urlscan.io logo urlscan.io
SecurityTrails logo

www.chicagotribune.com Open in urlscan Pro
92.122.153.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://iplacead.com/i.php?c49kljf
Effective URL: https://www.chicagotribune.com/ko/oqejw.html
Submission: On September 12 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 92.122.153.27, located in London, United Kingdom and belongs to AKAMAI-ASN1, NL. The main domain is www.chicagotribune.com.
TLS certificate: Issued by R3 on August 9th 2021. Valid for: 3 months.
This is the only time www.chicagotribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.99.2.253 14061 (DIGITALOC...)
1 1 54.218.214.241 16509 (AMAZON-02)
2 92.122.153.27 20940 (AKAMAI-ASN1)
5 2
Apex Domain
Subdomains		 Transfer
3 chicagotribune.com
chicagotribune.com
www.chicagotribune.com
50 KB
1 iplacead.com
iplacead.com
254 B
0 trbas.com Failed
www.trbas.com Failed
0 googletagservices.com Failed
www.googletagservices.com Failed
5 4
Domain Requested by
2 www.chicagotribune.com www.chicagotribune.com
1 chicagotribune.com 1 redirects
1 iplacead.com 1 redirects
0 www.trbas.com Failed www.chicagotribune.com
0 www.googletagservices.com Failed www.chicagotribune.com
5 5

This site contains links to these domains. Also see Links.

Domain
archives.chicagotribune.com
fun.chicagotribune.com
Subject Issuer Validity Valid
star2.arcpublishing.com
R3		 2021-08-09 -
2021-11-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.chicagotribune.com/ko/oqejw.html
Frame ID: C34BCA2638007EFE3D19D231A77A5FBC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page Not Found - Chicago Tribune

Page URL History Show full URLs

  1. https://iplacead.com/i.php?c49kljf HTTP 301
    https://chicagotribune.com/ko/oqejw.html HTTP 301
    https://www.chicagotribune.com/ko/oqejw.html Page URL

Page Statistics

5
Requests

40 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

2
IPs

2
Countries

49 kB
Transfer

226 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://iplacead.com/i.php?c49kljf HTTP 301
    https://chicagotribune.com/ko/oqejw.html HTTP 301
    https://www.chicagotribune.com/ko/oqejw.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request oqejw.html
www.chicagotribune.com/ko/
Redirect Chain
  • https://iplacead.com/i.php?c49kljf
  • https://chicagotribune.com/ko/oqejw.html
  • https://www.chicagotribune.com/ko/oqejw.html
36 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/ko/oqejw.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.153.27 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-153-27.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
3c454972f72130f83a383b719da0782b534c55375ca5d6912fc8cc0d4100ada7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
www.chicagotribune.com
:scheme
https
:path
/ko/oqejw.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=UTF-8
server
openresty
httpd-identifier
web-e13ae5b79a662a56b78f856ab5b490cf
x-instance-name
i18prod-8d8f615-15-77.1
x-ua-compatible
IE=Edge
content-length
36465
cache-control
private, max-age=280
expires
Sun, 12 Sep 2021 14:19:43 GMT
date
Sun, 12 Sep 2021 14:15:03 GMT
set-cookie
_lbz=0; expires=Mon, 12-Sep-2022 14:15:03 GMT; domain=.chicagotribune.com _lb=2; expires=Sun, 12-Sep-2021 14:30:03 GMT; path=/; domain=.chicagotribune.com
server-timing
cdn-cache; desc=MISS edge; dur=445 origin; dur=1013
content-security-policy
upgrade-insecure-requests

Redirect headers

date
Sun, 12 Sep 2021 14:14:56 GMT
content-type
text/html; charset=utf-8
content-length
297
location
https://www.chicagotribune.com/ko/oqejw.html
server
nginx/1.15.3
vary
Cookie
set-cookie
session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YT4LYA.tRjaIVuWwdwItCqyuQSOY_MKpco; Expires=Sun, 12-Sep-2021 14:24:56 GMT; HttpOnly; Path=/
modules.1q2w3_33f5e6f19566602aad68158d4c1c856c.min.css
www.chicagotribune.com/as/prod/chinews/stylesheets/ 		191 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.chicagotribune.com/as/prod/chinews/stylesheets/modules.1q2w3_33f5e6f19566602aad68158d4c1c856c.min.css
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/ko/oqejw.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.153.27 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-153-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
47b9b6fcedf0728fb78eb3e1494541381bf84b16ebb954b9772a8262f784df0c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:path
/as/prod/chinews/stylesheets/modules.1q2w3_33f5e6f19566602aad68158d4c1c856c.min.css
pragma
no-cache
cookie
_lb=2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.chicagotribune.com
referer
https://www.chicagotribune.com/ko/oqejw.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.chicagotribune.com/ko/oqejw.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 14:15:03 GMT
content-encoding
gzip
last-modified
Tue, 30 Jun 2020 20:11:46 GMT
server
Apache
etag
"2fb3f-5a952c8dea480-gzip"
vary
True-Client-IP,Accept-Encoding
content-type
text/css
set-cookie
_lbz=0; expires=Mon, 12-Sep-2022 14:15:03 GMT; domain=.chicagotribune.com
cache-control
public, private, max-age=31536000
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS edge; dur=14 origin; dur=167
accept-ranges
bytes
httpd-identifier
web-d45f6f735a5ebe087306ec5c8b951c00
content-length
13104
expires
Mon, 12 Sep 2022 14:15:03 GMT
gpt.js
www.googletagservices.com/tag/js/ 		0
0
lib.1q2w3_e3e7791be26cadd89b1a6ef4748ecafc.min.js
www.trbas.com/jive/prod/common/javascripts/ 		0
0
main.1q2w3_eda409b24121d9aba4adc013cae9cd20.min.js
www.trbas.com/jive/prod/common/javascripts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagservices.com
URL
https://www.googletagservices.com/tag/js/gpt.js
Domain
www.trbas.com
URL
https://www.trbas.com/jive/prod/common/javascripts/lib.1q2w3_e3e7791be26cadd89b1a6ef4748ecafc.min.js
Domain
www.trbas.com
URL
https://www.trbas.com/jive/prod/common/javascripts/main.1q2w3_eda409b24121d9aba4adc013cae9cd20.min.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| i$ object| trb object| googletag number| _sf_startpt string| GoogleAnalyticsObject function| ga

4 Cookies

Domain/Path Name / Value
.chicagotribune.com/as/prod/chinews/stylesheets Name: _lbz
Value: 0
.chicagotribune.com/ko Name: _lbz
Value: 0
chicagotribune.com/ Name: session
Value: eyJfcGVybWFuZW50Ijp0cnVlfQ.YT4LYA.tRjaIVuWwdwItCqyuQSOY_MKpco
.chicagotribune.com/ Name: _lb
Value: 2

2 Console Messages

Source Level URL
Text
network error URL: https://www.chicagotribune.com/ko/oqejw.html
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.chicagotribune.com/ko/oqejw.html(Line 35)
Message:
Refused to load the script 'https://www.googletagservices.com/tag/js/gpt.js' because it violates the following Content Security Policy directive: "script-src 'self' http://eb.trbas.com http://activate.latimes.com https://eb.trbas.com https://activate.latimes.com http://trbas.trbdevcloud.com http://www.trbas.com https://trbas.trbdevcloud.com https://www.trbas.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests