buy.tinypass.com/ng/common/pn-spinner/ Frame E7EB 337 B
555 B 50ms
36ms Stylesheet
text/css 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/pn-spinner/pn-spinner.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ad9a52f8696356f89ec6cfa987ab2fe0e920745bbf77f10fe24c54bd72fa1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1104
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jan 2024 11:22:54 GMT
wn: prod-dash-10-0-124-254
server: cloudflare
etag: W/"337-1706527374000"
vary: Accept-Encoding
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 84dca0fb594c5c98-FRA
expires: Tue, 30 Jan 2024 22:57:42 GMT

GET
H3 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame E7EB 360 KB
95 KB 68ms
54ms Stylesheet
text/css 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c6c4e5e8c06ab3cd0657facc8048c9d502ed817422eeb52a1ba45a3b6ffc2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1104
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jan 2024 11:22:54 GMT
wn: prod-dash-10-0-124-254
server: cloudflare
etag: W/"368707-1706527374000"
vary: Accept-Encoding
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 84dca0fb594f5c98-FRA
expires: Tue, 30 Jan 2024 22:57:42 GMT

GET
H2 200 piano-theme.css
graphics.suntimes.com/ Frame E7EB 35 KB
36 KB 298ms
218ms Stylesheet
text/css 18.66.122.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://graphics.suntimes.com/piano-theme.css
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-108.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 470d99b51f975bce3c768657e2248ce8406499901a70d6334060d45fcf1d1120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:44 GMT
via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified: Wed, 11 Mar 2020 20:41:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "e64ca16b29e5cb1b09271800d06f428a"
x-cache: RefreshHit from cloudfront
content-type: text/css
content-length: 36263
x-amz-cf-id: dIyrCOrD1_I_yEd4GRbw4zmE9JABoscLHbJXZgZ17lgwX07HihR3Aw==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame E7EB 95 KB
30 KB 60ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2166554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRanGPtjhk1JURTAfnGrHOKDSj4y56NKcHUCBdfv9CuOP03SICa8AtXul1W%2FgVkhm%2Fq2QNv0BGs6h5biQlEi3pfdhMK4Vm0ttiOZ79t9pJg9K6vOY3izqusuZ%2B8VA3UVKbZS0n%2B4Hr2n2hjliCciDvJv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb7a573a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame E7EB 10 KB
4 KB 56ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 578526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLjxg8jfONrr34NFL45O%2FAHXaEwQ0cNEjc4FFJcE5SX2yjad5XnowLpbXzmy%2Fu8HbdpsaHsxL%2BCrdhWy1Tu5iIbzLsWCBZrClPxBhT2CQKrYRd%2B7ThhsBEPVDCPBnPXQ6R7sVW8IWt%2FxPuXnh6Rmd35B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb7a5a3a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E7EB 104 KB
35 KB 65ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6973599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35086
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGxcaml38nJjZgRAtDPqME%2FRWOKnjylgPhv3npPXVNqy6GwRDViDY3FTlyDGQ77kBEObMJfm0aLxUdn5S2%2FzCDrUQ79sEVtsxI3%2FMESFwb07ztpjY440HxDZx2pkwZMd1OQrYcutvsw9Mk0cF1ORV6y5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb7a5c3a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E7EB 825 B
750 B 55ms
10ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3424182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V73D8kYXK5E7ZFKz5busrHOQ2aexAWVPgSEkLszurrDJwt2IUEZIdnCO96OIRrRyzZI0FIJWGsANCzLdp5ms1oWLFxKL3aJ3RzQaSnZnxEz%2BjjjjF1YItH%2FS29zCgDYoDUv0KsByIuvOkPujDE0veiMr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb8a5f3a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E7EB 4 KB
3 KB 58ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7029410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMRYQs%2Br01N90SW7TOXXnXauNGB0VYzkmbuxVjaJH3GXxom5cKSEZRGfIHDOv7BhUnLzGZAUAxcoXyck62m5j%2FEKx9TTYOIQcOGz1TA%2BbjeHqNNKAerg1CA6CyumIuUrHgekgaE8n98X7qEXHf8Wx93Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb8a633a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-touch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E7EB 3 KB
2 KB 58ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-touch.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2643906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1321
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-ce0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJLe3o55C3W51aqX1b%2B55MYIN0C5%2FnNoGdGzx%2BHYtyuynC8IMTPx%2BoBiftw49Pxw8JmwMHNRybZhqAiQL9GZQ%2Bq0FgmuDQZz4wOQ3wJLLPVYAqqX%2BobAJzfz2vvO9aSzMfVkM5dtZXrkvHhuiTZ4zJCl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb8a643a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame E7EB 3 KB
1 KB 53ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5423415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZrVz3irTJR%2FdT6ZjbPm0JntnqTRLmuVKKCpJPOPRaNRixZl2PYctdLCf2BMzFWeoJyntrHY%2BrHj0Bv%2BoP82khG6ZShOYKPPv4o8Xy7X2%2BFGtpu%2BLth9fr%2Fnaic8ni0p1t2MIrf5n762uyjR0GFPv4k8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb8a663a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame E7EB 23 KB
8 KB 55ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4986567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tn7X8mTWJ61efPhfTP8EI6NmCD8qYTDIFAIxUjaOiUYsJ3Dav0FDxc16t%2BEvDxrrO%2BA7Z5l85wR41BeNK5fa7tdG82aElFnl6Ajs7ltrlazpLCMtUYBAEYwOu8MnVdNnc%2BV%2FI1c%2Bjzp59kBfdVJjANYt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb8a683a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame E7EB 2 KB
1 KB 54ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4065162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 910
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5xRR9jzaQlbaWDInp3QBWa4Id%2BvclYGpU4baV5m917TVuiMxRQeFO9SrUOg5DR8B0PNeVkt97wMTL9%2Bi1uI43d8IwoGEue00efSR6dYzFXi9vg960v88tIb1iW6ZdBREJhNYfZrO8uVSylD4stN1n7K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb8a6a3a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame E7EB 20 KB
7 KB 63ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7136839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpgjIwBWyNHQbDPzOcWFZeVjVBQpVlgKL4E2MzQn%2BZ8SOOgvl4pOkFEAYpg9Hj3G7b2WwflT%2F5vUaL2Sjr%2BqW8rRZ43nDKI0wozbo5%2Fr70EzimfUuXT1d9240%2FdjCj3tbpwUPp52tKrZTQJEa0y8%2BWvy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb8a6d3a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H2 200 anime.min.js Show response
cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/ Frame E7EB 17 KB
7 KB 61ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/anime.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 530939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6344
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-4377"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5y9Z7lBDhPz13x1xFpqd%2Fyv78C4XHZTQMsQL1%2FfYjB4SfpAQJLEPET4%2FnsdbEPWSxJRAhgsvUtyLnIDhFJkodktuZaWgYx7GhGYBewJAvQAGIwQy30qvasy%2Be9GugZHTbNoC4SsePpwS9JcLG8tviRV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84dca0fb8a703a66-FRA
expires: Sun, 19 Jan 2025 20:57:42 GMT

GET
H3 200 H4sIAAAAAAAA_62YTW8aMRCG_1DJqvTSa0qrplIroZD2Ws3awzLB67H8wQZ-fWeXgJByKB5yA5bHM56P1-NtBrId5sZSyo3ZoNlyybOebXHYPKfGURshEqa7428fmv8AFjIGMluM1xKZ-koCSt78mr4JYbbXYoa9xWXkHVmMCj4QeP5h36xwnfGIlvIjWuxDJvZ19... Show response
buy.tinypass.com/_sam/ Frame E7EB 335 KB
87 KB 74ms
60ms Script
text/javascript 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAA_62YTW8aMRCG_1DJqvTSa0qrplIroZD2Ws3awzLB67H8wQZ-fWeXgJByKB5yA5bHM56P1-NtBrId5sZSyo3ZoNlyybOebXHYPKfGURshEqa7428fmv8AFjIGMluM1xKZ-koCSt78mr4JYbbXYoa9xWXkHVmMCj4QeP5h36xwnfGIlvIjWuxDJvZ19BjVpNpy8TnuV-jQZNZsuiXnyHf31kZMGhcCpDRwtO4SrzG9YL-mrjLa7BP6rHA3vs3Q9XBHa43NEroIFhVk2oA4vCptMpG0XkuwMvmCT5uI-HW1LNFsIGncyWFKVuwX3PcqX8ZqET-4dJoOT0NlnYTIPS_4IvZXYfgSMIoaKFwEifU6QrELCFni_OdTnek3_Pw9nJjfIIvpovoeEUymHSgrMcC-l7a9wZmMsf8uYrnCuCOjqWFwEcHuHyDdG6OTPHNsAm0UWvDbFZoSNe5fyu3yGE5dIgK4by9hFP3F63NNJKZTz0C0aic0KezhwL4fdLkj3-rUb_yvAuOAXra6gKSRvANG1sV22EDecxlAVSH4Iq3mwf0RIVyTUXd8JJ_1w4U5l6Yq9McK-_KkqbEQHEqDqWBpUGfF-ONLr6nvE_4Qwg30E29Rk7IkooDW7b_iGorLqxxFb7v9DStJGH__hAz9O6ylKWXbkRMfBlDR1KnCKPcqKX1xWj8rvR6TafFQxcllAiTQPqktn1dYcspr8uCNfhsIaT_qn5ofE6Cmtw5ExtQ4t6RmJwmRnafaBJ7BLGMXKmGp9krS7FspNpbrQa3NCzL3tbud2rOSYY-5ElEFc6CI43RTiXU8QuOIZqtRua_UETJOKlx8HcXxUM8V8pbAGD25m2vZEkiL-lZBmg05VG1V9P9A7ga0VfnLjvtWmZ0THFJtn4y0XJmLyixEEfgsp0w1fT6n8iBnrRbumLtJMrULnCS3kt-x66CWoRBqBXa68CiYtTYex7G7XvgsG66WP-ESr_N4qa49tabLa1cU-t4zFP2ZEDmQ1wb3ncY5_SCnHsJ045eOWmrfLST2tX18cGRqa-84jaDD8RCubc7p9W290EpATg9qR4zTXUYrlWe7p1n6lJt02zKvKxxhR-346rMrUm2zj3fzu_m8oY-f_fk3Jy3o8C_6WUkfGt81ZlqnCX6WpCM9xouPd8_pH-vr9mE9GwAA?compressed=true&v=16.99.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f30697cdb6e71524b0066806c2370123ce0339471550e0169c0feb101e11f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1026
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Jan 2024 15:36:38 GMT
wn: prod-dash-10-0-124-254
server: cloudflare
optimized-by: _sam
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.013
cache-control: public, max-age=603774
cf-ray: 84dca0fb69645c98-FRA
expires: Tue, 06 Feb 2024 20:40:36 GMT

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 3DF3 2 KB
2 KB 20ms
19ms Image
image/png 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 1105
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 2177
last-modified: Mon, 29 Jan 2024 15:37:22 GMT
wn: prod-dash-10-0-124-254
server: cloudflare
etag: W/"2177-1706542642000"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 84dca0fc09ff5c98-FRA
expires: Tue, 30 Jan 2024 22:57:43 GMT

GET
H2 200 l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ Frame 3DF3 39 KB
39 KB 25ms
25ms Font
application/font-woff2 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTCVVMBM6RUW&templateVariantId=OTVBQFL5FK4JU&offerId=fakeOfferId&experienceId=EXKQDKQWFNAM&iframeId=offer_5a5eced7d2e19ed74be6-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com&customVariables=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6

Request headers

Referer: https://buy.tinypass.com/
Origin: https://buy.tinypass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
server: nginx
etag: "aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39712

GET
H2 200 l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ Frame 3DF3 37 KB
37 KB 32ms
32ms Font
application/font-woff2 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTCVVMBM6RUW&templateVariantId=OTVBQFL5FK4JU&offerId=fakeOfferId&experienceId=EXKQDKQWFNAM&iframeId=offer_5a5eced7d2e19ed74be6-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com&customVariables=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer: https://buy.tinypass.com/
Origin: https://buy.tinypass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
server: nginx
etag: "cea691f813baff9c459e093daf1ff69d154fedc0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37980

GET
H2 204 pixel
ap.lijit.com/ Frame 98BA 0
175 B 115ms
32ms Image
text/plain 52.48.163.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fsovrn%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.163.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-163-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ex.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 30 Jan 2024 20:57:43 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7C03 0
42 B 85ms
18ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74940586&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fpubmatic%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:42 GMT
content-length: 0

GET
H2 204 starti
s-05.channelexco.com/ppx/ 0
109 B 113ms
92ms Image
text/plain 207.244.71.144
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-05.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&se=cb39df46-71ad-4c52-8337-d679be4377c3&pv=117.59&dd=chicago.suntimes.com&gpvck=v022844413__800x450______SLA2__nil__404&sa=shd&s=0.0&p=1939140775&cb=1706648263185
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.244.71.144 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
server: openresty

GET
H/1.1 206
Partial Content landscapec1af06a5-1bd3-481b-b8a2-ba5be57550d9.mp4
mcd.ex.co/video/upload/c_scale,w_800/v1490095101/ 217 KB
0 9ms
8ms Media
video/mp4 23.53.42.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_scale,w_800/v1490095101/landscapec1af06a5-1bd3-481b-b8a2-ba5be57550d9.mp4
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-114.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash

Request headers

Referer: https://chicago.suntimes.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 30 Jan 2024 20:57:43 GMT
Cache-Tag: 330553356347107964343161165545496202658,295080953872673752238392952027982591845,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range: bytes 0-222469/222470
Connection: keep-alive
Content-Length: 222470
X-Served-By: cache-iad-kiad7000107-IAD
Last-Modified: Tue, 30 Jan 2024 20:28:25 GMT
Server: cloudinary
Surrogate-Reporting: width=800,height=450,abps=22235,fps=24.9,du=10.005,vc="h264",bytes=222470,owidth=1280,oheight=720,oabps=64894,ofps=24.9,odu=10.0,ovc="h264",obytes=648942,oformat="mp4",ef=(18,61,99)
X-Timer: S1706646560.050238,VS0,VE7
ETag: "3d7da32cab620f91144f34027ac7e54c"
Content-Type: video/mp4;codecs=avc1
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31555882
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H2 200 p.css
p.typekit.net/ Frame E7EB 5 B
172 B 27ms
27ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by: Host: graphics.suntimes.com
URL: https://graphics.suntimes.com/piano-theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graphics.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
last-modified: Fri, 14 Jul 2023 12:44:32 GMT
server: nginx
etag: "64b14330-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 expb.js Show response
cdn.ex.co/player/pb/2.6.0/ Frame 3E58 604 KB
200 KB 9ms
8ms Script
application/javascript 23.53.42.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/4.18.0-e715985/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-114.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: aca479577283f03da4a646219ff6ac13935fc09036a5ef69329c28820999a32d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
content-length: 204254
last-modified: Tue, 30 Jan 2024 08:32:00 GMT
server: AmazonS3
etag: "c013aed78c974b1ef567d6c3ca320831"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 06 Feb 2024 20:57:43 GMT

GET
H2 200 sync Show response
ssbsync-global.smartadserver.com/api/ Frame 9CDA 0
45 B 219ms
39ms Document
text/plain 89.149.192.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%2Fsmartadserver%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-7abf705/sync-2435d567.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.76 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.ex.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Tue, 30 Jan 2024 20:57:42 GMT

GET
H2 200 l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ Frame E7EB 39 KB
39 KB 18ms
17ms Font
application/font-woff2 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: graphics.suntimes.com
URL: https://graphics.suntimes.com/piano-theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6

Request headers

Referer: https://graphics.suntimes.com/
Origin: https://buy.tinypass.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
server: nginx
etag: "aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39712

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame A0DB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1

2 KB
836 B

28ms
28ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-7abf705/sync-2435d567.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f630dce7b87aedfe9f7bc53c136216caa0deba239d43d7da707d76e84b661475

Request headers

Referer: https://cdn.ex.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84dca0ffac34bb79-FRA
content-encoding: br
content-type: text/html
date: Tue, 30 Jan 2024 20:57:43 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrI%2Bsple1oMwd44NalVQJICSV7vYhtkq3MnJAAgl%2Bu4CjoR%2BoY%2B7%2FNCNm61fjjfglHsiWKmU9byjWJZDRa95SHaznNMW7178MI%2Bro%2BKCGT%2BqnD5X4gNk819vvNkh3oMKEvcfOxCTbgw4oA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84dca0ff8bfebb79-FRA
content-length: 0
date: Tue, 30 Jan 2024 20:57:43 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9yc0c0xVx9eh4EJ6p5NaFcmJ8tEgRs2MIqYbX80aPFCjdjq28Mckv25INbzqyEzNkSbQLhuAMNDc8jKhtt5dMEKaoemGFaQ%2BA2vhu%2F6XjOirLQvSIpp1jHYRXRDuVhHoBnFukAEjA3J7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame E7EB 2 KB
2 KB 112ms
111ms XHR
application/json 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

307aa0b606f243c448f5ea5e31db39f55f7f50e160be16b0cd89ee14848f4259

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-request-id: M78e38syWG1
pragma: no-cache
wn: prod-dash-10-0-123-69
server: cloudflare
vary: accept-encoding
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buy.tinypass.com
server-time: 0.002
cache-control: no-cache, no-store, must-revalidate
cf-ray: 84dca0ff8d1c5c98-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 getFraudPreventionConfig Show response
buy.tinypass.com/checkout/offer/ Frame E7EB 105 B
502 B 111ms
111ms XHR
text/html 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/getFraudPreventionConfig?aid=FV0czWAOfe

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4837f6e89f16425ee5c0823bd8c1f5695199df5b077e2c8e45c804edd80d25a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.piano-after-body&templateId=OT72VX7DINGU&templateVariantId=OTVQR05T2X1NL&offerId=OF5U1AUZBBWJ&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&checkoutFlowId=CFG05853WC8B&experienceActionId=showOfferERCFZNRSJ8SGDLJ&experienceId=EXKQDKQWFNAM&widget=offer&iframeId=offer-0-9gaxW&url=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=FV0czWAOfe&zone=Web&customVariables=%7B%7D&browserId=ls0ub6oed2bb6o5i&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=2547.099998474121&logType=offerShow&width=800&_qh=c0fbf0bd82
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M78e38sJhQc
pragma: no-cache
wn: prod-dash-10-0-87-129
server: cloudflare
content-type: text/html;charset=UTF-8
server-time: 0.000
cache-control: no-cache, no-store, must-revalidate
cf-ray: 84dca0ff8d215c98-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 Loader.gif
buy.tinypass.com/widget/dist/checkout/css/img/ Frame E7EB 15 KB
15 KB 27ms
26ms Image
image/gif 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/img/Loader.gif

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0aa5339a3285b2d6414755ca5637fcc785edfafa9d51c29c48667a0cb825e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 1104
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 15059
last-modified: Mon, 29 Jan 2024 15:36:56 GMT
wn: prod-dash-10-0-88-160
server: cloudflare
etag: W/"15059-1706542616000"
vary: Accept-Encoding
content-type: image/gif
server-time: 0.001
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 84dca0ff9d285c98-FRA
expires: Tue, 30 Jan 2024 22:57:43 GMT

GET
H2 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 279 B
355 B 23ms
22ms XHR
application/json 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=FV0czWAOfe

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2877de033357f358353ccd8fcfb235dc80d3b29900f5d0a293435ffa64ebf8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 6483
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M48938sYDGY
wn: prod-dash-10-0-88-160
last-modified: Tue, 30 Jan 2024 19:09:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.006
cache-control: public, max-age=14400
cf-ray: 84dca0ffeb9b5c2c-FRA
expires: Wed, 31 Jan 2024 00:57:43 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A0DB 70 B
149 B 120ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:57:43 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame A0DB
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Zblix5UrVlisw5XUQZX1DQAA%263168&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Zblix5UrVlisw5XUQZX1DQAA%263168&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6575df5a796849bf8c5901430edfedd0
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

46ms
13ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 228679
expires: Tue, 30 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Tue, 30 Jan 2024 20:57:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A0DB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zblix5UrVlisw5XUQZX1DQAADGAAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zblix5UrVlisw5XUQZX1DQAADGAAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

109ms
109ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zblix5UrVlisw5XUQZX1DQAADGAAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Jan 2024 20:57:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J0HDK2J920RNVSCET3CC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Jan 2024 20:57:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PR3CRVJD00TFJAN81XX3
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Zblix5UrVlisw5XUQZX1DQAADGAAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame A0DB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Zblix5UrVlisw5XUQZX1DQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOG4f_DkkxdzuEPCXLowUkM&google_cver=1

43 B
731 B

39ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOG4f_DkkxdzuEPCXLowUkM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJS%2Bg3fbH5o%2BqXlTwsgNPfgLc6YXLawSWp67636XqdDvLT3L3l0lRIPmc4ct290bQQ1hvx0T7IMnGRxYufO60LjObI6ke0gPhcI2QMNpdo2QXJBqqpuHCgnLADe5zBOThUf%2F12sBDrgjRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dca1012a323801-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOG4f_DkkxdzuEPCXLowUkM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame A0DB
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722373063&external_user_id=54184038-1b58-4833-8721-8b6c559f336a

43 B
741 B

30ms
29ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722373063&external_user_id=54184038-1b58-4833-8721-8b6c559f336a
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rjzgvh4u3NndZ9FKx%2BMzohM30FWtTVlwMydC5JhHSXZHIsys9RhvvOzs7yJ97vTWDc40ec%2BI7%2B8T31t9s%2BDHTUydruEXnXsx2KKhHv3%2FQBetQLQZ%2BBl877dPN0Mupyom%2BbCRKeHv%2FEWEGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dca101eb0d3801-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Tue, 30 Jan 2024 20:57:43 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722373063&external_user_id=54184038-1b58-4833-8721-8b6c559f336a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame A0DB
Redirect Chain

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=Zblix5UrVlisw5XUQZX1DQAA%263168
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=db9aec36-2d0e-4091-855f-f9324ae08d5a

43 B
735 B

28ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=db9aec36-2d0e-4091-855f-f9324ae08d5a
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjoBZQT3CWSWkVgCB8p%2F0%2FyycyvsMvzAO9EhHG0jQEj5V5DR1OZJHt%2FQrpqFNNAkmAU84uiiSgdd6xyq0hrzuhI3XiLI10xAQt%2Fvgy9OIcyVxtOx8n2BfRSx3r8owxwOWjpZFXFn0yvKpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dca1013a453801-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=db9aec36-2d0e-4091-855f-f9324ae08d5a
Date: Tue, 30 Jan 2024 20:57:43 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A0DB
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=pzuYRqc8mUi8bc1H9DvXHaRqnki8O8kcqD44pTnX

43 B
767 B

40ms
40ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=pzuYRqc8mUi8bc1H9DvXHaRqnki8O8kcqD44pTnX
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJl44F1jVUhuzV0R57h6folAVDDGcpucUFa3X36OHFJEhuKaPuqYDPmZoRuM4amzv7fwp98OcTsDTUeILPRn84CJvAAkxMQnSAIdsEOAPPDnZDEi%2FQARmi6Ru16327TdRB74HNuTRYn%2BWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dca100e9c73801-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=pzuYRqc8mUi8bc1H9DvXHaRqnki8O8kcqD44pTnX
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A0DB
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2870017063413044696

43 B
734 B

26ms
26ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2870017063413044696
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odO1EDvRpuFEqs7bKd7z3Md0wy8Usqh91B6IHuvHHelcKRxtGgQMzskW34yO5zgjBuHiM%2FqaxNfTAyPW%2FLpm8YWwwPrzyV4%2F5pmpqdXbhWoG%2BE8sSpsZ6Kpn84j0oBlEMQLIySNLxc0oGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84dca10109f83801-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2870017063413044696
pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 /
sync.ex.co/v1/setuid/ix/ Frame A0DB 86 B
399 B 96ms
94ms Image
image/png 3.226.186.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ex.co/v1/setuid/ix/?gdpr=0&gdpr_consent=&uid=Zblix5UrVlisw5XUQZX1DQAA%263168
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fix%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.186.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-186-188.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
date: Tue, 30 Jan 2024 20:57:43 GMT
access-control-allow-credentials: true
content-length: 86
vary: Origin
content-type: image/png

POST
H2 204 events
e.channelexco.com/ 0
247 B 276ms
86ms Ping
text/plain 23.19.226.132
LEASEWEB-USA-NYC

General

Check archive.org

Show headers Download Go to

Full URL: https://e.channelexco.com/events
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/4.18.0-e715985/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.19.226.132 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:43 GMT
access-control-request-method: GET, POST
server: openresty
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 events Show response
collector.ex.co/main/ 17 B
155 B 378ms
184ms XHR
application/json 34.235.26.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.26.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-26-56.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 Jan 2024 20:57:44 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1101
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136_2&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east

281 B
554 B

66ms
8ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-7abf705/sync-2435d567.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.ex.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Jan 2024 20:57:44 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 30 Jan 2024 20:57:44 GMT
location: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1101 39 KB
11 KB 8ms
7ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1c20d9917401570e57b29c63fcec6ac1c7b8394777f16ddeff554000c9a94ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 20:57:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jan 2024 13:44:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60436
Connection: keep-alive
Content-Length: 10901
Expires: Wed, 31 Jan 2024 13:45:00 GMT

GET
H2

200

/
sync.ex.co/v1/setuid/openx/ Frame 98BA
Redirect Chain

https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fopenx%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D
https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fopenx%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D
https://sync.ex.co/v1/setuid/openx/?gdpr=0&gdpr_consent=&uid=9e77d90a-afed-4f5b-a87b-6c5ff4b20201

86 B
478 B

92ms
92ms

Image
image/png

3.226.186.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ex.co/v1/setuid/openx/?gdpr=0&gdpr_consent=&uid=9e77d90a-afed-4f5b-a87b-6c5ff4b20201
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Server: 3.226.186.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-186-188.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ex.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
date: Tue, 30 Jan 2024 20:57:44 GMT
access-control-allow-credentials: true
content-length: 86
vary: Origin
content-type: image/png

Redirect headers

date: Tue, 30 Jan 2024 20:57:44 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync.ex.co/v1/setuid/openx/?gdpr=0&gdpr_consent=&uid=9e77d90a-afed-4f5b-a87b-6c5ff4b20201
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

/
sync.ex.co/v1/setuid/unruly/ Frame 98BA
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Funruly%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Funruly%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1706648264992
https://ad.turn.com/r/cs?pid=45&rndcb=3170179502
https://sync.1rx.io/usersync/turn/2870017063413044696?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Funruly%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3DRX-fd8e2d5f-b6...
https://sync.ex.co/v1/setuid/unruly/?gdpr=0&gdpr_consent=&uid=RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003

86 B
564 B

95ms
94ms

Image
image/png

3.226.186.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ex.co/v1/setuid/unruly/?gdpr=0&gdpr_consent=&uid=RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf
Protocol: H2
Server: 3.226.186.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-186-188.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ex.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
date: Tue, 30 Jan 2024 20:57:45 GMT
access-control-allow-credentials: true
content-length: 86
vary: Origin
content-type: image/png

Redirect headers

location: https://sync.ex.co/v1/setuid/unruly/?gdpr=0&gdpr_consent=&uid=RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003
date: Tue, 30 Jan 2024 20:57:45 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfd8e2d5fb6ed4a68832c09e12b0b91b6003
content-type: text/html

POST
H2 200 events Show response
collector-1.ex.co/main/ 17 B
154 B 93ms
92ms XHR
application/json 52.207.36.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-1.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.36.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-36-169.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 Jan 2024 20:57:45 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1101 7 B
380 B 62ms
10ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H2 204 services Show response
g2.gumgum.com/publishers/13011/ 0
250 B 113ms
32ms XHR
text/plain 52.210.29.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/publishers/13011/services?dp=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&pu=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ogu=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&rf=&r=3.88.17&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A16%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.17%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10035&bf=fb6e9ea5eb6cc625c716684c53022cb07208be51&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1706648265423&to=-60&vpii=false&vph=1200&vpw=1600&productIds=1&gdprApplies=1
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://chicago.suntimes.com
date: Tue, 30 Jan 2024 20:57:45 GMT
access-control-allow-credentials: true
server: nginx
timing-allow-origin: *
etag: "0d41d8cd98f00b204e9800998ecf8427e"

GET
H2

200

setuid Show response
sync.ex.co/v1/ Frame 4DF0
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3684&gdpr=0&gdpr_consent=
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=986fa6c3be8892d2e51a67587109dc3

86 B
642 B

106ms
106ms

Document
image/png

3.226.186.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=986fa6c3be8892d2e51a67587109dc3
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-7abf705/sync-2435d567.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.186.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-186-188.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer: https://cdn.ex.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin
content-length: 86
content-type: image/png
date: Tue, 30 Jan 2024 20:57:45 GMT
vary: Origin

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Tue, 30 Jan 2024 20:57:45 GMT
Location: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=986fa6c3be8892d2e51a67587109dc3
Pragma: no-cache
Server: nginx
x-sticky-vk: 1706648265534008-594

GET
H2

200

/
sync.ex.co/v1/setuid/appnexus/ Frame 98BA
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fappnexus%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.ex.co%252Fv1%252Fsetuid%252Fappnexus%252F%253Fgdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://sync.ex.co/v1/setuid/appnexus/?gdpr=0&gdpr_consent=&uid=4489389140557941881

86 B
711 B

93ms
93ms

Image
image/png

3.226.186.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ex.co/v1/setuid/appnexus/?gdpr=0&gdpr_consent=&uid=4489389140557941881
Protocol: H2
Server: 3.226.186.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-186-188.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ex.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
date: Tue, 30 Jan 2024 20:57:45 GMT
access-control-allow-credentials: true
content-length: 86
vary: Origin
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:45 GMT
an-x-request-uuid: 5f9ba43b-322a-41c0-b803-8bff45bb724d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.ex.co/v1/setuid/appnexus/?gdpr=0&gdpr_consent=&uid=4489389140557941881
x-proxy-origin: 81.95.5.41; 81.95.5.41; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 19:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4176
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jan 2024 21:48:09 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=137332564&t=event&ni=1&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ul=en-us&de=UTF-8&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OF5U1AUZBBWJ____templateId_OT72VX7DINGU____templateVariantId_OTVQR05T2X1NL____aid_FV0czWAOfe&el=Show%20offer%20offerId%3AOF5U1AUZBBWJ%20templateId%3AOT72VX7DINGU%20templateVariantId%3AOTVQR05T2X1NL%20aid%3AFV0czWAOfe&_u=aPDAAEABAAAAACAAI~&jid=1601720677&gjid=1029178469&cid=1242362127.1706648262&tid=UA-52083976-1&_gid=1746434843.1706648262&_r=1&z=1634413787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=137332564&t=event&ni=0&_s=2&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ul=en-us&de=UTF-8&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=checkoutStateChange&el=Checkout%20state%20change&_u=aPDAAEABAAAAACAAI~&jid=&gjid=&cid=1242362127.1706648262&tid=UA-52083976-1&_gid=1746434843.1706648262&z=210330915

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 18:53:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7478
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=137332564&t=event&ni=1&_s=3&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ul=en-us&de=UTF-8&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=aPDAAEABAAAAACAAI~&jid=&gjid=&cid=1242362127.1706648262&tid=UA-52083976-1&_gid=1746434843.1706648262&z=326734551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 18:53:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7478
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=137332564&t=event&ni=1&_s=4&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ul=en-us&de=UTF-8&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showTemplate&el=Show%20template&_u=aPDAAEABAAAAACAAI~&jid=&gjid=&cid=1242362127.1706648262&tid=UA-52083976-1&_gid=1746434843.1706648262&z=541928343

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 18:53:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7478
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=137332564&t=event&ni=1&_s=5&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ul=en-us&de=UTF-8&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meterActive&el=Meter%20active&_u=aPDAAEABAAAAACAAI~&jid=&gjid=&cid=1242362127.1706648262&tid=UA-52083976-1&_gid=1746434843.1706648262&z=414053055

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 18:53:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7478
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=137332564&t=event&ni=1&_s=6&dl=https%3A%2F%2Fchicago.suntimes.com%2Fwhite-sox%2F2024%2F1%2F17%2F24042048%2Fwhite-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf&ul=en-us&de=UTF-8&dt=White%20Sox%20in%20%E2%80%98serious%E2%80%99%20talks%20to%20build%20new%20South%20Loop%20stadium%20at%20The%2078%20site%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meterActive&el=Meter%20active&_u=aPDAAEABAAAAACAAI~&jid=&gjid=&cid=1242362127.1706648262&tid=UA-52083976-1&_gid=1746434843.1706648262&z=883166966

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 18:53:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7478
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame E7EB 52 KB
21 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 19:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4176
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jan 2024 21:48:09 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
18ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-52083976-1&cid=1242362127.1706648262&jid=1601720677&gjid=1029178469&_gid=1746434843.1706648262&_u=aPDAAEABAAAAACAAI~&z=735090324

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 Jan 2024 20:57:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52083976-1&cid=1242362127.1706648262&jid=1601720677&_u=aPDAAEABAAAAACAAI~&z=1594097554

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52083976-1&cid=1242362127.1706648262&jid=1601720677&_u=aPDAAEABAAAAACAAI~&z=1594097554

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dmp
vop.sundaysky.com/sync/ Frame 98BA 43 B
365 B 324ms
94ms Image
image/gif 3.225.71.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%2Fsundaysky%2F%3Fgdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7Bssky_uuid%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.71.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-71-4.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ex.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:46 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
content-length: 43
expires: Sat, 1 Apr 2000 00:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 74ms
13ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chicago.suntimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Tue, 30 Jan 2024 20:57:46 GMT

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame 3E58 136 B
422 B 35ms
8ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://chicago.suntimes.com
date: Tue, 30 Jan 2024 20:57:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 3E58 0
256 B 42ms
17ms Fetch 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13963
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 30 Jan 2024 20:57:46 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 3E58 43 B
319 B 96ms
29ms Fetch
application/json 63.32.187.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.187.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-187-129.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache
x-server: 10.45.2.81
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 3E58 63 B
424 B 35ms
35ms Fetch
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: c453dfc412877e8cd3fc65c979f3bfe364a1163e08d0c036d325bf5a6c21e31d

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 30 Jan 2024 20:57:46 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://chicago.suntimes.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 29 Feb 2024 20:57:46 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 3E58 0
149 B 78ms
26ms Fetch 3.77.188.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.77.188.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-188-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://chicago.suntimes.com
date: Tue, 30 Jan 2024 20:57:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 3E58 36 B
391 B 188ms
180ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=373652
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658df49f17245b8c2df60ceaca218d13b9b77d717ad3676dae612fda27f08d9f

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ2ldVQDgjFxaIKxf5hG60gaF9dRxKj51btvrNpgBlOu1r7tPhOG55u470WiwhlARJfLsO4MCoF5sNr1X8Ovc1ZA4fras%2F3aUrroStrsgQQAGGU%2FYfMwO%2BIeL2Pmk8czq64iYMea"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84dca1102aaebb79-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST auction
rtb.ex.co/openrtb2/ Frame 3E58 0
0

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 3E58 11 B
210 B 45ms
17ms Fetch
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://chicago.suntimes.com
pragma: no-cache
date: Tue, 30 Jan 2024 20:57:46 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11
content-type: application/json

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 3E58 173 B
471 B 78ms
10ms Fetch
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 9547985cf9806faee2bf58bf9080534a208e87b299f42a532b6a3803e17fa52b

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.8.0
Content-Type: application/json
access-control-allow-origin: https://chicago.suntimes.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
Expires: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame 3E58 53 B
252 B 38ms
16ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4907800501327253628421c39c3834fdee87e1019bc55cc8b04b059d77e2f579

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 30 Jan 2024 20:57:46 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 3E58 145 B
1 KB 146ms
145ms Fetch
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

6edbe0005fc665e9d1a1cdd1ee1c4701188de0e5fca8a8ed0cc8e68fdb0377a7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:46 GMT
an-x-request-uuid: 487ba617-6b64-4a60-a394-f5d7f2c2a6f3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.41; 81.95.5.41; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 3E58 718 B
844 B 109ms
86ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUB64530
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: f7ea2fa1b9485163e2020d4105445ea94e3ac6c15e7439649e466809e3f93bf5

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:45 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 69
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jan 2024 20:57:46 GMT

POST
H2 204 pb Show response
ad.360yield.com/ Frame 3E58 0
105 B 129ms
28ms Fetch 54.216.230.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.216.230.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-230-55.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://chicago.suntimes.com
date: Tue, 30 Jan 2024 20:57:46 GMT
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 3E58 33 B
280 B 39ms
13ms Fetch
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

c058eb9d2e1d2e9ef274ea5eb50b5a3a67d9eff59aba30292227b068f8679977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://chicago.suntimes.com
date: Tue, 30 Jan 2024 20:57:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 1235.json Show response
id5-sync.com/g/v2/ Frame 3E58 251 B
537 B 27ms
10ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1235.json

Requested by

Host: cdn.ex.co
URL: https://cdn.ex.co/player/pb/2.6.0/expb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e93ab66a62b357603c99d4222359283221aba6cce999b7bbc00d460f76c6c4e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://chicago.suntimes.com
date: Tue, 30 Jan 2024 20:57:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 204 events
e.channelexco.com/ 0
246 B 87ms
86ms Ping
text/plain 23.19.226.132
LEASEWEB-USA-NYC

General

Check archive.org

Show headers Download Go to

Full URL: https://e.channelexco.com/events
Requested by: Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/4.18.0-e715985/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.19.226.132 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chicago.suntimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 20:57:47 GMT
access-control-request-method: GET, POST
server: openresty
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,7000&display=swap

Domain: insiderdata360online.com
URL: https://insiderdata360online.com/service/platform.js?ran=0.1222860721306267

Domain: rtb.ex.co
URL: https://rtb.ex.co/openrtb2/auction

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
chicago.suntimes.com/white-sox/2024/1/17/24042048	1970-01-20 18:47:20	Name: exco-uid Value: r0rk3rqry1vnttcp
i.liadm.com/s	1970-01-20 18:47:20	Name: _li_ss Value: CggKBgjdARCMFw
t.e2ma.net/	1970-01-20 18:14:13	Name: AWSALB Value: Gp2mlN2RhcH5TdI4N5w91aC4x6BfYyEHnfW6Bk31AUxJBnN0wz8IaaLgAAbSQkbsB07OlHg7DW9xxLaAV8NiKXcKdV7Aq6Wl5J0Y/G2qQRefpl/kqIEBedPgGPI5
t.e2ma.net/	1970-01-20 18:14:13	Name: AWSALBCORS Value: Gp2mlN2RhcH5TdI4N5w91aC4x6BfYyEHnfW6Bk31AUxJBnN0wz8IaaLgAAbSQkbsB07OlHg7DW9xxLaAV8NiKXcKdV7Aq6Wl5J0Y/G2qQRefpl/kqIEBedPgGPI5
.suntimes.com/	1970-01-20 18:05:34	Name: _gid Value: GA1.2.1746434843.1706648262
.suntimes.com/	1970-01-20 18:04:08	Name: _gat_UA-52083976-6 Value: 1
.suntimes.com/	1970-01-20 18:04:08	Name: _gat_UA-52083976-1 Value: 1
.suntimes.com/	1970-01-21 03:40:08	Name: _ga_K0F0MB46T8 Value: GS1.1.1706648261.1.0.1706648261.0.0.0
.suntimes.com/	1970-01-20 18:04:10	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf%22%2C%22sref%22:%22%22%2C%22sts%22:1706648261744%2C%22slts%22:0}
.suntimes.com/	1970-01-21 03:33:32	Name: _parsely_visitor Value: {%22id%22:%22pid=8f12831c-3805-4633-a6c1-b5467f7a8d64%22%2C%22session_count%22:1%2C%22last_session_ts%22:1706648261744}
.suntimes.com/	1970-01-21 03:32:56	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWADgDYAnAHZ%2BvAKzcATN3GDBUgAziQAXyA
.suntimes.com/	1970-01-21 03:32:56	Name: _pcid Value: %7B%22browserId%22%3A%22ls0ub6oed2bb6o5i%22%7D
.piano.io/	1970-01-20 18:04:10	Name: __cf_bm Value: BxB_5WLDeR2zT_FmJ57rnwJOMsksx4YA3lmLAeV8.EE-1706648261-1-ATEC76Xd4X1qBwQy0MjGOdk9vfwLS8Fj2/i1l6uZZcV1o2g/Ny7e5UjR1S5c9J884cPeGgf6ilniGzWr2u4tHTA=
.suntimes.com/	1970-01-20 20:13:44	Name: _fbp Value: fb.1.1706648261943.754073887
chicago.suntimes.com/	1970-01-20 18:04:08	Name: __adblocker Value: false
id.tinypass.com/	1970-01-20 18:04:08	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB77628786269A6E9585604D4C091689653A4A7922E042281E1EC24F7410C1968DA642AC66B88678304FC6BD3D98617FE919E029162
.suntimes.com/	1970-01-20 18:47:20	Name: __pid Value: .suntimes.com
chicago.suntimes.com/	1970-01-20 20:13:40	Name: __pnahc Value: 0
chicago.suntimes.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1706648262582%2C%22visitNumber%22%3A1%7D
chicago.suntimes.com/	1970-01-21 02:51:10	Name: pnespsdk_visitor Value: yeiboa2u2wofymi2
.suntimes.com/	1970-01-21 03:40:08	Name: __tbc Value: %7Bkpex%7DhzYC4gnxciSSfwR3AmLqy4yEf96Gb59V93P8ib66k2371YBOT7koSfca57k77FAY
.suntimes.com/	1970-01-20 18:47:20	Name: __pat Value: -21600000
.suntimes.com/	1970-01-20 18:05:34	Name: __pvi Value: eyJpZCI6InYtbHMwdWI2b3FlNWdubGh2ZCIsImRvbWFpbiI6Ii5zdW50aW1lcy5jb20iLCJ0aW1lIjoxNzA2NjQ4MjYyNjkxfQ%3D%3D
.suntimes.com/	1970-01-21 03:40:08	Name: xbc Value: %7Bkpex%7DLTKu0XIoXbjb9vpEzf9KGK9_2u3DRbInYnBsM-HeE76-yAJknK3WG0kVTJDleGCpU0HbcG0hI0PJKtoxB5vF-0ma_lxjvMGF0FEbWCJFZq43pneMamNRla2nnZEBPN_cnpcu17ySkWDqMMJ-Tr5JIgOe6KyjBNo1jV3D4ULTlV3vVZKoEBVMfql5h7OpuWIGTMezDDXQwvYPkKG9ux_JnBHrdNmNuH_6lzSA2phcX3E5k6VALO8x1FS79Y71jhp5h_MNafKbwtm4JuZIkU-WImqF9TMomn8cNDaacBH19ZOwMuuVdD23l6z_w4P22AfS_wyJ6dv7OHcAj2SbGRJDWZ6Z4BhVZtXxPKBB2cD-oZTbM-H9gJkutIb0faFC5rCz5I8M30JC07UsQKMkJo6gfQxU9xGZRs2uM9eSah2ixoZ1XGMYjOTu9i58zKLEDSt77LFxpuD-ZUDO009ELsE7zU67RiGizvGd_8DHep0Sabz1yBAgLy2MSuTbG3f8dNrH
.suntimes.com/	1970-01-21 03:32:56	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOnsiQ09NUE9TRVIxWCI6eyJzZWdtZW50cyI6WyJMVGM6OWEzN2RlMjk5MWFjNGQ5ZjQ5OGMxN2VmYTg4OTkxY2I4YjBkZTBmYzpub19zY29yZSIsIkxUczpmZjczYzkyY2M1ZjVkZDA1OWZkNGE3ZTY2MDk1YjQ0NWM4Yzc2OGEzOm5vX3Njb3JlIiwiTFRyZXR1cm46MmY2OGU5NDFlYWM3Mzg1MjRiY2FlNWEwMTIyNGM3YzQxYjA2YWNiMDpub19zY29yZSJdfX19
.suntimes.com/	1970-01-21 03:32:56	Name: cX_P Value: ls0ub6oed2bb6o5i
.cxense.com/	1970-01-21 02:49:44	Name: gckp Value: 14mi3ctvo1yj92llysc8zejtg1
.suntimes.com/	1970-01-21 03:32:56	Name: cX_G Value: cx%3A2am8q4qzltwq9skhh9o4izoom%3A2xfabxk954uzk
.ex.co/	1970-01-20 18:14:13	Name: exco-uid Value: 2e3433362e363631
.tinypass.com/	1970-01-20 18:04:11	Name: ch_sid Value: s7TCXzvpi7oUk20
.suntimes.com/	1970-01-20 18:47:20	Name: __pil Value: en_US
.casalemedia.com/	1970-01-21 02:49:44	Name: CMID Value: Zblix5UrVlisw5XUQZX1DQAA
.casalemedia.com/	1970-01-20 20:13:44	Name: CMPS Value: 3168
.casalemedia.com/	1970-01-20 20:13:44	Name: CMPRO Value: 3168
.tinypass.com/	1970-01-20 18:47:20	Name: LANG Value: en_US
.tinypass.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 06A68609E2AB4195F1FF567C1410782D
.quantserve.com/	1970-01-20 20:13:44	Name: d Value: EFMBDQGDK7jvsQA
.quantserve.com/	1970-01-21 03:34:22	Name: mc Value: 65b962c7-c78e5-b5dd7-53c90
.turn.com/	1970-01-20 22:23:20	Name: uid Value: 2870017063413044696
.doubleclick.net/	1970-01-21 03:25:44	Name: IDE Value: AHWqTUm1GEjR5G6NL8pMUhRSziEyAyxHwBb0Y_nW7I1a5TWKBZqMXq99M_4OP5OPoFk
.adsby.bidtheatre.com/	1970-01-20 18:14:13	Name: __kuid Value: db9aec36-2d0e-4091-855f-f9324ae08d5a.475862263
.company-target.com/	1970-01-21 03:40:08	Name: tuuid Value: 54184038-1b58-4833-8721-8b6c559f336a
.company-target.com/	1970-01-21 03:40:08	Name: tuuid_lu Value: 1706648263\|ix:0
.liadm.com/	1970-01-21 03:40:08	Name: lidid Value: 6575df5a-7968-49bf-8c59-01430edfedd0
.amazon-adsystem.com/	1970-01-20 23:56:56	Name: ad-id Value: A0-Un0XV30GIjDN5vulCDgg
.amazon-adsystem.com/	1970-01-21 03:40:08	Name: ad-privacy Value: 0
.openx.net/	1970-01-21 02:49:44	Name: i Value: 0d7d3922-6950-4908-8169-625d78a4726b\|1706648264
.1rx.io/	1970-01-21 02:49:44	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003%22%7D
.targeting.unrulymedia.com/	1970-01-21 02:49:44	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003%22%7D
.gumgum.com/	1970-01-21 02:49:44	Name: cs Value: true
.ads.stickyadstv.com/	1970-01-20 18:47:20	Name: UID Value: 986fa6c3be8892d2e51a67587109dc3
.adnxs.com/	1970-01-20 20:13:44	Name: XANDR_PANID Value: 3LCKrR-I98pW2yhYDls7NJz0HaYy3j8arO6wnEC0-6XE8B-JGCgO4SC8aRf7_RfXw2NyreCTlm6bY3qIl0XAqv34uGmfNtNeyfMtue3ogWk.
.adnxs.com/	1970-01-21 03:40:08	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:13:44	Name: uuid2 Value: 4489389140557941881
.suntimes.com/	1970-01-21 03:40:08	Name: _ga Value: GA1.2.1242362127.1706648262
.suntimes.com/	1970-01-20 18:04:08	Name: _gat_pianoTracker Value: 1
.ex.co/	1970-01-20 18:47:20	Name: exco-uids Value: {"appnexus":{"UID":"4489389140557941881","Expire":"2024-02-06T20:57:45.75976435Z"},"freewheel":{"UID":"986fa6c3be8892d2e51a67587109dc3","Expire":"2024-02-06T20:57:45.617709943Z"},"ix":{"UID":"Zblix5UrVlisw5XUQZX1DQAA\u00263168","Expire":"2024-02-06T20:57:43.801415424Z"},"openx":{"UID":"9e77d90a-afed-4f5b-a87b-6c5ff4b20201","Expire":"2024-02-06T20:57:44.905333805Z"},"unruly":{"UID":"RX-fd8e2d5f-b6ed-4a68-832c-09e12b0b91b6-003","Expire":"2024-02-06T20:57:45.396216483Z"}}
chicago.suntimes.com/	1970-01-20 18:04:11	Name: _lr_retry_request Value: true
chicago.suntimes.com/	1970-01-20 18:47:20	Name: _lr_env_src_ats Value: false
chicago.suntimes.com/	1970-01-20 19:30:32	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-30T20%3A57%3A46%22%7D
chicago.suntimes.com/	1970-01-20 19:30:32	Name: pbjs-unifiedid_cst Value: zix7LPQsHA%3D%3D
.adnxs.com/	1970-01-20 20:13:44	Name: icu Value: ChgI5-J4EAoYASABKAEwysXlrQY4AUABSAEQysXlrQYYAA..

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://chicago.suntimes.com/white-sox/2024/1/17/24042048/white-sox-new-stadium-78-site-south-loop-related-midwest-reinsdorf Message: Access to CSS stylesheet at 'https://fonts.googleapis.com/css?family=benton-sans:300,400,700\|benton-sans-compressed:300,400,7000&display=swap' from origin 'https://chicago.suntimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fonts.googleapis.com/css?family=benton-sans:300,400,700\|benton-sans-compressed:300,400,7000&display=swap Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://chicago.suntimes.com/_track Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://connect.facebook.net/signals/config/1401480206566122?v=2.9.143&r=stable&domain=chicago.suntimes.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://insiderdata360online.com/service/platform.js?ran=0.1222860721306267 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13963 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ams-pageview-public.s3.amazonaws.com
ap.lijit.com
api-esp.piano.io
api.aamapiv2.com
api.rlcdn.com
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cdn.cxense.com
cdn.ex.co
cdn.id5-sync.com
cdn.parsely.com
cdn.tinypass.com
cdnjs.cloudflare.com
chicago.suntimes.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
collector-1.ex.co
collector.ex.co
comcluster.cxense.com
config.aps.amazon-adsystem.com
connect.facebook.net
cst.brightspotcdn.com
dis.criteo.com
dsum-sec.casalemedia.com
e.channelexco.com
eus.rubiconproject.com
experience.tinypass.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
gpv.ex.co
graphics.suntimes.com
htlb.casalemedia.com
htlbid.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.cxense.com
id.tinypass.com
id5-sync.com
image6.pubmatic.com
insiderdata360online.com
js.gumgum.com
lb.eu-1-id5-sync.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
mcd-playlist.ex.co
mcd.ex.co
mcdp-nydc1.outbrain.com
mv.outbrain.com
p.channelexco.com
p.typekit.net
p1.parsely.com
p1cluster.cxense.com
player.ex.co
prebid-server.rubiconproject.com
prebid.media.net
region1.google-analytics.com
rock.defybrick.com
rtb.ex.co
rtb.openx.net
s-05.channelexco.com
s.amazon-adsystem.com
s.company-target.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.ex.co
sync.targeting.unrulymedia.com
t.e2ma.net
targeting.unrulymedia.com
tcheck.outbrainimg.com
token.rubiconproject.com
u.openx.net
use.typekit.net
vop.sundaysky.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
fonts.googleapis.com
insiderdata360online.com
rtb.ex.co
104.122.39.115
104.18.36.155
107.22.55.106
13.32.121.86
13.32.27.39
141.95.33.120
141.95.98.65
146.75.118.132
151.101.130.132
167.235.124.59
178.250.1.9
18.238.243.129
18.239.70.203
18.244.28.129
18.66.122.108
185.64.190.78
188.166.17.21
2.18.161.178
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
207.244.71.144
216.58.212.130
23.19.226.132
23.35.229.251
23.35.237.86
23.43.60.191
23.53.42.114
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:266e:dc00:1a:ba5c:3900:93a1
2606:4700:10::6816:3556
2606:4700::6811:190e
2606:4700::6811:c276
2606:4700::6812:a07e
2606:4700::6812:dff8
2606:4700:e2::ac40:8f06
2607:ae80:4::25
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9b
2a02:26f0:3500:16::215:149b
2a02:26f0:480:387::268b
2a02:26f0:480:f::213:7ed3
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::649
2a06:98c1:3121::3
3.222.95.234
3.225.71.4
3.226.186.188
3.33.220.150
3.77.188.218
34.120.133.55
34.120.63.153
34.235.26.56
34.96.71.22
35.186.253.211
35.244.159.8
37.252.171.85
44.216.121.120
46.228.174.115
46.228.174.117
52.207.36.169
52.210.29.170
52.217.102.196
52.222.169.108
52.222.200.60
52.222.209.4
52.46.143.56
52.48.163.18
54.216.230.55
63.32.187.129
63.34.81.234
64.202.112.31
69.173.144.137
69.173.144.165
89.149.192.76
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0cf34085c33dffd0843b2b5b9e75bec69bb6fe1f5c4715097a24ce318019078f
0f5e844cbc6a7b466126345c2b7547766cd38e9e92b7cf027f7f89bb8b634e13
115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3
12741d04232c52999413e59f0c0d3bb1a62f3118dc036f7ae1e72d881acc0c74
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
16b68b35d7a7958fdfc7cfae0c8d6eaf4fdeea76cb8f389899486c0cd9c160df
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c20d9917401570e57b29c63fcec6ac1c7b8394777f16ddeff554000c9a94ebb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e0aa5339a3285b2d6414755ca5637fcc785edfafa9d51c29c48667a0cb825e9
21181537c7307e1b607bf2c76ec6b34a243d10df34955627082f729c6e24f97c
21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26992f8f1907d15864bf8f9977fc19304735d1c0f0ffa1f820b918fdf81f5056
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26a6913b44459539eef3e57f0806fb078e6faa76ae2c289f479c31d8d35e58dc
2877de033357f358353ccd8fcfb235dc80d3b29900f5d0a293435ffa64ebf8fe
2c8c95f475d5dec0bdc14b70bf400311e6daebb6727d90a75963e324de116f05
307aa0b606f243c448f5ea5e31db39f55f7f50e160be16b0cd89ee14848f4259
30aa768161469e84aef745d915df39a6c5e215387546c73d5707b353ae740738
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
341365f404f5657516ee66ba318b5f61ac14ecf7920502e04adff6fb813085a5
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
35ad9a52f8696356f89ec6cfa987ab2fe0e920745bbf77f10fe24c54bd72fa1d
36fea5fc240e3d149125a6e7fc15997874568fd0ed85a56faa95e2dcbbfac1ae
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c6c4e5e8c06ab3cd0657facc8048c9d502ed817422eeb52a1ba45a3b6ffc2e1
3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
426e68ed10acbe146be46d72ba08af6566ace670b23781f9047b37c8472b136e
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
437f4bddeb87450be7fb5c6929d840216361a3b7ca98d1df263ad18fa3e72e07
43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee
45c30844eec1accd74992758427c1d49aa0479b284de22199cb6d4e92c4d192d
470d99b51f975bce3c768657e2248ce8406499901a70d6334060d45fcf1d1120
4837f6e89f16425ee5c0823bd8c1f5695199df5b077e2c8e45c804edd80d25a4
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4907800501327253628421c39c3834fdee87e1019bc55cc8b04b059d77e2f579
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e337343893c619cdcd204af70347c93078b7226bfc80123ce646e54a76ab1c1
503a9b0ef52a4f63142a6707e26cbd6655b1b9d93b2b9e52c07759b316559486
56236d90727622361d914b19e8dd0a712e4b1a8a547b7db598212e4cbc87dcdb
5795275e05ed8b48374fce0cca26e7696aa9f1cf8a4979277c965353cebfa3a3
59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097
5ae4511cca9105f1d4a785b54345acc66ba7a06dd9352fa9b5b280475cb05d63
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
610285af420067cd91f0d39c1dabfa6563f9fe73242fadcb7e8d3801e88c3943
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64c466f9688d10018d1f1b08285b60e5e4675b7475a409a0ec296b4a979bc694
653b367c322558cb2e60712a158f56c2929b62408a35ad4dfec09359c25b34b0
658df49f17245b8c2df60ceaca218d13b9b77d717ad3676dae612fda27f08d9f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ac8c58889f19992f6fdcaa6d365739c906cba09a763d79fd00736226df81b76
6edbe0005fc665e9d1a1cdd1ee1c4701188de0e5fca8a8ed0cc8e68fdb0377a7
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
7342ed716f2f206e9e6120b11c2786bb29ea550972ccbce5eeec1e215708beca
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7774120f01feade76bd269ca62f839c5fa4c45a5edfe81317e8d3164a8e32c37
77bfded545f2b84f8820d9c78577de079af251d8630b4cf1ab6d605fe3d0a349
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8572450f390cda56ec83f6a4094901b012c4f3b3ebbe5ddcade91db1a5f96ffe
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b896024be40aa138f6f4c4ea5e829cb1560d76b657391bf0c969160b8544839
8bf2c5d28ba5403debe4799fb6519d1541ce1f17e900acf33557b56f766f2a8a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
92ed82b092d14e3ed65b5ee14cb854e3c7576da39396d56a694ea558fb43cb3e
9547985cf9806faee2bf58bf9080534a208e87b299f42a532b6a3803e17fa52b
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9d7805992cf7b7a6eb820f848e9eed600cb66123bcf4a71bb94f6851ebc1eb86
9ee489afd81a5de5ad721bc6168ee2bf23a18c6237fc2ba3a01f79f323efa25c
a188b735870120e23dd6624cc1f6ff2bddee1be60b8380be614526c4a8cfd0ab
a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6
a36f94be22794b858d703836d2ef8a07a4caf4248c83d59fb98f8716d6a6aa36
a6f30697cdb6e71524b0066806c2370123ce0339471550e0169c0feb101e11f5
a89881560c77b1a6e5260763c747e15708565f025ab634ea3909f23c2b83c82e
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a98ad5c62e1a42216f7e840e4462a300e4d69237461b034547e1762d1d4c5b28
aca479577283f03da4a646219ff6ac13935fc09036a5ef69329c28820999a32d
ae32279f508038263e489e0752c3a63353994eeba14d35f447fd90f11576544f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdfa31c33e2f210499ff619c542c741c7d2c376d474b7b9ac7a98968ec757bd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f
b0cfaf7a12c15787db6e75409b349e04dec4524a79bab1b7c8cb99e99c63af55
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373
b92ef4f048d64d9aaaf24630d137becf6b96d9614b424985fec8960a9bf8a1c5
ba68e72c0a4e8e97c5e930cfa2c410eb1415ba43f241571b3a0d073076bdff8c
bc03bcfed436e9ac36f792dc6dc3912d557e698cacfebdd8e73e9136a88a17ca
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c058eb9d2e1d2e9ef274ea5eb50b5a3a67d9eff59aba30292227b068f8679977
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c453dfc412877e8cd3fc65c979f3bfe364a1163e08d0c036d325bf5a6c21e31d
c5ea00db9b77d1a861264801f9fb3629c91868356b6f186f90a8f78ee224ba0c
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c9dda8173336de699b15cbede5dac58d64548b6978db9f1e519bf039b8d33421
cbc0f850edd3b87092bf3fe03e5b203000eb7175001e2ce3d98823556c7bbba1
cbf4c9a985d23c0d59289a0307ff3386b8c858ba8088fdc8f0f097277c49309c
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
cec8aacd0332a870d8bb973a32815e640c76ad05cd17fe3ea40cbf8147575029
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00eac1d4c5f759c9018377e85bb770701aa2dc25ff6e36725ba941d2a0b2ecb
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d8dafdf9ef6affe7075b6fad200e065100934a702c198812b41a48d1570e34e4
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de84a8816ca70d5526b39397da26d7e1327f1cf0358074112fb4887d03ee455f
e2af68ff4b461dd37e70fb35c0a26ee113e2b0ed63ae6fe98eb18de7f05b7c63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e6a894b80a9326ad0b3f754eac4b673e6bfa775f63ef0804bbd437395da70639
e74e8880555a234a4f100207fba9375dc20427df6df3951d39fd7b2ae03ec6f5
e93ab66a62b357603c99d4222359283221aba6cce999b7bbc00d460f76c6c4e7
ec4b9eafb0647fb378c36a118ee0265ca915d9186968c6221e7d515e6b513515
ec75a28b1ec3bff55f7ccb1e4bf47236a608db37d38df19af485c0414d44e3b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b2aa044e220b8f9ec02d387f0a408309d8563232656a8700338f293598e1e0
f29a4cfbcb50ac59b8828d582738ead69bf63e1db01a1cd933b52faced474847
f630dce7b87aedfe9f7bc53c136216caa0deba239d43d7da707d76e84b661475
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
f7ea2fa1b9485163e2020d4105445ea94e3ac6c15e7439649e466809e3f93bf5
f90a499ca4d771d60c26b6babedff7b162f5bad81df8a44379617ddc9ceea89c
fa90860f247da62513a253d80866d976693bd17d5beeaa509f3f2c44b7bcca57
ff08f431f3adb05e5103505cad423797d3e1ef7b7e92b732e88d177c874b2157

chicago.suntimes.com Open in urlscan Pro 13.32.121.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

94 %HTTPS

35 %IPv6

57 Domains

101 Subdomains

75 IPs

8 Countries

3240 kBTransfer

10131 kBSize

62 Cookies

29 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chicago.suntimes.com Open in urlscan Pro
13.32.121.86 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

94 %
HTTPS

35 %
IPv6

57
Domains

101
Subdomains

75
IPs

8
Countries

3240 kB
Transfer

10131 kB
Size

62
Cookies

206 HTTP transactions
5 data transactions