urlscan.io logo urlscan.io
SecurityTrails logo

tucson.com Open in urlscan Pro
192.104.182.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.azstarnet.com//sn//harrypotter//
Effective URL: https://tucson.com/r/sn/harrypotter/
Submission: On August 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 52 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is tucson.com. The Cisco Umbrella rank of the primary domain is 393695.
TLS certificate: Issued by WR1 on July 9th 2024. Valid for: 3 months.
This is the only time tucson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
www.azstarnet.com
tucson.com
20    104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
2    2600:9000:2510:6c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    18.238.49.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-53.jfk52.r.cloudfront.net
tagan.adlightning.com
5    2607:f8b0:4004:c1d::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.194.62 (San Francisco, United States)

ASN54113 (FASTLY, US)
user.tucson.com
1    2600:9000:2510:b800:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    108.138.85.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-31.iad12.r.cloudfront.net
cmp.osano.com
1    173.194.207.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f97.1e100.net
www.googletagmanager.com
1    2607:f8b0:4004:c09::65 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
20 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 39242
311 KB
10 tucson.com
tucson.com — Cisco Umbrella Rank: 393695
user.tucson.com — Cisco Umbrella Rank: 739021
82 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
575 KB
5 osano.com
cmp.osano.com — Cisco Umbrella Rank: 7730
124 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 4347
96 KB
2 gstatic.com
www.gstatic.com
13 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 azstarnet.com
www.azstarnet.com
107 B
52 8
Domain Requested by
20 bloximages.chicago2.vip.townnews.com tucson.com
9 tucson.com 1 redirects tucson.com
6 www.googletagmanager.com tucson.com
cmp.osano.com
5 cmp.osano.com tucson.com
cmp.osano.com
3 tagan.adlightning.com tucson.com
cmp.osano.com
2 www.gstatic.com tucson.com
1 www.google-analytics.com www.googletagmanager.com
1 user.tucson.com cmp.osano.com
1 www.azstarnet.com 1 redirects
52 9
Subject Issuer Validity Valid
tucson.com
WR1		 2024-07-09 -
2024-10-07		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2024-03-12 -
2025-04-12		 a year crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M02		 2024-07-30 -
2025-08-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://tucson.com/r/sn/harrypotter/
Frame ID: 2C3F184373E8DBDA25FBB3E6209654A9
Requests: 47 HTTP requests in this frame

Frame: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Frame ID: D31AC805EF1B769E48CE41C49CBBD41F
Requests: 3 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 4D52E43D8A30FC72B0642B6A625B6F25
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

R | tucson.com

Page URL History Show full URLs

  1. http://www.azstarnet.com//sn//harrypotter// HTTP 307
    https://www.azstarnet.com//sn//harrypotter// HTTP 301
    http://tucson.com/sn/harrypotter/ HTTP 307
    https://tucson.com/sn/harrypotter/ HTTP 301
    https://tucson.com/r/sn/harrypotter/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

88 %
HTTPS

45 %
IPv6

8
Domains

9
Subdomains

12
IPs

2
Countries

1183 kB
Transfer

3789 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.azstarnet.com//sn//harrypotter// HTTP 307
    https://www.azstarnet.com//sn//harrypotter// HTTP 301
    http://tucson.com/sn/harrypotter/ HTTP 307
    https://tucson.com/sn/harrypotter/ HTTP 301
    https://tucson.com/r/sn/harrypotter/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tucson.com/r/sn/harrypotter/
Redirect Chain
  • http://www.azstarnet.com//sn//harrypotter//
  • https://www.azstarnet.com//sn//harrypotter//
  • http://tucson.com/sn/harrypotter/
  • https://tucson.com/sn/harrypotter/
  • https://tucson.com/r/sn/harrypotter/
102 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
35c4372d655faaaf8800b47cbcfc79fc98cbbbc114d097e384d99e9590036f79
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
23185
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 19:23:17 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.79.3; app18; 0.17s; 3.2M
x-ua-compatible
IE=edge
x-vcache
MISS
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
16820
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 19:23:16 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
location
https://tucson.com/r/sn/harrypotter/
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.79.3; app13; 0.16s; 3M
x-ua-compatible
IE=edge
x-vcache
MISS
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13316641
cross-origin-resource-policy
cross-origin
content-length
38456
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cbcbd77abb-SJC
expires
Fri, 29 Nov 2024 01:24:02 GMT
user.js
tucson.com/shared-content/art/tncms/user/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tucson.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
573b0b4699e5c093c592f070caf70bf8c70ae57b27f3ca32197ff50c9ca77303

Request headers

Referer
https://tucson.com/r/sn/harrypotter/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:18:35 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2024 17:59:14 GMT
x-vcache
HIT
age
282
etag
W/"66b3b5f2-eaa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1633
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13304284
cross-origin-resource-policy
cross-origin
content-length
12719
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cc2c217abb-SJC
expires
Thu, 28 Nov 2024 08:45:58 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
48615
cross-origin-resource-policy
cross-origin
content-length
14189
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65d66922-841f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cbcbd97abb-SJC
expires
Thu, 13 Mar 2025 18:01:52 GMT
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13304284
cross-origin-resource-policy
cross-origin
content-length
4260
last-modified
Mon, 27 Nov 2023 14:35:13 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a921-2d77"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cbcbd67abb-SJC
expires
Thu, 28 Nov 2024 12:02:38 GMT
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
48615
cross-origin-resource-policy
cross-origin
content-length
1590
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65d66921-1102"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cc2c1f7abb-SJC
expires
Thu, 13 Mar 2025 16:43:12 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13316641
cross-origin-resource-policy
cross-origin
content-length
910
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-9b8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cc2c1d7abb-SJC
expires
Wed, 27 Nov 2024 12:02:20 GMT
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13312571
cross-origin-resource-policy
cross-origin
content-length
21439
last-modified
Thu, 09 Nov 2023 15:29:51 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaef-1ac2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cbcbd47abb-SJC
expires
Wed, 27 Nov 2024 07:52:21 GMT
layout.d9bf9fa5b377514df7224a864456e96d.css
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		154 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.d9bf9fa5b377514df7224a864456e96d.css
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f44f6526e35f8f2595a297c9e049e8efe9159f763c1d14832ada2d66931eebf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
7172417
cross-origin-resource-policy
cross-origin
content-length
34092
last-modified
Thu, 16 May 2024 12:56:16 GMT
x-vcache
HIT
server
cloudflare
etag
W/"66460270-266b1"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cbcbce7abb-SJC
expires
Wed, 21 May 2025 19:01:33 GMT
lee.ds.css
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 		98 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1723475764
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a2e9aea8b17986ba1a3f447b9fbe6dfae755492b579e4f073f2a62fc0f31dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14504
cross-origin-resource-policy
cross-origin
content-length
20642
last-modified
Mon, 12 Aug 2024 15:16:04 GMT
x-vcache
HIT
server
cloudflare
etag
W/"66ba2734-18651"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cbcbd07abb-SJC
expires
Tue, 12 Aug 2025 15:21:07 GMT
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13308438
cross-origin-resource-policy
cross-origin
content-length
1979
last-modified
Thu, 09 Nov 2023 15:29:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf3-183e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cbcbd27abb-SJC
expires
Sun, 10 Nov 2024 08:05:52 GMT
tucson_lee_v3.css
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 		2 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/site/resources/styles/tucson_lee_v3.css?_dc=1674063103
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee7af434f9c2ca985c937682af99d230c57c58ef0221212a06f0837e12fed43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13304284
cross-origin-resource-policy
cross-origin
content-length
683
last-modified
Wed, 18 Jan 2023 17:31:43 GMT
x-vcache
MISS
server
cloudflare
etag
W/"63c82cff-96b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cbcbd37abb-SJC
expires
Wed, 27 Nov 2024 08:25:55 GMT
osano.js
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 		417 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:6c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
57a29c992cfd3a6389cc1280431e03928f8761f74e6d9d1146924644922467d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 11:41:22 GMT
content-encoding
br
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P5
age
27715
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
90489
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Aug 2024 21:10:03 GMT
server
CloudFront
etag
"e4f5e19d95b754b9a4e0f734f1612e37"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
1gZbWwagssPso4TWC0j4No91M3-0K4cTY5YCCc8KD05O7P6tvobNBw==
access.d7adebba498598b0ec2c.js
tucson.com/shared-content/art/tncms/api/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tucson.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer
https://tucson.com/r/sn/harrypotter/
Origin
https://tucson.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:22:50 GMT
content-encoding
gzip
last-modified
Sun, 07 Jul 2024 17:49:04 GMT
x-vcache
HIT
age
26
etag
W/"668ad510-1164b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
29242
service-worker-allowed
/
tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:18 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13308439
cross-origin-resource-policy
cross-origin
content-length
1322
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-dbe"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6ce5df27abb-SJC
expires
Tue, 26 Nov 2024 06:47:16 GMT
tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:18 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13312571
cross-origin-resource-policy
cross-origin
content-length
2388
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-1baf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cfbef87abb-SJC
expires
Sat, 30 Nov 2024 10:09:45 GMT
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 08:52:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3945
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 21:11:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Aug 2025 08:52:18 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 11:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8653
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Aug 2025 11:05:04 GMT
messaging.js
tucson.com/shared-content/art/tncms/api/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tucson.com/shared-content/art/tncms/api/messaging.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

Referer
https://tucson.com/r/sn/harrypotter/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:22:32 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2024 17:59:14 GMT
x-vcache
HIT
age
45
etag
W/"66b3b5f2-9cb"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
885
service-worker-allowed
/
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13316641
cross-origin-resource-policy
cross-origin
content-length
176
last-modified
Thu, 09 Nov 2023 15:29:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf3-cf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cc2c257abb-SJC
expires
Sun, 10 Nov 2024 09:44:18 GMT
tracking.js
tucson.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tucson.com/shared-content/art/tncms/tracking.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

Referer
https://tucson.com/r/sn/harrypotter/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:21:05 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2024 17:59:14 GMT
x-vcache
HIT
age
131
etag
W/"66b3b5f2-a3a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1157
service-worker-allowed
/
lee.common.js
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1723475764
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14503
cross-origin-resource-policy
cross-origin
content-length
3556
last-modified
Mon, 12 Aug 2024 15:16:04 GMT
x-vcache
HIT
server
cloudflare
etag
W/"66ba2734-2c45"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cc2c227abb-SJC
expires
Tue, 12 Aug 2025 15:21:07 GMT
fontawesome.568f3d1ab17b33ce05854081baadadac.js
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		268 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:18 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13304285
cross-origin-resource-policy
cross-origin
content-length
112383
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-43130"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cfbef97abb-SJC
expires
Fri, 29 Nov 2024 09:57:27 GMT
109f1e80-afaf-11ec-896b-e33500870658.png
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/custom/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/custom/image/109f1e80-afaf-11ec-896b-e33500870658.png
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85dada1408d909bc6efd997e08514370405f1e39b74b10f930180adecdfe35e0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
13304284
cf-polished
origFmt=png, origSize=23342
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="109f1e80-afaf-11ec-896b-e33500870658.webp"
content-length
15274
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 22:24:57 GMT
server
cloudflare
x-vcache
MISS
etag
"62438739-5b2e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cc5c457abb-SJC
expires
Tue, 11 Mar 2025 19:44:50 GMT
newsplus_white.png
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/newsplus_white.png?_dc=1723475764
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
14502
cf-polished
origFmt=png, origSize=8454
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="newsplus_white.webp"
content-length
4248
cf-bgj
imgq:85,h2pri
last-modified
Mon, 12 Aug 2024 15:16:04 GMT
server
cloudflare
x-vcache
MISS
etag
"66ba2734-2106"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cc5c467abb-SJC
expires
Tue, 12 Aug 2025 15:21:07 GMT
op.js
tagan.adlightning.com/leeenterprises/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/op.js
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-53.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc65cebcf51e6930815299922111497f21a502526910ef35b5cc030bb4c1223d

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:04:43 GMT
content-encoding
gzip
via
1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront)
x-amz-version-id
8BrNJnA7QGZcZtayTEK93g4ypVqUEx_v
x-amz-cf-pop
JFK52-P3
age
1116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6611
x-amz-meta-git_commit
904ac2d
last-modified
Mon, 12 Aug 2024 18:32:37 GMT
server
AmazonS3
etag
"c0f2a6684132d270d16eb080214a3a5f"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
ENoPJCsJqsz_BMUevOW67dnW9MraxoR2RENSI9BeKtofY4YwG3zmrw==
tucson-defer.js
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/site/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/site/resources/scripts/tucson-defer.js?_dc=1674590768
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c95bc403db09604ae14479b2a2048f57d30a9569cbf41c206d811890ebb6e8a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:17 GMT
content-encoding
gzip
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
7029887
cross-origin-resource-policy
cross-origin
content-length
1775
last-modified
Tue, 24 Jan 2023 20:06:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"63d03a30-1127"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6cd3d087abb-SJC
expires
Thu, 13 Mar 2025 15:34:40 GMT
gtm.js
www.googletagmanager.com/ 		229 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a9c4cc6c3a72fd5bea8ef6bd4fc915eb72f830dff6c062d1652e00774751ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78918
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 19:23:18 GMT
638669a5-afe7-4007-9d68-f9e3c07adfa8
https://tucson.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tucson.com/638669a5-afe7-4007-9d68-f9e3c07adfa8
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
/
user.tucson.com/PTUC-GUP/user/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.tucson.com/PTUC-GUP/user/?callback=gSP_local_callback&_ts=1723490598
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8ff38521fb4a97b0cec0b5f2016615c8e6b2a91047d0a1ec142b0973c46b00f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
content-security-policy
frame-ancestors 'none'
date
Mon, 12 Aug 2024 19:23:18 GMT
x-content-type-options
nosniff
via
1.1 varnish
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
gup-request-id
181e8af6bb91bc49bf13d920c2a5546c
x-cache
MISS
content-length
1141
x-served-by
cache-lax-kwhp1940054-LAX
referrer-policy
strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Origin
content-type
application/javascript
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
accept-ranges
bytes
expires
Mon, 12 Aug 2024 19:23:18 GMT
gtm-helper.html
tucson.com/app/ Frame D31A 		741 B
614 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
4eba824138222508fd7ff92e5eab727e6a186baf7b291c681fea83e7b75c39df

Request headers

Referer
https://tucson.com/r/sn/harrypotter/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=600
content-encoding
gzip
content-length
430
content-type
text/html
date
Mon, 12 Aug 2024 19:23:18 GMT
etag
W/"635070b5-1ac"
last-modified
Wed, 19 Oct 2022 21:48:37 GMT
vary
Accept-Encoding
x-vcache
MISS
gtm.js
www.googletagmanager.com/ 		548 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77c5ad72a49962313e7afc6a9fd5f4e11320e2fefa742c2a9eab0d3a5670a2eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145481
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 19:23:18 GMT
b-904ac2d-fa24dc02.js
tagan.adlightning.com/leeenterprises/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-53.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 00:31:20 GMT
content-encoding
gzip
via
1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront)
x-amz-version-id
JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
x-amz-cf-pop
JFK52-P3
age
1104719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26202
x-amz-meta-git_commit
904ac2d
last-modified
Tue, 20 Feb 2024 14:47:48 GMT
server
AmazonS3
etag
"7a41b7e2b9e4a0f06ee27698e5b7b752"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
P6qxXoQT_VjccLS490B-tIirn6iwHjwv20ycml02yUVRAdvUQTUmuA==
bl-9d3cfa4-d7cef07c.js
tagan.adlightning.com/leeenterprises/ 		161 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-9d3cfa4-d7cef07c.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-53.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
329a763392639c2b57ef2e74d004bcad6a4cb0977c1e6b8d4589c5b65bc0cbf2

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 18:55:54 GMT
content-encoding
gzip
via
1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront)
x-amz-version-id
EiwLzkbkliaXD77PHlGYP1i2zFO7RGLL
x-amz-cf-pop
JFK52-P3
age
1645
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
63534
x-amz-meta-git_commit
9d3cfa4
last-modified
Mon, 12 Aug 2024 18:32:14 GMT
server
AmazonS3
etag
"58721c5bed4aae9c0ae7fba1579faa7f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7TlODPXz8nhEBZ4Fx-NuCtUzDc1UKHQVl_AhkZKt6UVogsTzcb32Sg==
/
cmp.osano.com/ Frame 4D52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:b800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tucson.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
41250
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Mon, 12 Aug 2024 07:55:49 GMT
etag
W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified
Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-id
AclzUGAuTW1frZf40NIWrnCd02-zN23Zatot2lpnC4-zXoFFk9G4WQ==
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-amz-version-id
POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
en.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.85.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-31.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://tucson.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 12 Aug 2024 19:23:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
x-amz-cf-id
W2FzAiPmzDWO2pFqsV8cIx5Ur-pHyvcnYABI66EgP_E5d3Sy8s-Lsw==
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
osano-ui.js
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:6c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0202614987ac38b310ac2d2430f7cb3461913fafb307b49f89291e3b464408cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
O_05i9zXMW4youuSN03rz2lA.pdOBZgs
content-encoding
gzip
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
date
Mon, 12 Aug 2024 15:20:09 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P5
age
14590
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Aug 2024 21:10:03 GMT
server
AmazonS3
etag
W/"e9161b119859a9215cd2ba20680496ae"
vary
accept-encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, no-transform, public
x-amz-cf-id
KhW8knEZz_YYpIlMkjcY2pvCQSNxAFpeANUh6v8j3yvmTzH1DIAHlw==
en.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 		28 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/en.json
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.85.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-31.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8ad0451663eeb881d08bdaa3b843b013db8bc6e769eee80d5dcdaa9ddefd943
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-version-id
okCGKs4ji1.96ZYc6CvQQj.NJdhKrRN3
x-content-type-options
nosniff
date
Mon, 12 Aug 2024 17:13:34 GMT
content-encoding
gzip
via
1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
age
7785
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Aug 2024 21:10:03 GMT
server
AmazonS3
etag
W/"6e62ac6749de5e7b13331378d1d3a1e1"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, no-transform, public
vary
accept-encoding
x-amz-cf-id
f2rWzYtLNseqQOENz5g7njtC3IlEEqwGqXl9H-0h3qyCvwRnatK3Wg==
tracker.js
tucson.com/shared-content/art/stats/common/ Frame D31A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tucson.com/shared-content/art/stats/common/tracker.js
Requested by
Host: tucson.com
URL: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Referer
https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:19:55 GMT
content-encoding
gzip
last-modified
Tue, 09 Apr 2024 20:00:11 GMT
x-vcache
HIT
age
202
etag
W/"66159e4b-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
e7b59f86-559c-4045-b9f9-5a7dc1fef169
https://tucson.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tucson.com/e7b59f86-559c-4045-b9f9-5a7dc1fef169
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
tracker.gif
tucson.com/shared-content/art/stats/common/ Frame D31A 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tucson.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1723490598601190190111506823534258&tnms_dt=GTM%20Helper&tnms_upage=1&tnms_do=tucson.com&tnms_uri=/app/gtm-helper.html%3Furl%3Dhttps%253A%252F%252Ftucson.com%252Fr%252Fsn%252Fharrypotter%252F&tnms_ref=https%3A//tucson.com/r/sn/harrypotter/&rt=1723490598603
Requested by
Host: tucson.com
URL: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:18 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
d8c6c8a7-7d81-4a93-99f5-59b2b4e296ad
https://tucson.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tucson.com/d8c6c8a7-7d81-4a93-99f5-59b2b4e296ad
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
6b62de87-40ca-4c4b-a4be-a17598656ef3
https://tucson.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tucson.com/6b62de87-40ca-4c4b-a4be-a17598656ef3
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		206 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24e15a9b39012c70a2de9d4e08fcc887672330b30a93dfd80e614ac2cfa4c36d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73682
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 19:23:19 GMT
gtm.js
www.googletagmanager.com/ 		285 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34ba91f06ba96d97d5042ce7e445e94f8cf367fba60a6c53c2471537246e8e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82997
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 19:23:19 GMT
57ed0ee8-80bf-498d-9fdf-8f0512096d83
https://tucson.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tucson.com/57ed0ee8-80bf-498d-9fdf-8f0512096d83
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		311 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QH8XG9MLHK&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
137303609ec97dbb9a217ad97ab096c11ddf860f6acf3f4dac438aaeabd6a82b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105485
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Aug 2024 19:23:19 GMT
13c0e05b-c172-4080-bc66-f0030e211b32
https://tucson.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tucson.com/13c0e05b-c172-4080-bc66-f0030e211b32
Requested by
Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		292 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bd24774d17e7891cf0458b2094638544ca8c0fb69d2c32a64f4c109141e4f437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100964
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Aug 2024 19:23:19 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QH8XG9MLHK&gtm=45je4880v893906578z86749731za200zb6749731&_p=1723490598341&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&tcfd=10004&tag_exp=0&cid=421920366.1723490599&ecid=1519044623&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1723490599&sct=1&seg=0&dl=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F&dt=R%20%7C%20tucson.com&en=page_view&_fv=1&_nsi=1&_ss=2&ep.domain=tucson.com&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.page_type=error&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=r&ep.url_fragment=&ep.author=Undefined&ep.eedition_view_type=Page%20View&ep.asset_app=editorial&ep.asset_has_paywall=notset&ep.asset_has_video=no&up.user_status=logged%20in&up.user_subscription=No&up.user_ppid=false&up.user_uuid=548207c0-58e0-11ef-af66-124c1519886c&up.user_subscription_date=false&tfd=3390
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QH8XG9MLHK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 19:23:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tucson.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
80d87072-cfb0-11e7-b59a-ef5f5178bcc6.png
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/custom/image/ 		23 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/custom/image/80d87072-cfb0-11e7-b59a-ef5f5178bcc6.png?resize=256%2C256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e494d9b1fca54216e0a6def16e25727eb3b569bc2af621434d2538ef372b11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tucson.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 19:23:19 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
124130
cf-polished
origFmt=png, origSize=28680
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="80d87072-cfb0-11e7-b59a-ef5f5178bcc6.webp"
content-length
23212
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Nov 2017 18:11:04 GMT
server
cloudflare
x-vcache
MISS
etag
"ded01d44607df8b9f470519b28e4dc33"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
8b22d6d87e3c7abb-SJC
expires
Sun, 13 Jul 2025 10:55:21 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer function| lee_consentUpdated function| gtag boolean| gtag_enable_tcf_support object| webpackChunk_osano_cmp_consent_manager function| Osano function| __gpp function| __tcfapi function| __uspapi boolean| tncms_access_control_sync boolean| LEE_DS_V3 function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset boolean| bRemoveVidVast function| throttleFunction function| lee_trkLinkSrc function| resizeIframe function| randomizeChildren function| getUserToken function| gSP__GetCookieValueByName object| gSP_data object| gSP_queue function| gSP_local_callback function| k5zD8x function| k5zD8s object| xop object| j8iqfd0mpz4 function| lee_segment_audience object| form function| messagingCallback function| xblocker function| fSWa3y3 function| fSWa3y2 object| googletag object| litHtmlVersions object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| yg4IUT function| yg4IUL object| xblacklist object| google_tag_manager object| google_tag_data object| gaGlobal

3 Cookies

Domain/Path Name / Value
.tucson.com/ Name: gup_lng
Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22updated%22%3A%201723490598%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.tucson.com/ Name: gup_anonid
Value: 548207c0-58e0-11ef-af66-124c1519886c
.tucson.com/ Name: gup_clientid
Value: 54820e46-58e0-11ef-af66-124c1519886c

2 Console Messages

Source Level URL
Text
network error URL: https://tucson.com/r/sn/harrypotter/
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloximages.chicago2.vip.townnews.com
cmp.osano.com
tagan.adlightning.com
tucson.com
user.tucson.com
www.azstarnet.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.16.132.24
108.138.85.31
151.101.194.62
173.194.207.97
18.238.49.53
192.104.182.109
2600:9000:2510:6c00:3:b7e:8940:93a1
2600:9000:2510:b800:3:b7e:8940:93a1
2607:f8b0:4004:c09::65
2607:f8b0:4004:c1d::61
2607:f8b0:400d:c1d::5e
0202614987ac38b310ac2d2430f7cb3461913fafb307b49f89291e3b464408cb
137303609ec97dbb9a217ad97ab096c11ddf860f6acf3f4dac438aaeabd6a82b
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1c95bc403db09604ae14479b2a2048f57d30a9569cbf41c206d811890ebb6e8a
1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076
1e494d9b1fca54216e0a6def16e25727eb3b569bc2af621434d2538ef372b11f
24e15a9b39012c70a2de9d4e08fcc887672330b30a93dfd80e614ac2cfa4c36d
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
329a763392639c2b57ef2e74d004bcad6a4cb0977c1e6b8d4589c5b65bc0cbf2
34ba91f06ba96d97d5042ce7e445e94f8cf367fba60a6c53c2471537246e8e92
35c4372d655faaaf8800b47cbcfc79fc98cbbbc114d097e384d99e9590036f79
3ee7af434f9c2ca985c937682af99d230c57c58ef0221212a06f0837e12fed43
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4a2e9aea8b17986ba1a3f447b9fbe6dfae755492b579e4f073f2a62fc0f31dbb
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
4eba824138222508fd7ff92e5eab727e6a186baf7b291c681fea83e7b75c39df
55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379
573b0b4699e5c093c592f070caf70bf8c70ae57b27f3ca32197ff50c9ca77303
57a29c992cfd3a6389cc1280431e03928f8761f74e6d9d1146924644922467d9
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6a8dbbb4d2df5781f48a9c71c64645a9ec26ee8b159d0daf0ec14630192a5469
77c5ad72a49962313e7afc6a9fd5f4e11320e2fefa742c2a9eab0d3a5670a2eb
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7a9c4cc6c3a72fd5bea8ef6bd4fc915eb72f830dff6c062d1652e00774751ba2
85dada1408d909bc6efd997e08514370405f1e39b74b10f930180adecdfe35e0
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b8ff38521fb4a97b0cec0b5f2016615c8e6b2a91047d0a1ec142b0973c46b00f
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bd24774d17e7891cf0458b2094638544ca8c0fb69d2c32a64f4c109141e4f437
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
dc65cebcf51e6930815299922111497f21a502526910ef35b5cc030bb4c1223d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ad0451663eeb881d08bdaa3b843b013db8bc6e769eee80d5dcdaa9ddefd943
f44f6526e35f8f2595a297c9e049e8efe9159f763c1d14832ada2d66931eebf8
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95