urlscan.io logo urlscan.io
SecurityTrails logo

chicago.suntimes.com Open in urlscan Pro
108.157.4.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/EZfYB6goBX
Effective URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-larg...
Submission: On June 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 13 countries across 90 domains to perform 343 HTTP transactions. The main IP is 108.157.4.36, located in United States and belongs to AMAZON-02, US. The main domain is chicago.suntimes.com. The Cisco Umbrella rank of the primary domain is 105862.
TLS certificate: Issued by Amazon on March 31st 2022. Valid for: a year.
This is the only time chicago.suntimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.5 13414 (TWITTER)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
3 108.157.4.36 16509 (AMAZON-02)
7 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
8 65.9.63.95 16509 (AMAZON-02)
2 13.32.27.92 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 23.35.237.86 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
9 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
8 151.101.66.132 54113 (FASTLY)
13 142.250.185.98 15169 (GOOGLE)
4 65.9.71.118 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:1f14:600... 16509 (AMAZON-02)
1 23.35.237.181 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 43 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 46.105.202.126 16276 (OVH)
1 2600:9000:231... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.248.126 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 64.202.112.159 22075 (AS-OUTBRAIN)
1 151.101.14.132 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
7 108.62.117.246 30633 (LEASEWEB-...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
14 2a00:1450:400... 15169 (GOOGLE)
3 147.75.83.64 54825 (PACKET)
12 22 142.250.74.194 15169 (GOOGLE)
2 4 23.35.236.247 16625 (AKAMAI-AS)
3 4 185.33.221.13 29990 (ASN-APPNEX)
5 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 54.231.135.81 16509 (AMAZON-02)
6 34.149.12.213 15169 (GOOGLE)
2 142.250.185.194 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 95.101.22.169 20940 (AKAMAI-ASN1)
2 2.20.157.71 16625 (AKAMAI-AS)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 54.93.146.241 16509 (AMAZON-02)
4 52.223.40.198 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
3 4 37.157.4.23 198622 (ADFORM)
2 2 63.35.168.36 16509 (AMAZON-02)
2 185.86.137.122 201081 (SMARTADSE...)
1 95.101.22.171 20940 (AKAMAI-ASN1)
2 3 2001:678:cb4:... 56396 (AMOBEE)
1 2 159.122.14.34 36351 (SOFTLAYER)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 76.223.111.18 16509 (AMAZON-02)
1 2 51.89.9.253 16276 (OVH)
1 82.113.101.132 6805 (TDDE-ASN1)
4 23.82.15.162 30633 (LEASEWEB-...)
1 213.19.147.43 26120 (RHYTHMONE)
3 5 2.18.234.233 16625 (AKAMAI-AS)
1 18.158.79.13 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2600:9000:215... 16509 (AMAZON-02)
5 54.208.44.81 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 209.58.147.67 394380 (LEASEWEB-...)
1 2a00:1450:401... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 23.35.236.201 16625 (AKAMAI-AS)
2 104.89.20.125 16625 (AKAMAI-AS)
1 1 18.134.84.24 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2 213.155.156.168 1299 (TWELVE99 ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
2 2 103.229.205.243 ()
9 204.237.133.120 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 44.196.137.234 14618 (AMAZON-AES)
1 151.101.194.49 54113 (FASTLY)
3 3 52.50.60.18 16509 (AMAZON-02)
1 185.86.137.132 201081 (SMARTADSE...)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 1 23.88.75.188 24940 (HETZNER-AS)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 213.19.147.44 3356 (LEVEL3)
1 1 141.94.101.34 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
3 3 52.48.133.87 16509 (AMAZON-02)
1 1 2a04:4e42:200... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
1 5.161.54.172 213230 (HETZNER-C...)
2 198.47.127.20 3257 (GTT-BACKB...)
2 2 51.79.83.225 16276 (OVH)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
2 2 35.156.193.10 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 66.155.71.149 13768 (COGECO-PEER1)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.33.221.50 29990 (ASN-APPNEX)
1 204.237.133.121 ()
1 142.250.185.66 ()
343 105
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
3    108.157.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-36.dus51.r.cloudfront.net
chicago.suntimes.com
7    2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
8    65.9.63.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-95.fra56.r.cloudfront.net
cst.brightspotcdn.com
2    13.32.27.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-92.fra56.r.cloudfront.net
htlbid.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
8    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
prd-collector-anon.ex.co
13    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
4    65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net
c.amazon-adsystem.com
6    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:1f14:600:6e00:5992:27c2:5276:6fe4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
aamapi.com
1    23.35.237.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
1    2a02:26f0:f7::5c7b:e01c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2600:9000:2057:400:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
6    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
api-esp.piano.io
43    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
pagead2.googlesyndication.com
12    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
s0.2mdn.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    2600:9000:2315:9800:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
5    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
5    2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
1    18.66.248.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-126.dus51.r.cloudfront.net
ads.undertone.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    64.202.112.159 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
1    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    108.62.117.246 (Falls Church, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
p.channelexco.com
s-117.channelexco.com
9    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
14    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
22    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
4    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
playbuzzltd-d.openx.net
u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    54.231.135.81 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ams-pageview-public.s3.amazonaws.com
6    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
6    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    95.101.22.169 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-22-169.deploy.static.akamaitechnologies.com
mcd.ex.co
2    2.20.157.71 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-71.deploy.static.akamaitechnologies.com
cdn.playbuzz.com
1    2600:9000:2156:7800:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.besafe.global
2    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
2    54.93.146.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-146-241.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    63.35.168.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-168-36.eu-west-1.compute.amazonaws.com
match.360yield.com
2    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    95.101.22.171 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-22-171.deploy.static.akamaitechnologies.com
cdn.ex.co
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    82.113.101.132 (Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
4    23.82.15.162 (Bethesda, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
e.channelexco.com
1    213.19.147.43 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.targeting.unrulymedia.com
5    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    18.158.79.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-79-13.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2600:9000:2156:5200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
5    54.208.44.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-44-81.compute-1.amazonaws.com
ping.chartbeat.net
4    2607:f8b0:4001:c17::5e (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:12::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr2---sn-4g5lzne6.googlevideo.com
1    209.58.147.67 (Dallas, United States)

ASN394380 (LEASEWEB-USA-DAL, US)
a.channelexco.com
1    2a00:1450:4013:c01::71 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
s.youtube.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    18.134.84.24 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-24.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    103.229.205.243 (None, )

ASN- ()
sync.mathtag.com
9    204.237.133.120 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    44.196.137.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-137-234.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    52.50.60.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-60-18.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    213.19.147.44 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    141.94.101.34 (France)

ASN16276 (OVH, FR)
PTR: bixel-4.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
3    52.48.133.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-133-87.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-2.cloudy.ovh
pixel.onaudience.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2a05:d018:d29:3602:922:6908:c2c0:f56e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.156.193.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-193-10.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    204.237.133.121 (None, )

ASN- ()
simage4.pubmatic.com
1    142.250.185.66 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
52 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
static.doubleclick.net — Cisco Umbrella Rank: 338
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271
pubads.g.doubleclick.net — Cisco Umbrella Rank: 479
243 KB
46 googlesyndication.com
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
ade.googlesyndication.com
265 KB
22 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 416
ads.pubmatic.com — Cisco Umbrella Rank: 413
image6.pubmatic.com — Cisco Umbrella Rank: 564
image2.pubmatic.com — Cisco Umbrella Rank: 819
simage2.pubmatic.com — Cisco Umbrella Rank: 566
image4.pubmatic.com — Cisco Umbrella Rank: 784
simage4.pubmatic.com
32 KB
12 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 15532
s-117.channelexco.com — Cisco Umbrella Rank: 96921
e.channelexco.com — Cisco Umbrella Rank: 13845
a.channelexco.com — Cisco Umbrella Rank: 15167
24 KB
12 ex.co
player.ex.co — Cisco Umbrella Rank: 10742
prd-collector-anon.ex.co — Cisco Umbrella Rank: 9348
mcd.ex.co — Cisco Umbrella Rank: 11788
cdn.ex.co — Cisco Umbrella Rank: 17460
532 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42 Failed
jnn-pa.googleapis.com — Cisco Umbrella Rank: 275
ajax.googleapis.com — Cisco Umbrella Rank: 277
imasdk.googleapis.com — Cisco Umbrella Rank: 381
983 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 242
370 KB
11 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 428
rtb0.doubleverify.com — Cisco Umbrella Rank: 595
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 12345
tps.doubleverify.com — Cisco Umbrella Rank: 440
tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 25273
129 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
s.youtube.com — Cisco Umbrella Rank: 683
746 KB
9 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
90 KB
9 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 6861
cdn.tinypass.com — Cisco Umbrella Rank: 4761
buy.tinypass.com — Cisco Umbrella Rank: 3817
163 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
15 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
49 KB
8 brightspotcdn.com
cst.brightspotcdn.com — Cisco Umbrella Rank: 142223
198 KB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 483
p.typekit.net — Cisco Umbrella Rank: 613
233 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4611
p1cluster.cxense.com — Cisco Umbrella Rank: 6665
comcluster.cxense.com — Cisco Umbrella Rank: 4476
id.cxense.com — Cisco Umbrella Rank: 8342
61 KB
6 piano.io
c2.piano.io — Cisco Umbrella Rank: 3824
api-esp.piano.io — Cisco Umbrella Rank: 10693
20 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
40 KB
6 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1257
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2649
odb.outbrain.com — Cisco Umbrella Rank: 1404
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 4827
89 KB
5 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1105
1001 B
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 637
4 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 348
playbuzzltd-d.openx.net — Cisco Umbrella Rank: 31166
u.openx.net — Cisco Umbrella Rank: 699
816 B
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 391
5 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12891
pixel.onaudience.com — Cisco Umbrella Rank: 2969
2 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 974
eus.rubiconproject.com — Cisco Umbrella Rank: 530
token.rubiconproject.com — Cisco Umbrella Rank: 644
11 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 539
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
1 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518
4 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8526
www.google.de — Cisco Umbrella Rank: 6117
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
41 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
198 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
941 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 678
1 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 464
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 693
r.turn.com — Cisco Umbrella Rank: 2741
1 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1156
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565
313 B
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 13487
flint.defybrick.com — Cisco Umbrella Rank: 13551
20 KB
3 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3983
log.outbrainimg.com — Cisco Umbrella Rank: 2061
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
113 KB
3 suntimes.com
chicago.suntimes.com — Cisco Umbrella Rank: 105862
32 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 269
1 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 633
match.taboola.com — Cisco Umbrella Rank: 1881
529 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 499
741 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 753
s.tribalfusion.com — Cisco Umbrella Rank: 2251
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4853
637 B
2 googlevideo.com
rr2---sn-4g5lzne6.googlevideo.com — Cisco Umbrella Rank: 70017
3 MB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 741
489 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
960 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 758
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3818
785 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 802
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2722
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2766
207 B
2 playbuzz.com
cdn.playbuzz.com — Cisco Umbrella Rank: 17630
34 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 918
344 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
427 B
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
5 KB
2 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 5748
ads.undertone.com — Cisco Umbrella Rank: 5236
4 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1452
id5-sync.com — Cisco Umbrella Rank: 600
12 KB
2 htlbid.com
htlbid.com — Cisco Umbrella Rank: 17697
108 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3461
462 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 556
191 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2317
534 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 840
356 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 412
536 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5688
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16449
366 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5390
282 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 794
218 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1354
408 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 536
177 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 751
619 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1476
501 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 679
363 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4116
532 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 624
29 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1204
24 KB
1 unrulymedia.com
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 8346
384 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 73561
639 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 14720
553 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 38556
607 B
1 besafe.global
cdn.besafe.global — Cisco Umbrella Rank: 10408
37 KB
1 amazonaws.com
ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 21041
448 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 111
82 KB
1 aamapi.com
aamapi.com — Cisco Umbrella Rank: 10784
180 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
44 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 3814
3 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4394
370 B
1 t.co
t.co — Cisco Umbrella Rank: 505
507 B
0 netmng.com Failed
google2waycm.netmng.com Failed
343 90
Domain Requested by
28 pagead2.googlesyndication.com acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
srcdoc
s0.2mdn.net
www.googletagservices.com
chicago.suntimes.com
securepubads.g.doubleclick.net
22 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
chicago.suntimes.com
14 tpc.googlesyndication.com acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
imasdk.googleapis.com
13 googleads.g.doubleclick.net 1 redirects www.youtube.com
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
t.co
11 s0.2mdn.net t.co
s0.2mdn.net
imasdk.googleapis.com
chicago.suntimes.com
9 simage2.pubmatic.com ads.pubmatic.com
9 cdnjs.cloudflare.com buy.tinypass.com
9 www.youtube.com chicago.suntimes.com
www.youtube.com
8 cst.brightspotcdn.com chicago.suntimes.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 prd-collector-anon.ex.co player.ex.co
7 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 use.typekit.net chicago.suntimes.com
use.typekit.net
buy.tinypass.com
6 image2.pubmatic.com ads.pubmatic.com
6 imasdk.googleapis.com player.ex.co
imasdk.googleapis.com
6 s-117.channelexco.com chicago.suntimes.com
player.ex.co
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
t.co
6 securepubads.g.doubleclick.net www.googletagservices.com
htlbid.com
securepubads.g.doubleclick.net
5 api-esp.piano.io cdn.tinypass.com
code.jquery.com
5 ping.chartbeat.net
5 ads.stickyadstv.com 3 redirects cdn.ex.co
5 cdn.doubleverify.com 1 redirects acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
cdn.doubleverify.com
t.co
5 www.google.com chicago.suntimes.com
www.youtube.com
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 csi.gstatic.com imasdk.googleapis.com
4 e.channelexco.com player.ex.co
4 c1.adform.net 3 redirects ads.pubmatic.com
4 match.adsrvr.org acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
ads.pubmatic.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 jnn-pa.googleapis.com www.youtube.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 c.amazon-adsystem.com htlbid.com
c.amazon-adsystem.com
4 connect.facebook.net chicago.suntimes.com
connect.facebook.net
t.co
3 sync.crwdcntrl.net 3 redirects
3 match.prod.bidr.io 3 redirects
3 tpsc-eu3.doubleverify.com acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
cdn.doubleverify.com
3 mcd.ex.co chicago.suntimes.com
player.ex.co
3 acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
3 widgets.outbrain.com chicago.suntimes.com
3 www.googletagservices.com chicago.suntimes.com
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
3 chicago.suntimes.com t.co
cst.brightspotcdn.com
2 x.bidswitch.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 sync.1rx.io 2 redirects
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 eus.rubiconproject.com cdn.ex.co
eus.rubiconproject.com
2 ads.pubmatic.com cdn.ex.co
ads.pubmatic.com
2 rr2---sn-4g5lzne6.googlevideo.com 1 redirects
2 playbuzzltd-d.openx.net cdn.ex.co
2 onetag-sys.com 1 redirects acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 ad.turn.com 2 redirects
2 ssbsync.smartadserver.com acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
2 match.360yield.com 2 redirects
2 pm.w55c.net 2 redirects
2 cdn.playbuzz.com chicago.suntimes.com
2 googleads4.g.doubleclick.net t.co
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 log.outbrainimg.com widgets.outbrain.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 flint.defybrick.com rock.defybrick.com
chicago.suntimes.com
2 www.facebook.com chicago.suntimes.com
2 yt3.ggpht.com www.youtube.com
2 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
2 htlbid.com chicago.suntimes.com
1 ade.googlesyndication.com
1 simage4.pubmatic.com ads.pubmatic.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 odr.mookie1.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 sync-tm.everesttech.net ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 1f2e7.v.fwmrm.net 1 redirects
1 u.openx.net cdn.ex.co
1 code.jquery.com api-esp.piano.io
1 s.youtube.com
1 a.channelexco.com
1 static.chartbeat.com t.co
1 hbopenbid.pubmatic.com cdn.ex.co
1 prebid-server.rubiconproject.com cdn.ex.co
1 tag.targeting.unrulymedia.com player.ex.co
1 portal.o2online.de chicago.suntimes.com
1 tps.doubleverify.com cdn.doubleverify.com
1 ads.travelaudience.com 1 redirects
1 r.turn.com acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
1 cdn.ex.co player.ex.co
1 gcm.ctnsnet.com 1 redirects
1 dclk-match.dotomi.com acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
1 cdn.besafe.global acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
1 rtbc-eu3.doubleverify.com cdn.doubleverify.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 ams-pageview-public.s3.amazonaws.com chicago.suntimes.com
1 p1cluster.cxense.com cdn.cxense.com
1 ajax.googleapis.com buy.tinypass.com
1 p.channelexco.com player.ex.co
1 odb.outbrain.com widgets.outbrain.com
1 id5-sync.com cdn.id5-sync.com
1 ads.undertone.com cdn.undertone.com
1 i.ytimg.com www.youtube.com
1 www.google.de chicago.suntimes.com
1 cdn.undertone.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com t.co
1 static.doubleclick.net www.youtube.com
1 c2.piano.io cdn.tinypass.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rock.defybrick.com widgets.outbrain.com
1 p.typekit.net use.typekit.net
1 cdn.tinypass.com experience.tinypass.com
1 widget-pixels.outbrain.com chicago.suntimes.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 aamapi.com www.googletagmanager.com
1 player.ex.co cst.brightspotcdn.com
1 experience.tinypass.com chicago.suntimes.com
1 fonts.googleapis.com chicago.suntimes.com
client
1 www.googletagmanager.com chicago.suntimes.com
1 www.npttech.com chicago.suntimes.com
1 bit.ly 1 redirects
1 t.co
0 google2waycm.netmng.com Failed acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
343 149
Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
origin.cst-web.production.chorus.brightspot.cloud
Amazon		 2022-03-31 -
2023-04-29		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
htlbid.com
Amazon		 2021-11-21 -
2022-12-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-13 -
2022-06-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aamapi.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
rock.defybrick.com
Amazon		 2022-05-09 -
2023-06-07		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-17 -
2023-04-17		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.undertone.com
Amazon		 2021-11-11 -
2022-12-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2022-05-09 -
2022-08-07		 3 months crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.channelexco.com
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.playbuzz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-21 -
2023-05-13		 a year crt.sh
cdn.besafe.global
Amazon		 2022-05-26 -
2023-06-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-11 -
2023-03-08		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
truffle.bid
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 49 frames:

Primary Page: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Frame ID: 4C496C172C15FE528C803027781E17E7
Requests: 128 HTTP requests in this frame

Frame: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Frame ID: CD5920D40D3A5F488AAB860016EE8F67
Requests: 20 HTTP requests in this frame

Frame: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 199364614880A67321BED73E8E395A52
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/ajs.js
Frame ID: 761113BA3776FF9699457C11E6383ABC
Requests: 4 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Frame ID: FE9419A04788141E43C11A49BC415FB0
Requests: 16 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 50C6993C43A09A690E71D76C3E9A9333
Requests: 4 HTTP requests in this frame

Frame: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5805BED4AB0375C1F1FEE30FE1A29187
Requests: 16 HTTP requests in this frame

Frame: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A6E867396FA5A8E24B4EFDA479DF18F7
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwq6CvQEwAQ&v=APEucNWMBN7UqSQ8CypvOQp7WaK_pxIcoAj6_CpgnVolOFWxwc6pycoBZXor1Ova94Ph0EHxsY_d2oLokMkvnSB5Adw-q8OHTWWtZ3jg4ilE6S7xcbZs_yhROxBBq26r4dmxLnP9ZF8vzpHdGiTb8P3uoAlsCRBvqq4MjSAz8fPKgwKcaUcncoY
Frame ID: 98E1A85DA4AA03B3ED6A4F33B89EA910
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiw38zLATAB&v=APEucNVrr__wCWuXnyw9KxILBjj3PAOdu2xuyopYFm2U3Iw4B4ErwOAiVFU02jxm2bxGI17wd7w4CH71_gW8jHy1CqEPg-tmljQ3VhTQTQcCAay1ubKAjZreTL7wx_ukFHdRdg-_jx0A5lF1UiqHeFHDHTAmnWFnXlPz4nnSMbBjIwiTiH14wiA
Frame ID: 6F6A7047B35C4ED9730398D6AED783A0
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B6977E7D8778603F18F5B988B42139F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 379E7E29493F67A6D401A84B778777BE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
Frame ID: A4ACA443629E80AB2B235042B38B791D
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 27FB8D911C105BB20057B483970E1355
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E9A9BC05EA1D019034B4B38F8DD5E023
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2796.js
Frame ID: 9CD239857055DFDAEFA1A9B9079EDF51
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B29522C7C748B198F4D76AB603542E6C
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: A8F14B37E5371348E3E5B16E9FA7B476
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Frame ID: 652C322BD15F2E1EFC84986FB011A170
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EC2B694B9ABBB9599255C70E591302A6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: B49BC197D1A5694F5719B9E82B5D8242
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1C72E519EF14CAEB950EC8169D8BE27F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: D69DFAAE30943D8EE7256E8597D1392E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4CA471A0EBB6D94F08E7E3EA66280FE3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 608635FEFE270696869FDCABA23984E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C5493F55688DF3FC3685BAB61F434D6F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Frame ID: E9D2C9C92886319C15AB65990010761E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9FBB53C3C51A120C9B29F79DC9440D6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EEF53D26E0F63F84B6B3794DAAC5E40D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 5D2F4C5511BF369EDFD0E089972332F2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: 7AF6810F2527F1DAF57E65FF011EE41C
Requests: 21 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 640D1426F7ED68A4BDCB89C236E0D170
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F27A2EED39CC7E6DE6B73D61B9023E52
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2582F157-E52E-4ED0-9075-3514DFCF1B74
Frame ID: 3B3D854D4557423AA98F4755DE14D967
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5641148811591932552
Frame ID: B4E015AF68A7991D8C08C7CB12992710
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d4cf629a-600b-4e00-847e-42cc7a7cbfae&gdpr=0&gdpr_consent=
Frame ID: 8592C7058B48D92419D7ECB0AD7690C1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 85A5788DA352CEFF7F9EEA7507B7C70D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7105096958209423500
Frame ID: 9C3712D24E8DDD53206118E9AC99C692
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Hl1wNeHNTYBKQTTV2KKco9lAlwM
Frame ID: 0A9235FC7685E94A01D536B9B95DDC7E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: F574BB0840E3964915810591992F2FA3
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFtU07FNMAAAFR4RGbxjQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: BE2FC3C1BEEB39B7126F70CF57F5485B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 677196D19A2E4D940059C2922B7218A3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: D838583773D5A7616C369A2F17FD207B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D07D40166A75E7C8C3019B9B637C3E67
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: D059370BBFF925F18112B77E01ED55AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 95DDA2EFF3EF0A8EE8FE1C99A5B96B4F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWQQgYQhbbSbTbUMU
Frame ID: 27B0F96644D6644927D924E57C287582
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a75da23b-3675-4d12-94d8-3eeb4ce612d1-tuct993e58a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: D7D823ACCCD396E455EC30D771D60132
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C87CBE3FF060766B42A6B90ADAA046A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loyola University Chicago gets $100 million to support students of color — the largest donation in school history - Chicago Sun-TimesclockCST_

Page URL History Show full URLs

  1. https://t.co/EZfYB6goBX Page URL
  2. https://bit.ly/3x8qGnV HTTP 301
    https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-st... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

343
Requests

90 %
HTTPS

37 %
IPv6

90
Domains

149
Subdomains

105
IPs

13
Countries

8022 kB
Transfer

17986 kB
Size

94
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/EZfYB6goBX Page URL
  2. https://bit.ly/3x8qGnV HTTP 301
    https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYToMybs_gPIzgFiNhtDS0&google_cver=1
Request Chain 131
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YppgBUxFpFt72wB.rHNCygAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYToMybs_gPIzgFiNhtDS0&google_cver=1&google_hm=2
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPxkX0lJQrcHGLsksA3sgo8&google_cver=1
Request Chain 133
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzI3NjI3MDI1NDQ1NDk2NA%3D%3D
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECOyqtD6C-Zqk5ib2-JPuMg&google_cver=1
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEG9kIcjVyizWYpbvxLJhF4s&google_cver=1
Request Chain 179
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGnQ3PC2HGUxpTOvIjVsxAc&google_cver=1&google_push=AYg5qPJdmbrjaNewzE6_ThX1yj-7ONpibg98AWFiAcbh_OYuRHGpoP9kw-tGlf_79PnaDn3mzpz3kE2s3I9a4MphPTuz9sVUES0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGnQ3PC2HGUxpTOvIjVsxAc&google_cver=1&google_push=AYg5qPJdmbrjaNewzE6_ThX1yj-7ONpibg98AWFiAcbh_OYuRHGpoP9kw-tGlf_79PnaDn3mzpz3kE2s3I9a4MphPTuz9sVUES0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UFA3VjhFQXkxTlhjVUo1&google_gid=CAESEGnQ3PC2HGUxpTOvIjVsxAc&google_cver=1&google_push=AYg5qPJdmbrjaNewzE6_ThX1yj-7ONpibg98AWFiAcbh_OYuRHGpoP9kw-tGlf_79PnaDn3mzpz3kE2s3I9a4MphPTuz9sVUES0
Request Chain 181
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKUV86uOyDjGx-5V7Ym3EZs&google_cver=1&google_push=AYg5qPLBHdsyDQGUQy7e50D0a3um35bt1Hd-Gcv83o5_H8fQyB1HFtAhhSaQwi0IbPHc9GdqnxHdlO-Qxyh16LcsGJjfkSwN-gg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLBHdsyDQGUQy7e50D0a3um35bt1Hd-Gcv83o5_H8fQyB1HFtAhhSaQwi0IbPHc9GdqnxHdlO-Qxyh16LcsGJjfkSwN-gg&google_hm=vlwyxdegSke1GH_QyPvt0QM
Request Chain 182
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKOl8jFaZS3R9xrH_dR8UnM&google_cver=1&google_push=AYg5qPLFxqB2IIjh_lJ7q-Vv9e44BrF0vmKbJ-HxCumwZKP7EiGyjdvTh435IqDCzXpvwRGrlByQEXtmPtlEPgTANghS508l9oY6 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKOl8jFaZS3R9xrH_dR8UnM&google_cver=1&google_push=AYg5qPLFxqB2IIjh_lJ7q-Vv9e44BrF0vmKbJ-HxCumwZKP7EiGyjdvTh435IqDCzXpvwRGrlByQEXtmPtlEPgTANghS508l9oY6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg0NTc1MzY1NDE0NDQ3NzY0OQ&google_push=AYg5qPLFxqB2IIjh_lJ7q-Vv9e44BrF0vmKbJ-HxCumwZKP7EiGyjdvTh435IqDCzXpvwRGrlByQEXtmPtlEPgTANghS508l9oY6
Request Chain 183
  • https://match.360yield.com/match/ebda?google_gid=CAESEKZAhj46Dy3k-JrW1k41xfk&google_cver=1&google_push=AYg5qPJsRe4AZYXbcgBYV2h5bHT4auX27PLjXuaMdikuTI-89HRdaokP2IQdb7lZEq9dAchdRaTeUSv8LdBcgCY1Q9cxVANdHqo HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKZAhj46Dy3k-JrW1k41xfk&google_cver=1&google_push=AYg5qPJsRe4AZYXbcgBYV2h5bHT4auX27PLjXuaMdikuTI-89HRdaokP2IQdb7lZEq9dAchdRaTeUSv8LdBcgCY1Q9cxVANdHqo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fu8QarRBRcqHXGH4D3AlXA&google_push=AYg5qPJsRe4AZYXbcgBYV2h5bHT4auX27PLjXuaMdikuTI-89HRdaokP2IQdb7lZEq9dAchdRaTeUSv8LdBcgCY1Q9cxVANdHqo
Request Chain 196
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFI95XQ_mZxh6vpjA7Dsg9A&google_cver=1&google_push=AYg5qPL1_GRRzVsBqON_ReOUaQAW2ouqJeKOEMJT9SA-gDX7N4uK2o8NIoaDhZidEhb-8DtgjrNOIkNuAKUBX54-LDAk4xBTdxJm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU4NDM2OTk2NDUxOTE1MTA3MA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFI95XQ_mZxh6vpjA7Dsg9A&google_cver=1
Request Chain 197
  • https://um.simpli.fi/gp_match?google_gid=CAESEKHYpYoro98DeGOr-IBbxXw&google_cver=1&google_push=AYg5qPJQ_V21XdIE0XnN02sOLmSW7dN2mDv8OkGK1SSgS6otKgcBZoZST1utBlkvtSLYg2yztBA5hq9jjOua44cRyaz5YSb_1FDbYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A806AF5E7BE45C59FC7490D7F935879&google_push=AYg5qPJQ_V21XdIE0XnN02sOLmSW7dN2mDv8OkGK1SSgS6otKgcBZoZST1utBlkvtSLYg2yztBA5hq9jjOua44cRyaz5YSb_1FDbYw
Request Chain 198
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKHvNGEVzzU_4mmBv7hnnT8&google_cver=1&google_push=AYg5qPKHRS8ks-s59_w2kKPttJNYn8u85vufPs0YMdjdYtlq5bvTG_yU3vnon7b71KyuUlfoE4e1z5m3lqlWxnxbKDPH4muJx_lXBQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=23v1MpcZSlaSEMGMPcbGJg2&google_push=AYg5qPKHRS8ks-s59_w2kKPttJNYn8u85vufPs0YMdjdYtlq5bvTG_yU3vnon7b71KyuUlfoE4e1z5m3lqlWxnxbKDPH4muJx_lXBQ
Request Chain 199
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBPTnLdWqMPTEpwn_Pd8t94&google_cver=1&google_push=AYg5qPKoP2QPcgyS7mQC3Z05d7GKmVuZNedf-hz3uykGUVVxKVzQcHwOmAZjO-s2ZCsy8PvzwTSeiUE3uONtIGnE6GWT2jb25C04Bw HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPKoP2QPcgyS7mQC3Z05d7GKmVuZNedf-hz3uykGUVVxKVzQcHwOmAZjO-s2ZCsy8PvzwTSeiUE3uONtIGnE6GWT2jb25C04Bw&google_gid=CAESEBPTnLdWqMPTEpwn_Pd8t94 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc0MTI2NjU2MzEyMjk3Njk3Njk1Ng%3D%3D&google_push=AYg5qPKoP2QPcgyS7mQC3Z05d7GKmVuZNedf-hz3uykGUVVxKVzQcHwOmAZjO-s2ZCsy8PvzwTSeiUE3uONtIGnE6GWT2jb25C04Bw
Request Chain 201
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELt1r-ELeCWCNsUtqeGs7V0&google_cver=1&google_push=AYg5qPIfMs3yWLboaBRIjDbrh5L_8b4Nk9auNddKzP2ilqnQ78M_guBErK6jhkefY6cRVPujK_3YAID-jzRwi9TNli-5GmYSUn8S6Dk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIfMs3yWLboaBRIjDbrh5L_8b4Nk9auNddKzP2ilqnQ78M_guBErK6jhkefY6cRVPujK_3YAID-jzRwi9TNli-5GmYSUn8S6Dk HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 229
  • https://cdn.doubleverify.com/redirect/?host=tpsc-eu3&param=akipv6&impid=c46896df4e22499490f419e0a0677edd&cbust=1654284294507125 HTTP 302
  • https://tpsc-eu3.doubleverify.com/event.png?impid=c46896df4e22499490f419e0a0677edd&akipv6=2001:ac8:20:3b00:1012:e946:9b91:532a
Request Chain 261
  • https://rr2---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1654313095&ei=B2CaYsrzCoPv1gLLrIzoAQ&ip=217.64.151.3&id=1011923c2017ae5f&itag=22&source=youtube&requiressl=yes&mh=Ga&mm=31&mn=sn-4g5lzne6&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=23.057&lmt=1653775032300599&mt=1654283827&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgZUFWEqO0pA4n0-zg0So3liq_wHMxR5HMEtNKMGFq8qcCICtR-o62Sp4McBQfuBLexL2bSgeCLAKhGgXwJO8689uv&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgez6yluJcpwlZM1Db4oyLjfgXL4T5TuiAZdLVHWlgFKUCIQCewaaonDYRJcNLn36yNCRTJ5k7_MVOeMF1vE1akmcpeA==&cpn=o06LhpmGOBVxiih7 HTTP 302
  • https://rr2---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1654313095&ei=B2CaYsrzCoPv1gLLrIzoAQ&ip=217.64.151.3&id=1011923c2017ae5f&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=23.057&lmt=1653775032300599&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgZUFWEqO0pA4n0-zg0So3liq_wHMxR5HMEtNKMGFq8qcCICtR-o62Sp4McBQfuBLexL2bSgeCLAKhGgXwJO8689uv&cpn=o06LhpmGOBVxiih7&redirect_counter=1&rm=sn-4g5eke7l&req_id=dce07ed3e18a36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Ga&mip=2001:ac8:20:3b00:1012:e946:9b91:532a&mm=31&mn=sn-4g5lzne6&ms=au&mt=1654284065&mv=m&mvi=2&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPokdQ4TVDhR1L7REXry7XOzmJoxp-rwmcMQ6khWGxmgAiA9NQ8qFj9FrQHnW1Yg9X60rOFU4_Hf7Gkezdyw7po1Cw%3D%3D
Request Chain 299
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=c57742b52e04675705c24786ee541a1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0eb7_7105096958196737308&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YzU3NzQyYjUyZTA0Njc1NzA1YzI0Nzg2ZWU1NDFhMQ==&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJbOJaPBUYHHBFeS-pPg9O8&google_cver=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 308
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5641148811591932552
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d4cf629a-600b-4e00-847e-42cc7a7cbfae&gdpr=0&gdpr_consent=
Request Chain 311
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7105096958209423500
Request Chain 312
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Hl1wNeHNTYBKQTTV2KKco9lAlwM
Request Chain 314
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGdFUwN0ZOTUFBQUZSNFJHYnhqUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFtU07FNMAAAFR4RGbxjQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 316
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 317
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 319
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1654284298464 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 320
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4dda3db1181716f6/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D9y7pfzHtWQQgYQhbbSbTbUMU HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=4dda3db1181716f6/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D9y7pfzHtWQQgYQhbbSbTbUMU HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D9y7pfzHtWQQgYQhbbSbTbUMU HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWQQgYQhbbSbTbUMU
Request Chain 321
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a75da23b-3675-4d12-94d8-3eeb4ce612d1-tuct993e58a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JYLxV-UuTtCQdTUU388bdA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=29e3629a-600b-4700-bebe-44677642d932
Request Chain 325
  • https://pixel.onaudience.com/?partner=214&mapped=2582F157-E52E-4ED0-9075-3514DFCF1B74 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=625f8dd6e3f57e2d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjU4MkYxNTctRTUyRS00RUQwLTkwNzUtMzUxNERGQ0YxQjc0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJW1Nq32yWXSCQ3vCikVDHc&google_cver=1
Request Chain 329
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4845753654144477649
Request Chain 331
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6127276270254454964&gdpr=0&gdpr_consent=
Request Chain 332
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cy7P73Msxu9oKpK9dCzbtncvxrhoeJW6JytNiUt-
Request Chain 334
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2582F157-E52E-4ED0-9075-3514DFCF1B74&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2582F157-E52E-4ED0-9075-3514DFCF1B74&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wDrt6nxE2uWF67wuaLoYlmoYr14klXo-~A&gdpr=0&gdpr_consent=
Request Chain 335
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7b7b2d9d-246d-4981-b560-a9b899eb3c94&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 336
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4584369964519151070&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 338
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dd00521e-8ce7-45d5-827a-5c07040ef590&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 340
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6127276270254454964

343 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
EZfYB6goBX
t.co/ 		221 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/EZfYB6goBX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
175
content-type
text/html; charset=utf-8
date
Fri, 03 Jun 2022 19:24:50 GMT
expires
Fri, 03 Jun 2022 19:29:50 GMT
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
b658e29faa6c75e2f61bcef0574dba42ddd07b9acfe892da6d835b585141022c
x-response-time
127
x-xss-protection
0
Primary Request loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
chicago.suntimes.com/education/2022/6/2/23152631/
Redirect Chain
  • https://bit.ly/3x8qGnV
  • https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
160 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-36.dus51.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
ebe745d09b799b5252d065d962d4f9cb06116e8806af1a17c9b71e6d546011bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://t.co/EZfYB6goBX
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
31387
content-type
text/html;charset=UTF-8
date
Fri, 03 Jun 2022 19:24:52 GMT
server
N/A
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
9YYzQrL2fPHUyf-OErmVJuKKtTH8x7I6M2OmrCVGbsN86jKDWjfZvg==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-powered-by
Brightspot

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
242
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Fri, 03 Jun 2022 19:24:51 GMT
location
https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
referrer-policy
unsafe-url
server
nginx
via
1.1 google
qzq4qkv.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qzq4qkv.css
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 03 Jun 2022 19:24:52 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
890
All.min.858122a877a69398c737fb540ecf080e.gz.css
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 		328 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.858122a877a69398c737fb540ecf080e.gz.css?v=1212
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51f5d801f68f728dc54c54e314ee3f8e175f2ea27754cf3e5fbbfb86801e5e17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 18 May 2022 18:48:03 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 18:47:55 GMT
server
AmazonS3
age
1384610
etag
"08cf48a243647e998a82e9d032152bc9"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
39427
x-amz-cf-id
fPlzLqBs-pzWi0Ul0H864VFrSBZNfgCAtRLvM5JUKxgCtWoNv8adPg==
webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 10 May 2022 23:20:22 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 15:26:22 GMT
server
AmazonS3
age
2059470
etag
"15a442be7d06ec40170c3c91ac824065"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
999
x-amz-cf-id
jZZyXjlE7g0NzH2VXEREacQpYHbHka3aT3TxZMeEEdlk3pITZqXu_w==
All.min.7891b8b08d6f288cab9ef1a568cd8f00.gz.js
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 		244 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.7891b8b08d6f288cab9ef1a568cd8f00.gz.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62244150f04d7ec797bb671232e59083db031f026e3bdee84599678163fa399e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 09 May 2022 23:22:25 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:51:46 GMT
server
AmazonS3
age
2145748
etag
"58867d41916224e181742cce811b6aea"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
74916
x-amz-cf-id
0w_vE4VSc8t0zYQHSEZ3LmdzWYs3qptMRzu3xkNaatnwOROTdKbEMw==
htlbid.css
htlbid.com/v3/chicago.suntimes.com/ 		6 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/chicago.suntimes.com/htlbid.css
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
654aa3f06b93a8c75dbbeb10405f66dd37436936f8b0c813246ed92242007330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 20:01:08 GMT
server
AmazonS3
age
161
etag
W/"5958bc1b7fd27a65ce48e5b1505a28b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
WYFk8c8RgX9T_7kg7rbnzIvfiFwRSMF0BS9TPcdMi4i18hGHiSolLA==
htlbid.js
htlbid.com/v3/chicago.suntimes.com/ 		501 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ce405c4b1e446e08232655e3198f4aa7b8339ac55e4cd9b8c63230ccfc281ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 20:00:54 GMT
server
AmazonS3
age
119
etag
W/"075a40229bedce4048022da99c361328"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
JD7JgZwmdRVbc_X0zx_fJgabBR78fa-hv-mj5AbjHsqhMCFkxZg2pg==
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfa51911106a64d4b274ec739c28fb2c5b0d2aacbac11b8b49c4b06174199c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28121
x-xss-protection
0
server
sffe
etag
"1234 / 147 of 1000 / last-modified: 1654268961"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Jun 2022 19:24:52 GMT
ctimes-logo.svg
cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ctimes-logo.svg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 16:28:10 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 13:50:22 GMT
server
AmazonS3
age
8132203
etag
"e87f670b52b097530289da1acb82568e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2576
x-amz-cf-id
N6IB2Biq7lFVY9D-5M19T9OyrS_4zyaoNBt_KWEOBJ_UqYdIV50eaQ==
logo-mobile-cst.svg
cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/logo-mobile-cst.svg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 00:37:50 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 13:52:10 GMT
server
AmazonS3
age
586023
etag
"872e5a087c60467941e5d72da5703323"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
1182
x-amz-cf-id
MUXEX0h8WZuxQfRr1Okde-yAeZdpTEAAsGT0MN2Wo1uFNhcsO6-bQw==
outbrain.js
widgets.outbrain.com/ 		199 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
518d4781a917554a6ddb8f86516918fc34a00e1232156bea0d3a4ff22141f8f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 12:46:18 GMT
etag
"16-bry/b7Q2RE2jtfiTEUGLVJLgcmM"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
601ea53b4ad57e1bc16429a9d42b23b0
timing-allow-origin
*, *
content-length
70274
ctimes-logo-inverse.svg
cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ctimes-logo-inverse.svg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 16:28:11 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 13:51:15 GMT
server
AmazonS3
age
8132202
etag
"adb236ef72a30b7d3eefd7c947693d02"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2862
x-amz-cf-id
BbDGXdgEF0aIhZPJzfWwBf2OYFHZ_xcJ6qFM3P1_UXE_cuuGyr1n6Q==
bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 16:28:09 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 19:08:47 GMT
server
AmazonS3
age
8132204
etag
"c066757a8992615b576ac565d39d182d"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3003
x-amz-cf-id
9RtZB8ofDY6FJB4Kl35l_i_fOa6FraI4nw7M_jM_HCv1eGIZTHgXGQ==
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3889
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9AYA25RKY2ACWNHD
x-amz-id-2
fkFFevbSOpReWCnFoKxh3FiV8CCoDBxw6bzXq4G71S3DfF6jDmaYuvdB0/USpXozfslUqCo6q0s=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkvS6ZKUf%2FwOtEdPJuH7CcliXnTA4n7Q2hGPpUnRgdTRyZiN1%2B%2FJHD0rAH61uCg%2BSzXGQMAEKEKHMlXFnCF3j%2BjV8xhgpVXWKWgoxKW7hRaOWmNm%2Bjo6b8XAu6lqifUmEWOXrJlR47fdBC75dhw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
715acfbbb99c73af-MRS
gtm.js
www.googletagmanager.com/ 		117 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d35e437ceda33d8a71486e3daaa29502a9177265bcf5ddfe9053391eccd695e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44075
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Jun 2022 19:24:52 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eab05a4880d274a61ab4d7918d0be1b9c67c383211abe508748acb772eeefd7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vEZn76RXjktrHw/OHwLNsw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 03 Jun 2022 19:33:07 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
i+rET7wrkiWOsMHL4NFOlUc052eonY8ZaKHu85B9uffSSV+aGIwD8NQgNzeqjNg5l+l+LEudOBTkVk+WTK+CsA==
x-fb-trip-id
686109401
x-fb-content-md5
0d8554c56bf9be5b341edb4d39e4b129
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 03 Jun 2022 19:24:52 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"6f60fa36d1ca06e3042873a560d2979e"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
css
fonts.googleapis.com/ 		0
0
VWAvh6L6nW4
www.youtube.com/embed/ Frame CD59 		63 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9becd41ef2684ac18d4fff325222b7d79234bc84b3959983367b024d40e2892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Fri, 03 Jun 2022 19:24:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
742eda3b2d2aefb9c25c7daa5dfe251f02317aae3027a7f8221710d9a5a3d3d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d7805992cf7b7a6eb820f848e9eed600cb66123bcf4a71bb94f6851ebc1eb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9739ff701d8fad1c9dfa7534c112223f86709ff4e144aa2dfa5b72e6a4bd8e7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6638a839866eeeba0f2fcf5dd964f3dec6a7b54be76052bf240ba3ef2b835895
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
2525
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
CbzzwcrjzwC
wn
prod-exp-10-0-133-230
last-modified
Fri, 03 Jun 2022 18:42:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
715acfbbf8e801e3-ZRH
expires
Fri, 03 Jun 2022 19:54:52 GMT
_track
chicago.suntimes.com/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chicago.suntimes.com/_track
Requested by
Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-36.dus51.r.cloudfront.net
Software
N/A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
server
N/A
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
t__l3NxQmK07rUiJawVcn43VHQyUloa6ZZmtSB65svCXu-16te1XWg==
strict-transport-security
max-age=31536000; includeSubdomains;
x-cache
Miss from cloudfront
sdk.js
connect.facebook.net/en_US/ 		289 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=07826e63f7e16cfeda323c969ba27941
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a0f1f074a49e6e0bbbbe79dee5b15bd3fe458ead6d8244c25ee687f1698c8b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://chicago.suntimes.com/
Origin
https://chicago.suntimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4iHVrW1iiEl5rCNK5yEfww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 03 Jun 2023 18:43:34 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84264
x-fb-rlafr
0
x-fb-debug
AGCHWDVP+6FcOVrwmGcEPC+PZU/cjGIJrT0VR26NJqA0ZjagmeIlQz6LfVr19geaZP55+KpAkrLdUTibKkJUzQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ec06d2ff2794fd2b8e1a501357f6c5f5
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Jun 2022 19:24:52 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c64fea436a19e958373adf9cf5a3f981"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
592cbffd-a1d0-4eb8-a31c-5b1269e51126
player.ex.co/player/ 		944 KB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Requested by
Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.7891b8b08d6f288cab9ef1a568cd8f00.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b7f25a08f3102c1739dd8e52279addae0f7fc8d37b210a0cd6ad836f20b3ba8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
age
0
x-cache
MISS, MISS
access-control-max-age
600
content-length
301786
x-served-by
cache-iad-kcgs7200106-IAD, cache-hhn4082-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1654284293.513354,VS0,VE259
etag
W/"ec094-au1C6oVq4MUtv3GRjSk2PBi2XSk"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 0
pubads_impl_2022053101.js
securepubads.g.doubleclick.net/gpt/ 		366 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 18:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127016
x-xss-protection
0
last-modified
Tue, 31 May 2022 08:34:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Jun 2023 18:39:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		245 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=chicago.suntimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9dbd95dbbbf7fbed4fa91cc9b2486d355c80d606cbad78516d88a3672c8ac9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143
x-xss-protection
0
expires
Fri, 03 Jun 2022 19:24:52 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
cfa51911106a64d4b274ec739c28fb2c5b0d2aacbac11b8b49c4b06174199c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28121
x-xss-protection
0
server
sffe
etag
"1234 / 139 of 1000 / last-modified: 1654268961"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Jun 2022 19:24:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 03 Jun 2022 19:07:21 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront), 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 19:53:03 GMT
server
AmazonS3
age
1052
etag
W/"cc07895b7b7c30a55c948b849ccd5e56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C1, FRA56-C1
content-encoding
gzip
x-amz-cf-id
2C3ZRNUIb2a4JCD_ROP4xZURr2DXntEq7gFqc5vqD8H6EYfb1i_6gQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3944
date
Fri, 03 Jun 2022 18:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 03 Jun 2022 20:19:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
zDfBUqGXJNS0FGdJPHwhEX/GlH9CQICseijmV7/gxMFP5TmXILaBHOQX+LHWgaTFSuzbYw8Fx/Xs8Z6w2X+cuw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 03 Jun 2022 19:24:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
init-5464ro4xhfzswgo4m2d.js
aamapi.com/api/ 		1 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aamapi.com/api/init-5464ro4xhfzswgo4m2d.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:600:6e00:5992:27c2:5276:6fe4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
server
openresty
content-encoding
gzip
expires
-1
/
cst.brightspotcdn.com/dims4/default/17d55b3/2147483647/strip/true/crop/1820x1213+0+0/resize/840x560!/format/webp/quality/90/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/dims4/default/17d55b3/2147483647/strip/true/crop/1820x1213+0+0/resize/840x560!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2Fgar18Lapcx7lpOzphdB60RXGx2A%3D%2F0x0%3A1820x1213%2F1820x1213%2Ffilters%3Afocal%28720x793%3A721x794%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F19699937%2Fluc.png
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-95.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
05249613e68d7a66d506899124e21514b574362dffd48a9f7c341115787fa43c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 02:29:19 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server
Apache
age
60933
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-C1
content-length
74792
x-amz-cf-id
Qja_oC3U3YxpMrje0mhP2UgaqQljdkLXvDHBgZtuEtQbISWTCo-G9A==
expires
Sat, 03 Jun 2023 02:29:19 GMT
www-player.css
www.youtube.com/s/player/02208bb4/ Frame CD59 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
623aab405058e30a77d9161bd1a4e1ba46549e2b7937db37205dbdb772852662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 21:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
77802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47515
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Jun 2023 21:48:10 GMT
www-embed-player.js
www.youtube.com/s/player/02208bb4/www-embed-player.vflset/ Frame CD59 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b668e843499461acaf97c3e2b7c4a55940f37e6b083168928b538f9736213f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 18:19:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
3940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95691
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 03 Jun 2023 18:19:12 GMT
base.js
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame CD59 		2 MB
531 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5cacda73a7b677180e4428c3d0345b49d890c98bd25eb3db239c3f96efbee22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:01:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
185029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
543920
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 16:01:03 GMT
fetch-polyfill.js
www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/ Frame CD59 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 22:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
73807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Jun 2023 22:54:45 GMT
Y2hpY2Fnby5zdW50aW1lcy5jb20=
tcheck.outbrainimg.com/tcheck/check/ 		15 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/Y2hpY2Fnby5zdW50aW1lcy5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:52 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=7248
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
61852b5653b06c8b38ea22eb94d3d4ad
Content-Length
15
Expires
Fri, 03 Jun 2022 21:25:40 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 03 Jul 2022 19:24:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD59 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 17:06:41 GMT
x-content-type-options
nosniff
age
267491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 31 May 2023 17:06:41 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		298 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a9dcc7dcd1ecd40025db562b89893efa2f8759bfdfdb8631f30dcc0f8a10602
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1850
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
AR82PZTPD76DZ41G
x-amz-id-2
yDV54IEvErfy2Z62NzBoxupbjPrwLlQD0i5THIJ/dWz93e2bU5zxBw3CJH4IH/WMA2njwKz2Oy0YELHcYw3Orw==
last-modified
Thu, 26 May 2022 13:02:33 GMT
server
cloudflare
etag
W/"255f689958b4bd27dedbea6d6dd02a27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
715acfbcca4d01e3-ZRH
expires
Fri, 03 Jun 2022 23:24:52 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=chicago.suntimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=chicago.suntimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3577992399060624&correlator=348759291822324&eid=31065824&output=ldjh&gdfp_req=1&vrg=2022053101&ptt=17&impl=fifs&iu_parts=61924087%2Csuntimes%2Cchicago.suntimes.com%2Cnews%2Ceducation&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=2x2%2C1x1%2C210x40&ifi=1&adks=909937779%2C3643569536%2C3040793485&sfv=1-0-38&ecs=20220603&ists=2&fsapi=false&prev_scp=position%3Dreskin%7Cposition%3Dout-of-page%7Cposition%3Darticle_sponsorship&eri=1&cust_params=htlbidid%3D9645%26is_testing%3Dno%26is_home%3Dno%26category%3DNews%26post_id%3D00000181-275c-d834-afff-37dccc390000%26entry_group%3Dsuburban-chicago%252C%2520news%252C%2520chicago%252C%2520education%252C%2520front-page%252C%2520metro-state%26entry_id%3DEntry%253A9662c9eb-a776-40b1-8661-7d16e132f37f%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DEducation%26keywords%3Dloyola%2520university%2520chicago%2520gets%2520100%2520million%2520to%2520support%2520students%2520of%2520color%2520%2520the%2520largest%2520donation%2520in%2520school%2520history&sc=1&cookie_enabled=1&abxe=1&dt=1654284292625&lmt=1654284292&dlt=1654284292306&idt=289&biw=1600&bih=1200&adxs=799%2C0%2C1100&adys=453%2C453%2C801&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1600x0%7C210x0&msz=1600x0%7C1600x0%7C210x0&fws=4%2C4%2C4&ohw=1600%2C1600%2C300&ga_vid=2126610865.1654284293&ga_sid=1654284293&ga_hid=1744924553&ga_fc=false&btvi=0%7C0%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bb9110db00efe72a4d54132ee19c858a9b86e3427e41496b644dac0614182855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2512
x-xss-protection
0
google-lineitem-id
-2,5577044337,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138336158710,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1993 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:52 GMT
expires
Sat, 03 Jun 2023 19:24:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e01c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
146698685967099
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/146698685967099?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9edb1605ac35e49d076bc3e9fdfb511d090ff1af398bbef3505bc1ef72d6a271
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89121
x-xss-protection
0
pragma
public
x-fb-debug
4Zr98WoWoX6+Upd2PKz7JIDCMJHtTRIEI4mkmMDkcNd14ZPFNHXycBJoZ9W5tOsYMlrU8A8k4lGayNp5ZfYmLg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 03 Jun 2022 19:24:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
66384
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 02 Jun 2022 00:57:09 GMT
server
AmazonS3
date
Fri, 03 Jun 2022 00:58:29 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
N4Fme-C6Zhitlvz8l8qNGjIBBzI6cTWZjj1QQcYIimZ1-Ow6SzDOQg==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1744924553&t=pageview&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Loyola%20University%20Chicago%20gets%20%24100%20million%20to%20support%20students%20of%20color%20%E2%80%94%20the%20largest%20donation%20in%20school%20history%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1621185020&gjid=1573231560&cid=2126610865.1654284293&tid=UA-52083976-6&_gid=1572522791.1654284293&_r=1&gtm=2wg610PRHXFPN&z=97620348
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1744924553&t=pageview&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Loyola%20University%20Chicago%20gets%20%24100%20million%20to%20support%20students%20of%20color%20%E2%80%94%20the%20largest%20donation%20in%20school%20history%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=2040290747&gjid=1472697001&cid=2126610865.1654284293&tid=UA-52083976-1&_gid=1572522791.1654284293&_r=1&gtm=2wg610PRHXFPN&z=1870969484
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		385 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fchicago.suntimes.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:44:15 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
Server
age
6036
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
385
x-amz-cf-id
R-EYiCs7Zez33wVBcPanw3nduzPG2IbuaoV_fby0eEeY2vsjlcdJhQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&pr=https%3A%2F%2Ft.co%2F&pid=YbEALgluY1zOj&cb=0&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F61924087%2Fsuntimes%2Fchicago.suntimes.com%2Fnews%2Feducation%22%7D%2C%7B%22sd%22%3A%22htlad-9-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F61924087%2Fsuntimes%2Fchicago.suntimes.com%2Fnews%2Feducation%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1000000560%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
CX72QSDZRN87CBY559XG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
4Qqj2XDUGNorhzj4nbkA4DkI0EVZynqth6Nmb2C6HzUZNzKwTNsb5A==
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 18:18:41 GMT
content-encoding
gzip
server
Caddy
age
8317
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA6-C1
content-length
18460
x-amz-cf-id
cmbxffJioXg7ATW2lp-xWS_mlqbwPbg2oBrdmKyGFD_S9HZMwaBgrg==
expires
Sat, 04 Jun 2022 05:06:15 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52083976-1&cid=2126610865.1654284293&jid=2040290747&gjid=1472697001&_gid=1572522791.1654284293&_u=YAjAAEABAAAAAC~&z=867803195
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 03 Jun 2022 19:24:52 GMT
content-type
text/plain
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=FV0czWAOfe
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
371929c79d6f11b5a1ec01dbfc35e63a314050e09e798e5e1456d8c142f86a1f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Chx1xcr1vsc
pragma
wn
prod-dash-10-0-126-202
last-modified
Fri, 03 Jun 2022 18:42:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.003
cache-control
public, max-age=1200
cf-ray
715acfbdfc0501e3-ZRH
expires
Fri, 03 Jun 2022 19:44:53 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 19:29:56 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5964
Expires
Fri, 03 Jun 2022 20:24:52 GMT
execute
c2.piano.io/xbuilder/experience/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=FV0czWAOfe
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
967b67620c294cb5ef96a23714bf1b939077e14f15db13f6b02b1b92608ee581
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
2mol5tmq47
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
715acfbe2cbb021d-ZRH
id
googleads.g.doubleclick.net/pagead/ Frame CD59
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H3
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31b99831d56779682a9fee96e939c2bc1a8b32c94d6026e8feff6fcfbd4edf88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Jun 2022 19:24:52 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame CD59 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:09:57 GMT
x-content-type-options
nosniff
age
895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Jun 2022 19:24:57 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:17:26 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
426741025
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=chicago.suntimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=chicago.suntimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3577992399060624&correlator=392990318849271&eid=31065824&output=ldjh&gdfp_req=1&vrg=2022053101&ptt=17&impl=fifs&iu_parts=61924087%2Csuntimes%2Cchicago.suntimes.com%2Cnews%2Ceducation&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C1020x90%7C970x250%2C300x250%7C300x600&ifi=4&adks=1227206917%2C911222320&sfv=1-0-38&ecs=20220603&fsapi=false&prev_scp=position%3Ddesktop_leaderboard_variable%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cposition%3Dmedium_rectangle_variable%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=htlbidid%3D9645%26is_testing%3Dno%26is_home%3Dno%26category%3DNews%26post_id%3D00000181-275c-d834-afff-37dccc390000%26entry_group%3Dsuburban-chicago%252C%2520news%252C%2520chicago%252C%2520education%252C%2520front-page%252C%2520metro-state%26entry_id%3DEntry%253A9662c9eb-a776-40b1-8661-7d16e132f37f%26entry_type%3Darticle%26page_type%3Dinterior_page%26hub_pages%3DEducation%26keywords%3Dloyola%2520university%2520chicago%2520gets%2520100%2520million%2520to%2520support%2520students%2520of%2520color%2520%2520the%2520largest%2520donation%2520in%2520school%2520history&sc=1&cookie_enabled=1&abxe=1&dt=1654284292806&lmt=1654284292&dlt=1654284292306&idt=289&biw=1600&bih=1200&adxs=436%2C1055&adys=328%2C821&ucis=4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x0%7C300x0&msz=728x0%7C300x0&fws=4%2C4&ohw=1600%2C300&ga_vid=2126610865.1654284293&ga_sid=1654284293&ga_hid=1744924553&ga_fc=true&btvi=0%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d107109a0255c12b10dad938469acd450d85eb173caa4dd09bc462f7f3c3084a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17965
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
server
nginx
etag
"aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39712
l
use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
server
nginx
etag
"9a0ddb2a9b3aa5e4eb0cc25f50e612d5ae59958a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39344
l
use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/bb6c4e/00000000000000003b9b2cf8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f0b2aa044e220b8f9ec02d387f0a408309d8563232656a8700338f293598e1e0

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
server
nginx
etag
"3bd094436e8172ab61cda9f0fed997dd1ff37d39"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
38868
l
use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
server
nginx
etag
"788f540305918e8b77e6fded33fe357dbe2b001f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39616
ajs.js
cdn.undertone.com/js/ Frame 7611 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/ajs.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:9800:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
099cab8513e9629e5817e2c50f9aacd16eaed375b0b25dd832ca1ac1c5fd9ea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
JowPaI6du8EsOnGXlbvFSzdhA5G.wJD3
content-encoding
gzip
last-modified
Sun, 29 May 2022 07:00:18 GMT
server
AmazonS3
age
49004
etag
W/"fbbd41418681e5edc1f97e294d92a7de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
date
Fri, 03 Jun 2022 05:48:29 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
A0GkNu-auFV4rkO9Ftf4Oz9slKsCtKD1ILvVPxL6B6LHOgfhhhPEQQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 7611 		0
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTZqdLdYkEpKXwQ82VKovhbDJjGup8xJIOpgQclnfWg9b4ISCTrJ_QASX1ibHw6Mni3wyJlr6mxe3GNmw4C5RSg9G-6mYn0XG5E0ergbSTPpO9jsuijGe03vEuoAfC3jO9LNEzi1gsFn__Y6qcFsiHCl6CeXTf20i6Ujvz_hJvBckGjYrKh_4EPb8iFJJpwSAa9G9_bCGjtz9Jf4WIyYdIr_YLgNGTnB6JkUQxFMc81UAoGkVSX9ETlGo1FR2L3pMEuKE5fVwr-VgrC2HdwryYhxQAaddLFICNpe_ii1KVhHyzMkYCs36RJGC22lagvMk5KNeBHLDSFgq0R3u1cYrrOAkMBEc67lOriKGfwXKkEOxz9Uf2wgIA46bta5cL&sai=AMfl-YQKNn_xjv2MyumrnhtpdyaASkoPhNhhybcBDdHxV90_z1OffDSA9bagG7POJytsPOkStCyABrXnfL5X3CybaKsFuR60YyLG51677iCr4SfqsUL1ycOEH8vqzLmU3_Hs&sig=Cg0ArKJSzKOs_Nq0I-zZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 03 Jun 2022 19:24:52 GMT
ga-audiences
www.google.com/ads/ 		42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52083976-1&cid=2126610865.1654284293&jid=2040290747&_u=YAjAAEABAAAAAC~&z=886671521
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52083976-1&cid=2126610865.1654284293&jid=2040290747&_u=YAjAAEABAAAAAC~&z=886671521
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 03 Jun 2022 19:24:52 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CD59 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ec967186d8071280b5ef6d1bd09160157a4f593a232fd7211460e55e50cf7248
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
29550
x-xss-protection
0
remote.js
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame CD59 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be491f084ae9823aa8c2e070956bb2b036f4591b53e827edf112887551fc31b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
184868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37805
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 16:03:44 GMT
B1_cC-tXimK-Vcdfr3NNmLtFRWfcesJykTbTvqPdDOg.js
www.google.com/js/th/ Frame CD59 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/B1_cC-tXimK-Vcdfr3NNmLtFRWfcesJykTbTvqPdDOg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
075fdc0beb578a62be55c75faf734d98bb454567dc7ac2729136d3bea3dd0ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:17:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
29243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13609
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 11:17:29 GMT
embed.js
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame CD59 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67660c72f074afc0e674822efc3f9589c3e857a2af72f68ed28d86274f489d20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
184998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8078
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 00:19:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 16:01:34 GMT
truncated
/ Frame CD59 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
gjcUjajsIbLge3kHYD7oricLH2AedZbPLBFgJ_t6kCCGHom9PVb8JgjoAoQLvxefJC7DT1mIN1k=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame CD59 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/gjcUjajsIbLge3kHYD7oricLH2AedZbPLBFgJ_t6kCCGHom9PVb8JgjoAoQLvxefJC7DT1mIN1k=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
87048f9461aef0f1c56877773d259fb0069cf25d82f6c4ce053b957e59fc7b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3492
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 02 Jun 2022 19:29:17 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/VWAvh6L6nW4/ Frame CD59 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/VWAvh6L6nW4/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91ea972878d617fb612fbcf7cce791bf7235f8cab75397dd6efe5c5200794d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83294
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 03 Jun 2022 19:29:52 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=146698685967099&ev=PageView&dl=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1654284292951&sw=1600&sh=1200&v=2.9.61&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1654284292950.365209631&it=1654284292662&coo=false&exp=p0&rqm=GET
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 03 Jun 2022 19:24:52 GMT
show_pla
flint.defybrick.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=14051028256629865676105148759610938750982106512587819150708194550609&nc=0&tsf=0&tsfmi=&pv=0&cb=1654284293022&ref=https%3A%2F%2Ft.co%2F&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3860155981&at=&bid=e30%3D&di=W1siZWYiLDgzNjddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyKVwi%0D%0ALFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJv%0D%0AbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixc%0D%0AImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NixcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQg%0D%0Ad2ViZ2xcIixcInNlZlwiOjEwNTE2OTQwODksXCJzZWNcIjpcIlwifSJdLFstMSwiLSJdLFstMiwi%0D%0ANixlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJd0lTU0VF%0D%0AQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0zLCJbXCJp%0D%0AbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwi%0D%0ALFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndc%0D%0AIjpbXCIwXCIsXCJjaHJvbWVcIixcInNldE5wdFRlY2hBZGJsb2NrZXJDb29raWVcIixcInNjcmlw%0D%0AdFwiLFwiaXNBZGJsb2NrZXJFbmFibGVkXCIsXCJnZXRDb29raWVWYWx1ZVwiLFwiV2ViQ29tcG9u%0D%0AZW50c1wiLFwiaGVhZFwiLFwiZGF0YUxheWVyXCIsXCJnb29nbGV0YWdcIixcImRmcEFkU2xvdHNP%0D%0AYmplY3RcIixcImRmcEFkU2xvdHNcIixcInN0YXRpY0FkU2xvdHNcIixcImZiQXN5bmNJbml0XCIs%0D%0AXCJsaW5rXCIsXCJyZWxMaXN0XCIsXCJpMThuXCIsXCJzaG93UGlhbm9Mb2dpblwiLFwicGlhbm9M%0D%0Ab2dvdXRcIixcInRvZ2dsZUZpZWxkc1wiLFwianNfdGFnc1wiLFwidGVtcGxhdGVcIixcImNhdGVn%0D%0Ab3J5TmFtZVwiLFwiY3N0QXJjaGl2ZVwiLFwicGF0aG5hbWVcIixcInRwXCIsXCJmaXhMZWFkTWFy%0D%0AZ2luXCIsXCJGQlwiLFwid2VicGFja0NodW5rYnJpZ2h0c3BvdF90aGVtZV9jb3JlXCIsXCJyZWdl%0D%0AbmVyYXRvclJ1bnRpbWVcIixcInVuZm9jdXNcIixcImdvb2dsZV90YWdfbWFuYWdlclwiLFwiZ29v%0D%0AZ19wdnNpZFwiLFwiZ2dlYWNcIixcImdvb2dsZV90YWdfZGF0YVwiLFwiZ29vZ2xlX2pzX3JlcG9y%0D%0AdGluZ19xdWV1ZVwiLFwiaHRsYmlkTG9hZGVkXCIsXCJwYmpzQ2h1bmtcIixcInBianNcIixcIl9w%0D%0AYmpzR2xvYmFsc1wiLFwiX19jb3JlLWpzX3NoYXJlZF9fXCIsXCJIVExCSURMb2FkZXJcIixcImFw%0D%0Ac3RhZ1wiLFwiaHRsYmlkXCIsXCJodGxiaWRTdGFydGVkXCIsXCJHb29nbGVBbmFseXRpY3NPYmpl%0D%0AY3RcIixcImdhXCIsXCJmYnFcIixcIl9mYnFcIixcIk9CUlwiXSxcIm5cIjpbXSxcImRcIjpbXX0i%0D%0AXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIs%0D%0AXCJtXCI6W1wib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0%0D%0AaW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0s%0D%0AWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjAwODA5NzE2NTk5MTkwMjgzNH0iXSxbLTE1LCItIl0s%0D%0AWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAs%0D%0AMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCww%0D%0ALDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIyMTI2NjEwODY1LjE2NTQyODQyOTMiXSxbLTIxLCIx%0D%0AM3hNekwzOSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1%0D%0ALCItIl0sWy0yNiwie1widGpoc1wiOjMzMTAwMDAwLFwidWpoc1wiOjI2MDAwMDAwLFwiamhzbFwi%0D%0AOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS41LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMi%0D%0AXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJd%0D%0ALFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMiJdLFstMzMsIi0iXSxbLTM0%0D%0ALCItIl0sWy0zNSwiWzE2NTQyODQyOTMwMTQsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJd%0D%0ALFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsNDg4LDAsMiwwLDc5LDM0LDY3MSwx%0D%0AMzgsMCwxNDEzLjksMTQxMy45LDE5ODQsMTk4NSJdLFstMzksIltcIjIwMDMwMTA3XCIsMCxcIkdl%0D%0AY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVs%0D%0AbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAw%0D%0AMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00Niwi%0D%0AMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFst%0D%0ANDksIi0iXSxbImJuY2giLDQ0XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A3475%2C%22w%22%3A1600%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=PyNIomJFB8&sdd=%7B%7D&pto=1993
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a76db64f035b32e2cf5d52cf41682598a5b72167ea03b1ae3e383f28f10bdc03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
1740
expires
Fri, 01 Jan 1990 00:00:00 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		593 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=FV0czWAOfe
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
314b2f064382d3b7bd462422e23143312d4de2c23047b8647c619d22abdd23db
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Chx1xcreKXa
pragma
no-cache
wn
prod-dash-10-0-119-153
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
server-time
0.003
cf-ray
715acfbfdacc01f4-ZRH
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame FE94 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb171a085a05c6747e17d0b7fcfa03915a10cd2d2bbb5b874b7d172d5a871cf0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=10800
cf-cache-status
MISS
cf-ray
715acfbfae5201e3-ZRH
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 03 Jun 2022 19:24:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 03 Jun 2022 22:24:53 GMT
last-modified
Fri, 03 Jun 2022 19:24:53 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.007
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-113-51
x-forwarded-https
on
x-request-id
Chx1xcr1Feb
x-xss-protection
0
dj
ads.undertone.com/ Frame 7611 		0
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.undertone.com/dj?&pid=348&domain=suntimes.com&tagid=628&fb=1&cb=94394651226&t=1654284293.058&fv=0&x=800&y=472&sw=1600&sh=1200&cw=1600&ch=1200&loc=https%3A//chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&fr=1&env=201
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-126.dus51.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://chicago.suntimes.com/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
x-amz-cf-id
Zeui5WipUNriv5IB6clia9-zAbfDV3Wo5xJHvCjJct_2Oj8iC6_vrA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cx.js
cdn.cxense.com/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e882f21f00443d4bd815464bda4aab82c1b0280a8fede958d7e429a5d29cd46f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 May 2022 11:21:30 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26209
Expires
Fri, 03 Jun 2022 20:24:53 GMT
517.json
id5-sync.com/g/v2/ 		213 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/517.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
91223074ba67e23b77c3e8cdcb260e79604b8da81efe87b946ceefbd70ae062c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://chicago.suntimes.com
date
Fri, 03 Jun 2022 19:24:52 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CD59 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 19:24:53 GMT
generate_204
www.youtube.com/ Frame CD59 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?bm3bqA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sp1.html
cdn.cxense.com/ Frame 50C6 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Fri, 03 Jun 2022 19:24:53 GMT
Expires
Mon, 13 Jun 2022 19:24:53 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
cast_sender.js
www.gstatic.com/eureka/clank/102/ Frame CD59 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/102/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 08:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15092
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 15:13:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 04 Jun 2022 08:26:38 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1654284293217&sessionId=354c325e-3f0d-8068-dc9f-d56cc0c7ae92&url=chicago.suntimes.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
25398eef9da2e742f436b3c83980a0bc
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&idx=0&rand=18553&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&adblck=false&abwl=false&clid=354c325e-3f0d-8068-dc9f-d56cc0c7ae92&fdu=chicago.suntimes.com&px=0&py=3585&vpd=2385&cw=1600&activeTab=true&darkMode=false&settings=true&recs=true&version=2000749&sig=13xMzL39&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ref=https%3A%2F%2Ft.co%2F&ogn=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30f12f62fe70425fa8fa79999cdc2268a6951ecbb2fa4c2cc8654a56fc376d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1654284293.368637,VS0,VE227
accept-ranges
bytes
x-served-by
cache-lga21952-LGA, cache-fra19155-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
12cab310407b8aff058caf8fd87e0605
content-encoding
gzip
content-length
13766
expires
Thu, 01 Jan 1970 00:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		2 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654284293.372678,VS0,VE0
x-served-by
cache-hhn4054-HHN
x-cache
MISS
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
css2
fonts.googleapis.com/ 		2 KB
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 18:15:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Jun 2022 19:24:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Jun 2022 19:24:53 GMT
container.html
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5805 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:52 GMT
expires
Sat, 03 Jun 2023 19:24:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A6E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:52 GMT
expires
Sat, 03 Jun 2023 19:24:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
player.js
p.channelexco.com/player/ 		18 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.25&p=1990454619&cb=b094f9c8-ec05-445e-85ba-3d57b2863599&d=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&schain=1.0,1!playbuzz.com,0010J00001r9agUQAQ,1,,,&w=780&h=439&asr=1&impDetail=1&auction=1&auctionFast=5&sid=&sid2=default&sid3=main
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.62.117.246 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
3af0b27778eee4121db0756d42ec29933a83dd2dbb6c45e69e85c18fc4a26c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
no-cache
content-type
application/x-javascript
server
openresty
content-encoding
gzip
vary
Accept-Encoding
expires
Fri, 03 Jun 2022 19:24:52 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CD59 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf6b3f78216154550a2995a9c68dd0411ed2e3c1d70980bfbbed6186c62e985e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 03 Jun 2022 19:24:53 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame FE94 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
1836
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-126-202
last-modified
Mon, 30 May 2022 01:55:30 GMT
server
cloudflare
etag
W/"33843-1653875730000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
715acfc1c8b72355-ZRH
expires
Fri, 03 Jun 2022 21:24:53 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame FE94 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3181804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUsHO4cGs3naSU8DNNPAiAq9OXeMNa4UfQRG73x0f1pIY2k9OhYDj5W4SvqBl7Heqq%2BrUWSGrZo8XIPn9XmW7t1Og1KoI9fBG86K%2BbzozzHOEsb4UuAOwh0TDIwHgnubPfyzZMblROekM3%2B9zPL7B0Qx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1cbf90200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame FE94 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
774751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtzCIElo27%2FXmXNUzN5Nb4of8p7sbBgCjo58iLWT5W8JU1dORDHm%2BNmrBtkrlE%2FFxgt82CXY0reeigzY3xw4tVktt6g235WvOeCpXerz0hDSn3QQmCDMCVFc%2BW%2FBFgSMZqzgbPwo1pc%2FMBPsL9dwaUFl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1cbfc0200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame FE94 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
164208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nR5HUHnFWHWHDVvVE82RZEuECw5t5aDQrqGhDzunsiVMviGgpaPJDlEN3Enog9nPiU7RzIYFhGNCo9l46ZN6thiyrdwumwzxPOOPKJcy5CzipUIa5iWpurKSGcn%2FSND6GXuB32ugDUx1FLMPIVAFed2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1cbfd0200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
angular-animate.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.2.22/ Frame FE94 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.2.22/angular-animate.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 06:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4430
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Jun 2023 06:39:33 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame FE94 		825 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
866340
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj%2BFwf2YyKIioBsjgTeVHwBafvuaeMtwGCMNSc7IemCcilqAHTsISBehOybovySeLHwjZtKvt4MoAmLXULdTd%2BeLFLajiy5SRicnAwZTygjWx7UWtRBnU0KJzYWamHKZPQQhZaeSf8mof3TsVd0EqqgA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1cbfe0200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame FE94 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3183288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV%2BMay3%2Ff7Lk%2Bk2zZc5joPlBg477BJI3d95Mm28EB8Ik2szgWOGPdMG3kobbiQ7X0L%2B6GWAoA4NK8htklgnoNq38rfjJzKVSRWZXqecioXDyOAdOiOFPtNq908MM4QO4Whj6fvXx1sg%2BoQMsGNGLqZuA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1cc020200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame FE94 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3573258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYqIC2ccO%2BcoUgy3UlmFi2NFuU8deGMeysRB1qWotYeWoMnDXT5V2wjfK2O3TK%2BUsvWphVRBUSip5lk655gNp7fcHOzh49FzI1y7HLHenmL%2Bv7l0cyEepugHxWKWspRez8JZiP%2Bq%2BTfhs5cvP9C8b%2FV3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1cbff0200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame FE94 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
786704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFpUJErQGb573ILA2nLDcBQo9Zz5qw1cJLW6oAFSRxTpeZ%2FatErupow6mpxRz6NUhB4g5xeI6Eqq05qY4CPt8Alyp71v8JBFTmJ0IUeZE4CN8T3Pk%2Bh8CNIV61qqgtOKUMvBLBAHQ%2FVCMmMmzanQ1iL2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1dc1c0200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame FE94 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3814924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCkxvz%2FxnDbAT0JgzwKPWbSc0xs096X1e3vQkTel%2FEJc%2BZ2wFgTKOhtDkckfkrzz%2FgoD8I%2FBkbnYscs93hUSLgAcLCgkf5%2B2onqVV0AOtPMg4tAUjfpNkR0Z%2Fh03tqhg3iSiBHwvIZXEO%2BL2Tk2R8ek2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1cc010200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame FE94 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js?v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3573600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcYx0Y8NduvKTcH7bq86J5tE0CoSs%2B0j8wO4MCpz5732%2Fz0gZwkseQ%2B7%2FUW07se7h66uKF3qzFKXYAKuAx1a0Nrj2cN%2BBb9aCjJNkUNgWoCVAdC1mdSsyRTaPxKzZoPJ7hYCEqX1HhxRRIZzUCO%2Be7LV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
715acfc1cc000200-ZRH
expires
Wed, 24 May 2023 19:24:53 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame FE94 		258 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=14.171.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e754928dc6f4ca067a0e625829e9c8c5edcab3a782fa6fcb4bc77952bba2187
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1802
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-119-245
last-modified
Mon, 30 May 2022 01:55:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=602998
x-optimized-by
_sam
cf-ray
715acfc1c8b82355-ZRH
expires
Fri, 10 Jun 2022 18:54:51 GMT
cx.js
cdn.cxense.com/ Frame 50C6 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e882f21f00443d4bd815464bda4aab82c1b0280a8fede958d7e429a5d29cd46f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 May 2022 11:21:30 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26209
Expires
Fri, 03 Jun 2022 20:24:53 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 98E1 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwq6CvQEwAQ&v=APEucNWMBN7UqSQ8CypvOQp7WaK_pxIcoAj6_CpgnVolOFWxwc6pycoBZXor1Ova94Ph0EHxsY_d2oLokMkvnSB5Adw-q8OHTWWtZ3jg4ilE6S7xcbZs_yhROxBBq26r4dmxLnP9ZF8vzpHdGiTb8P3uoAlsCRBvqq4MjSAz8fPKgwKcaUcncoY
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5805 		14 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMAvKi62D-gNAb4CM_0GCg3Tv-frxBdsobncOmYRzVvpi-oa-EJmTN2ZaPsoRDZOgQvuFZrb6QDB5YyofWvCw8whi2myNfczry_VtMGmOCxdJyiLzF7VTw3KHXkaSJZ7ids-ngDThkfK5uZjlCIRAEO441nQ&cry=1&dbm_d=AKAmf-DyRYvGymjUVZS07uaRV0wduXoTgB2sIBEg-Nf4pB5iyrl5k3MfeExY0WCSZCxJxpW18XGXBHzJ9bTMKyxRPpSbPqRdMrxhMHT3AuhmN7LhN2KgTJ5btZNFuPGIyEhugo85d4EfHuRaGr4DvnpWmn0q9WxWEeQd5WZH5G7PAVVff2rqeBejZt42A_2rSWqERjL8cpRTFsSRsiT4bKY01QbeV4QvaW5hfvrwLqII8SWDH-geeN62cXqAxk0LTpTZHxBNL5pda4IPp57jlTmn-sw9aJxX4Pr8kxVH_7q8WSS7K4kEjpQTbgzwCE5s9YhPU5B_c1ieY-nBL6612BXXR-ebVKjBrQpJ8WssSK4-zGU_FS2XggOWGKwBcOgqewtiqTys1WdsnxsckLcmjUciIpXis5sUQEPIUxO8zNrXMaL1H1qSokSI35THaq6kucpdteBdHew6HCwzneEqxlPmSDmTp8QxWiTro_w5NO5MACj9IGRym7TeTW-QxBVFX8_WrTKSjlhEshfzFcSi8lwiHw1tduZcXE3XZ-T0JnjekpPQzDDJwjwpAUGCupugZDfHQfMPRGEixsr99EtLZKaqPKVCLx08gvPMfMzR9uBe_ealBsYgiEYjLNjiwzMskpHlXtW_v3pScO2N4boP5GuqJa7DG0s3V5xSqIyR_tBghql7uqjlDyRKwcTfZWAff5c46xefVM-V4MuNgfeLc9ltfIRWi16KeE01Wx5GYUXe1mIqAR8Q0ESJSomSPVjmk2zpZ0A8R_rgVkIrPofWEuhHrCcSotKysQF4yG_5LPqaDv9QlXRjN0u8tI2RtvctkOGAa7foheYtsAFvmrY2n3MtkXyTotE_16vngo42xn8n-eyfezxym-WmPyhobLUmu6K9rilwSCFVp4EXStn9XLEw7CuuNk3mOBREK5x0uJDCT6D2lH9JSNUM1gHTWNxk98uhAtnI2tMIMQTxq9MWQ6kiTkf38qY7r0C6U4jp4r0Nvgmq6KRBKDjAs82uUAucL-NLJTe5bz-fwYGNC4WorcaBmkwK1_Gw4z23oL3x5Ov6fAQjUlanfRL_GkzPtLEtcLjOvCqCcO6Sh4-AA5UYF835B0R6havqqZNdeaurDMDedcI4hkncjnaLkGI1XpUUZsUJBwqp87FTSSSsELKOniD-CjGwueS2Dyk868dVsPSkwTSdgwfkbtIkoOLx6vJCRcsV7g94PY8_7beLnSKjvZSFCuBzUvC_ltbaPfZz-Q2pxRCjpXD7B7b527vflOuQcuQqwd8-4dJTLKqyJf9mkrOM_JRglRdg33_kW93aRlgrIMhDu8ZqB18W34HqTdo9tGIngjKhLMTbLVLXi40ZdEF2wSlyAvcU4KhkhGEk3P-BP1eeskDJ0kKVe8p-oxGbMdx-StmxeDHY2xSlO7x8CA3i1p0kSjgrJrD3gCJCif2d7C1A2OH6LfrID0pXUeOyurY0GbGRjzEIz7eKRUB7m8U7pm75CvYx5YyhtwRCM3MxaxtYhpxlY1RCbcvqONQO6Q5Xwi-Cg3U-mIMWpOy4B2f32dmRmn7_YmapDnDQqYJ08uTvQ8Kg2sdPkegg5cMvXpEJ0zCpMqMshTtec-vt4YY3F1dl6HA6ANeDQYBf3CeaAk2YHdjvu5oD-5IahK598xEXTBp5uM6HWbpexxWDnvod7W0K4v31XsgZjQppx3KDflQ64l-RZ7dX1FasyfXWfUzTjvY3zYubVzJUy6UQFcujp6smyoquH9uE5mOZ8Oq7vKrkN_g6w-Ko1cINpq0aofHmtrESuce4JYVGz1tBT53LzKQGgueffeZ7Kmh7DYsBYGKUAWPaPnI8eFfYgzq0qnCoA-CcZuYQcvTfML-4glR68xJFvXizbg1ojnhx-f2IxfEOcya8S_yUqC4dNtM2VDBdCg0i_Iz95G_eDyXD-dG0RyqGaQCa4RvuIW1lXHOd8ar9fX7qN1tdP-SaEef2gKBW7W3PbSMAGhM_TkOVgjc4r4nfufOtUBt11YcrCqgGF_6CgLlN1yOEd-x5cdVYtf_3JJpzIfsl-tiqzW-vS_5RpqLMNN0iYbwl0savqlz9ftKpH9hI6d4-z68h81SbTR3_eh2nUl3Jv6Dq2_49FMIAefRrsqTRUe1bhaxUjJPoBt4v98Yj1Fj39YpiDNDNO4ZXtSOr2aOYh8wx7CfxxwayGbx-PqtpmOY8fYaEVgCqJC3wE3M8LOu-SvxpKshlMw2sR2sxOT_n3OVnhAzyOjTu-uMe30xKpxKT2-XVwcbN4iNQm6WlMG802C3nw9Q9FQmFxWmOm6XlIKFSYTjUxOWcohaGljKOQbD-H5eJarMKjy2GniqW3ZXdIPO3vyEFLyG6jJ-8rQtO8g63pZriNo0LIYTegTlRQvGYI8fX-8zYJsPk_UUhrI7skofLmjmD-xAQTSUBBPu6108pOleaQF1Y_9-oMyzaJXTAs1ojXxF-U8Uhkgh3QUfrWnepG2EaGa8IPihAPQw_mwaPC358mf5c8HsgRbz5qbB49zVSoXDiunynEGGsuoTS_Ey5bGMC5twnfWLTin3T_TKorkY7XqisA4iZwoLiYlPHHEww_-GJUUL7ZQ_5w8IXlkzMFwjQPl325gdGexqkLv9CLewhbjbWMHygrLNShquX1KVmpV7azYLKufweQgirb7gig6MreDbP3_3n9HE1VVnKumpYvudF_0nTFL_A9BE4JERR3A6D-vVwfaaRSNga_41eIQEixeYkMEEhD10P7axp0p2bf-Kco6TFrgX7bBkXwtCPwf09x3scVGm2Q0UmwVGrVY0UM-UZyuNCbM9GtVEbfWAK9OSUPWQpMR3liE9eMsuCC7_b2P0AUk081FHtvgH2LiPZPkg7gDGRprtcHr16VDeDFCvZS46wOPySyAOvguRLU4JHokt4nW-1I11K3GngI2dmbKYeHgli0OowwxCZ6LEFpO3Fgj5b4Ul8TOK5fTlOWVVKKZGxTyfLFRQZkblqOS_v8JVhvchpnBlbJ2J0T6Bc3g1P_QNjy8BG5k-KX3jwcyJfrnwDKxLbK9fCnGGgT8Y39bnbmL85g_7iHee5F1wrohjCmPccRSgFAeIv8yKX1ERjIyzPfIaXYlku66wieXLv1b9JZFsDyiFF6YsHcMdDL4VTP6ZyshkAZWApmCxMmDwNsxdRmTdjA7e7bTqw2jIveUBzaDu17MeYV7wataJ0OEBqcuZh3lB0HIcZ3imZEylRlBjbI4IQwUzd4UY4im706A9SsSjh_2q_QgQnKs15YWRUbWO7ZEFiGpJdrP6lD8f7y5LfNyevmr7lldrm4dVrArVITO1-J_pJNMIXVtJY4Y1qi_fDNvL2amFhnBxIfSZDcNMS9C52SgW9U-ymz8Sc_HigG6rDZciuL3Gdx5-ifoZ3SNuTvn1n5j3riqckhVtYgHRGcxca8IsAvAVpvBmFkI6LYr74vhyVwBDVUM5452qnqmSFrGdLuQ5vJkjUgcxTYkxbBx58RP0GF6w_c7reDZ4tx28h1rHSHkdptqBSK8yPfGUHzqdRXOL_Ob8zOMjbO8bcex6TGgfueJKKtRRXE88lGucP-dQG&cid=CAASJORoK9S6H7qUnroTkOm2GZtwhBzYOOHwIuNzI2sWHySZb5vRmg&rfl=1%2Chttps%253A%252F%252Fchicago.suntimes.com%252F%240
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1042fd56a61a8c34571740f697f388a5a5a4d207c137b35d920518b38037d2cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10773
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5805 		42 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7rwoG9O_uStdYDv_EFqlysAcgenMJTKAh70n69GDtAvYHthFxTdww0KPDKVbsFiC6rfoRvZcOGUyGl829AX53fuTPLGpoJcrnLsKYAfQzOLmj4Ic
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 5805 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4172163&sid=18330&dvregion=0&unit=970x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gKvwiqQVP7GvQMAJRGVYNr&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15173805049&DVP_DBM_4=396400450&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=103855315983&turl=https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&DVP_PP_BUNDLE_ID=
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ad16e8f45ea7d29516298e028b7c0ddc073895c9299ac0e29aa6c1ccc9a44a2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Jun 2022 11:48:22 GMT
Server
Microsoft-IIS/10.0
ETag
"2c87fb7ead75d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
dvtp_src.js
cdn.doubleverify.com/ Frame 5805 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gKvwiqQVP7GvQMAJRGVYNr&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15173805049&DVP_DBM_4=396400450&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=103855315983&turl=https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&DVP_PP_BUNDLE_ID=
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
845057b62bb7cf71afae6ccd8220f98a0ae0f98fcaba1fe4ff192194442ebdf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 May 2022 15:08:05 GMT
Server
Microsoft-IIS/10.0
ETag
"80f8893a075d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 5805 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 19:22:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5805 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 19:24:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 5805 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 19:22:52 GMT
l
www.google.com/ads/measurement/ Frame 5805 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-KXFAxAD2fCivwjvGISl0LDg0d8WsGOztLakLdyQJgjE5o6SQSbHZM-ycimrWeGj-oLyPSp2VxObgeTw46yH7ky-01A
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6F6A 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiw38zLATAB&v=APEucNVrr__wCWuXnyw9KxILBjj3PAOdu2xuyopYFm2U3Iw4B4ErwOAiVFU02jxm2bxGI17wd7w4CH71_gW8jHy1CqEPg-tmljQ3VhTQTQcCAay1ubKAjZreTL7wx_ukFHdRdg-_jx0A5lF1UiqHeFHDHTAmnWFnXlPz4nnSMbBjIwiTiH14wiA
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A6E8 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2WGWiRvr8PewmeCiXJDbbDwdQ0vk7mD1HASTGUdnDy0L53TUfw1o-DVKBtDlfl4OWJtZVhG3P1I4t8yh4-lIWjP6TW_fAEWPlHX8QcXXvzv61rtXOT-irTU6t_QKXjYfhMPhbdesKU0lNbQmGRAQZQhBxWA&dbm_d=AKAmf-AtZI7_w_F6vTBZ2jwLwLR1_2S_nKWjFizepX22-hrRXBhvwXyy56axv5SKIRVJDt3Fex_6fjqXdllKEBjOOyBW4H2_U_bI18CQ0Jxu9eoyDz71TO_HFvbim0wbGl3fMIGyUCtEU2_-c1GSASZVkuCoEXg4hgEYNJzblGN4kCMw6VzCh382-H4uIkpW47AmRSE62T3v-CBifeO0WTQtuoJMn6g7xZYKHC0x9t-pOoFUjYA_O2dKEPWlwvSu4NILbdWecyuRu6RVEo1L1BXgtCggb7Oa3g443ygn2tcyBLiTvNeERNqfCUi3Yf9_7uu_Dff259Nc5gdoRDgOBzrlLCkb5HVdqvUiS2wGmH57Ke4e0Y9a6J9STU9T5t6i1nJBTP8l8pUPoLTsjYM_CjvVrb643xIg3PuMewASBsJ-TVExc9iPC1WduySyTVf6RoaF23mAKzt2W9Txpu-Ps6oWGOSZalLJafiFbFHlkNtonIDKz2Uw-wWghBWz8mEgMsZesmdMiHPiCUlR9MFGZUwNyNyE1rGg5T_MlILQjt6kWlwhENCUeCCesMRw2Qq_hVNMHyR2UpWmXIYK4fdmh0hP3ThzUcpZde51rOvEw9y1lvMvHG94VHq1XYiLt4pJDUQpmutQDUj15RdaIKF-HViqBIucFgYeyJM0V3e04LyH_21-man8vvS4vBT8nzw3-q6Q-myd6ZopW42DAJziwcz9y5l7kWQ_w-u0sFmrwFB0xd9u2ZNUfa23gzbjad5f5eYzoH32kEY8nmYURK5B-Q7HR0NkQUrEoVfh8auFtVe4NtutpmvlL6rNOhX7JZ1xc9UeYpxB6Tikl03FDc6g-T20tbZWM28mY9rW_36Zuzf8blXodkdwtihlRaZjfER4HolnD_QYZWoSeGDzBH3ian5DV3fITQzxnzenDbF3k3jDwDIT1oxKG0vJGbPGqSBnxJoLQ4I_JQ8E_v6v3d7-RqyBS-UpJplH0pTlYNUXwmYMGzGf7HoVZgDdZK14Mo7MWEWRKMKOdS3HH2jKEBPmhSv6MMkYV-889mRwo7uQGpbDQKINceb7YVPNA_Y5blW_SAL4iXftgl1KgoFHiX9zv9Kjq5U8M0ivUcUNNc8JXh4qbCZg5JdRONw9za078v7ByK8Wjv4Z4SwTjVbr0Rf7Sx_KoQ2-6RI4Rpe7mBlUQm9-jlqDPkFGCWUR86_3PbnHy-9-bzB8jJK8AcICOL9isOYM1nmL241AmELk7hxU3M-68RLPob0vzv6QAOrz06KCoQEwJgpMBmIISKMiQJinaMTXwLjtjlUVAxsoB_I_PerukBNp07TfHjXMJ3F86Uh9zQrqXPA1nvsJ194MXnBlvR_Qi-xOMfV_0WehUFS7BtDCZvLyxchtFs3ctiJK44MG3cu0hHCbmp3_RT82gD8zgRKEB6kQrlgovv6yWguadhv24cWkmKdw8iTi-UCUwD8veIP6rKZ_oDB85iNjEr6LygneRiB3UKg0troQOoJOIY5cvuJOe2hzIjNHUG7w8L9QrTQzm5g3yRCEDrgU4Mynw3wFn50YdF6c4SC78EO2XxH2VSAqGTVzU2jSWdSvym_tJ10_ACZkHKcfnIvaC45Rz4hq5hMFryVpx40BGqej0gSNb8LtBCTPN9cD0knEsBAikqF3pyg868c1uGzT_AT7QksRb8wIW2g_ht1OYtjSvyxYJR62g355sip-vnvIDLbjWqXqd0b1X428DPnVs3FUiUYcqMzQLFkoO8pB5ed6dQh3WBZcya3v7maOzwgIY7Qd9t8NC3Dfv7-waD-qQYLb1ufm7vgY-pb6z72kHeOKz_YR8WEjDJDaqrneBA5INVYN2lPAPfktUSxAgthd9g7G5pr1949YmjqEBh1a17S_OUvrP1FI_VlvficFcaVCytCSxR9QJuK8RRo-seNQDoXMAxE2MZ6xH2T4LcDq4ynFTUeWFY1JwWGa4w5MYQCHt2kRkYs2aEzm-2ROEMvxSz_S_wOUha7CeJ_3g4frVTB_v_2RtZhmOyGlTSkWAliHOLoAbxBTD_b4KCHWMLu2vUf5qTtdLZOJDx5mA1Wqv5X4Zs_ehZeDb-8MNk2ugIcrAi0ZO55WSb5RUAmRGAtjZq38nFSIYKBJuwBq9VIL440tg4WOzgWq6jWsf5iUAWpo1RhNnSZSPytHliz3xu0Z15mV1WKcHqXVYeDR08L5MFz-3AToKDPCcbVbMoSu9j2uXJed8asBlEUktLql9uduv3acDhjV6Y12-XDuoRGlErcLA9ZgBm5AsjJmGAKsS747C7bx3OFYjEUtAdaktPvXnsfVrbgZAWdowvcpkZy8DZwliBcQLy410dBk11QnI51hAJQio1tvPWaVayhCTA2qrO4eErxSeRCjfh_1B7VGXR_nolbIjuDULL3nPeBifRdLZ2IDZRYuou_ZIbHWO4ct4otqNRuUXQSSaelBXWgEYqsbemf00PS2AJWM7sTsnHb0tP1-I2ZeSJLISA0T-XYOGLOw1Yg7WgJc9h5xhEq6Le0EKHfhuL639Ndq1vRUGGRRJUzAXCTAdQyBIlMRyyO1nBpU7PZCMsRDMTNy3n4HNaFY6N8Kca_GqhOGz0z9oul-qnnjwko8OtmnJWMVjFbptBrGXjFm_EZEbb_-BQgwF0sQrS4uGNncivayeHKyR8uy-ppk-EY-gXlHIP-tVJJH3OkUWdoX-0fbPJMYqtqvD0Ii8oAz6nBhjpxTlX4708ZMHcT6JEkxss1LDTGfD1yhYL43L8MnBq0JCZMQBKvq17sC2ixO25lAQpqfAdPA9tCLcgpK9H_GlbOJj0NfX2rVGkPyHxUQAAts8Etvk5xWUoH0ID_m20QowTryxawOyWpJlZwZ0z_R5OpIZ3rMNxk9AszdIMF1YIEVdC8sEZY95-yqTIc6G2Dubn6IB-L5E50as88BXsnFp2VEqJZ5g4y29fZuqs0FHwp6NC9gclJUqOpUlhOn9tzPO0hqwNWBSArLgLVefTwIoN5XFT98KLdaLql5a-gl3un0yBTD6129TYvrKTI8iNAcvYLMQmKzlGnBvGwUNm4BNC1xsl6bBCggK7NGeWZUAD9KPxiwVxfFfmhRMsks2WDDP3nsYe-TlExcpR-fugSXGbquig18ATFmj8lLeEpuazovydWw3h9TYc-zBUtWXV7uO4swj4uhnAGDCqpaffwxwnoPKMtEH4xDnHU-lrBP8b95SCVBQ7EknKfEjbfwPrtlOmYKTGcN-kcu5ubE_l-FUK3abCwbZ2acHdNvSnZi-fFLead7VX8wmJTMsk51KetsqgsvZ-OOJjyO6MD6pi4UKz5bFMq7-C5GQNOusKHqOdlmhDa41yIiwPbnMLnLYdFDSCMgu7Y0z25c_1HhbveRSBXtFDGwTJVZ7S99d5Cs9pJBbIrcTOyiwBcdKS4qo46wNbrjzM0IZeJvaqZV6SjuvW5Fr3RmQQXxDQz74HlYnNtgh_aIhlEUwnEC6Yfw6oXwIjsulEs&cid=CAASJORokl9Dkig13nmJVLoH4T28QvmL5KcO777loTySF5iuM_BVNg&rfl=1%2Chttps%253A%252F%252Fchicago.suntimes.com%252F%240
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8e6303b464b7e1cf6319a232802d194c75649f9ecfaff1c1575d4066556c1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34156
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A6E8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsoXhDTlb34GjRCargKCu-d8a72qgkvaBnvzcG6db5n4KKcSehrSl7PZ1vIK1jn9M1-QXLAagozC4XcVN5alqL8DPGoUdhvnQm4lBzWfMdmF4en80
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame A6E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 19:22:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A6E8 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 19:24:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame A6E8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 19:22:52 GMT
l
www.google.com/ads/measurement/ Frame A6E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2lXN8t4Fqt8O2RCi3xHt7kMrvE3FAfQoz9PuA4GlltWusz0qHVVTpmOu3F0TSx93ZuxZYZXU4RQTIW4biCYN91Z0BRw
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
p1.js
p1cluster.cxense.com/ Frame 50C6 		46 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4494a1c3e8ca5be658640a5b292dd6f8753418a507088ff30cbbbec87dbdbfd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
last-modified
Fri, 03 Dec 2021 19:24:53 GMT
server
Jetty(9.4.28.v20200408)
etag
1l4hs7irn8ldy3wglplw6tp3e
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
private, proxy-revalidate
content-type
text/javascript;charset=utf-8
content-length
46
expires
Sat, 03 Jun 2023 19:24:53 GMT
rum
dsum-sec.casalemedia.com/ Frame 98E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYToMybs_gPIzgFiNhtDS0&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYToMybs_gPIzgFiNhtDS0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwq6CvQEwAQ&v=APEucNWMBN7UqSQ8CypvOQp7WaK_pxIcoAj6_CpgnVolOFWxwc6pycoBZXor1Ova94Ph0EHxsY_d2oLokMkvnSB5Adw-q8OHTWWtZ3jg4ilE6S7xcbZs_yhROxBBq26r4dmxLnP9ZF8vzpHdGiTb8P3uoAlsCRBvqq4MjSAz8fPKgwKcaUcncoY
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 03 Jun 2022 19:24:53 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYToMybs_gPIzgFiNhtDS0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 98E1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YppgBUxFpFt72wB.rHNCygAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYToMybs_gPIzgFiNhtDS0&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYToMybs_gPIzgFiNhtDS0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwq6CvQEwAQ&v=APEucNWMBN7UqSQ8CypvOQp7WaK_pxIcoAj6_CpgnVolOFWxwc6pycoBZXor1Ova94Ph0EHxsY_d2oLokMkvnSB5Adw-q8OHTWWtZ3jg4ilE6S7xcbZs_yhROxBBq26r4dmxLnP9ZF8vzpHdGiTb8P3uoAlsCRBvqq4MjSAz8fPKgwKcaUcncoY
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 03 Jun 2022 19:24:53 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYToMybs_gPIzgFiNhtDS0&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 98E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPxkX0lJQrcHGLsksA3sgo8&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxkX0lJQrcHGLsksA3sgo8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwq6CvQEwAQ&v=APEucNWMBN7UqSQ8CypvOQp7WaK_pxIcoAj6_CpgnVolOFWxwc6pycoBZXor1Ova94Ph0EHxsY_d2oLokMkvnSB5Adw-q8OHTWWtZ3jg4ilE6S7xcbZs_yhROxBBq26r4dmxLnP9ZF8vzpHdGiTb8P3uoAlsCRBvqq4MjSAz8fPKgwKcaUcncoY
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fbb3fe9f-cbb7-427d-98a1-8d4c3e493eb3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxkX0lJQrcHGLsksA3sgo8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 98E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzI3NjI3MDI1NDQ1NDk2NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzI3NjI3MDI1NDQ1NDk2NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYwq6CvQEwAQ&v=APEucNWMBN7UqSQ8CypvOQp7WaK_pxIcoAj6_CpgnVolOFWxwc6pycoBZXor1Ova94Ph0EHxsY_d2oLokMkvnSB5Adw-q8OHTWWtZ3jg4ilE6S7xcbZs_yhROxBBq26r4dmxLnP9ZF8vzpHdGiTb8P3uoAlsCRBvqq4MjSAz8fPKgwKcaUcncoY
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
044a5cf1-1493-4e46-b3ca-04ac675fad7d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjEyNzI3NjI3MDI1NDQ1NDk2NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6F6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECOyqtD6C-Zqk5ib2-JPuMg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECOyqtD6C-Zqk5ib2-JPuMg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiw38zLATAB&v=APEucNVrr__wCWuXnyw9KxILBjj3PAOdu2xuyopYFm2U3Iw4B4ErwOAiVFU02jxm2bxGI17wd7w4CH71_gW8jHy1CqEPg-tmljQ3VhTQTQcCAay1ubKAjZreTL7wx_ukFHdRdg-_jx0A5lF1UiqHeFHDHTAmnWFnXlPz4nnSMbBjIwiTiH14wiA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECOyqtD6C-Zqk5ib2-JPuMg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 6F6A 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiw38zLATAB&v=APEucNVrr__wCWuXnyw9KxILBjj3PAOdu2xuyopYFm2U3Iw4B4ErwOAiVFU02jxm2bxGI17wd7w4CH71_gW8jHy1CqEPg-tmljQ3VhTQTQcCAay1ubKAjZreTL7wx_ukFHdRdg-_jx0A5lF1UiqHeFHDHTAmnWFnXlPz4nnSMbBjIwiTiH14wiA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 6F6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEG9kIcjVyizWYpbvxLJhF4s&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEG9kIcjVyizWYpbvxLJhF4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiw38zLATAB&v=APEucNVrr__wCWuXnyw9KxILBjj3PAOdu2xuyopYFm2U3Iw4B4ErwOAiVFU02jxm2bxGI17wd7w4CH71_gW8jHy1CqEPg-tmljQ3VhTQTQcCAay1ubKAjZreTL7wx_ukFHdRdg-_jx0A5lF1UiqHeFHDHTAmnWFnXlPz4nnSMbBjIwiTiH14wiA
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 03 Jun 2022 19:24:53 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEG9kIcjVyizWYpbvxLJhF4s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 6F6A 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiw38zLATAB&v=APEucNVrr__wCWuXnyw9KxILBjj3PAOdu2xuyopYFm2U3Iw4B4ErwOAiVFU02jxm2bxGI17wd7w4CH71_gW8jHy1CqEPg-tmljQ3VhTQTQcCAay1ubKAjZreTL7wx_ukFHdRdg-_jx0A5lF1UiqHeFHDHTAmnWFnXlPz4nnSMbBjIwiTiH14wiA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 03 Jun 2022 19:24:53 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
/
www.facebook.com/tr/ Frame B697 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://chicago.suntimes.com
Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://chicago.suntimes.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:53 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5805 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMAvKi62D-gNAb4CM_0GCg3Tv-frxBdsobncOmYRzVvpi-oa-EJmTN2ZaPsoRDZOgQvuFZrb6QDB5YyofWvCw8whi2myNfczry_VtMGmOCxdJyiLzF7VTw3KHXkaSJZ7ids-ngDThkfK5uZjlCIRAEO441nQ&cry=1&dbm_d=AKAmf-DyRYvGymjUVZS07uaRV0wduXoTgB2sIBEg-Nf4pB5iyrl5k3MfeExY0WCSZCxJxpW18XGXBHzJ9bTMKyxRPpSbPqRdMrxhMHT3AuhmN7LhN2KgTJ5btZNFuPGIyEhugo85d4EfHuRaGr4DvnpWmn0q9WxWEeQd5WZH5G7PAVVff2rqeBejZt42A_2rSWqERjL8cpRTFsSRsiT4bKY01QbeV4QvaW5hfvrwLqII8SWDH-geeN62cXqAxk0LTpTZHxBNL5pda4IPp57jlTmn-sw9aJxX4Pr8kxVH_7q8WSS7K4kEjpQTbgzwCE5s9YhPU5B_c1ieY-nBL6612BXXR-ebVKjBrQpJ8WssSK4-zGU_FS2XggOWGKwBcOgqewtiqTys1WdsnxsckLcmjUciIpXis5sUQEPIUxO8zNrXMaL1H1qSokSI35THaq6kucpdteBdHew6HCwzneEqxlPmSDmTp8QxWiTro_w5NO5MACj9IGRym7TeTW-QxBVFX8_WrTKSjlhEshfzFcSi8lwiHw1tduZcXE3XZ-T0JnjekpPQzDDJwjwpAUGCupugZDfHQfMPRGEixsr99EtLZKaqPKVCLx08gvPMfMzR9uBe_ealBsYgiEYjLNjiwzMskpHlXtW_v3pScO2N4boP5GuqJa7DG0s3V5xSqIyR_tBghql7uqjlDyRKwcTfZWAff5c46xefVM-V4MuNgfeLc9ltfIRWi16KeE01Wx5GYUXe1mIqAR8Q0ESJSomSPVjmk2zpZ0A8R_rgVkIrPofWEuhHrCcSotKysQF4yG_5LPqaDv9QlXRjN0u8tI2RtvctkOGAa7foheYtsAFvmrY2n3MtkXyTotE_16vngo42xn8n-eyfezxym-WmPyhobLUmu6K9rilwSCFVp4EXStn9XLEw7CuuNk3mOBREK5x0uJDCT6D2lH9JSNUM1gHTWNxk98uhAtnI2tMIMQTxq9MWQ6kiTkf38qY7r0C6U4jp4r0Nvgmq6KRBKDjAs82uUAucL-NLJTe5bz-fwYGNC4WorcaBmkwK1_Gw4z23oL3x5Ov6fAQjUlanfRL_GkzPtLEtcLjOvCqCcO6Sh4-AA5UYF835B0R6havqqZNdeaurDMDedcI4hkncjnaLkGI1XpUUZsUJBwqp87FTSSSsELKOniD-CjGwueS2Dyk868dVsPSkwTSdgwfkbtIkoOLx6vJCRcsV7g94PY8_7beLnSKjvZSFCuBzUvC_ltbaPfZz-Q2pxRCjpXD7B7b527vflOuQcuQqwd8-4dJTLKqyJf9mkrOM_JRglRdg33_kW93aRlgrIMhDu8ZqB18W34HqTdo9tGIngjKhLMTbLVLXi40ZdEF2wSlyAvcU4KhkhGEk3P-BP1eeskDJ0kKVe8p-oxGbMdx-StmxeDHY2xSlO7x8CA3i1p0kSjgrJrD3gCJCif2d7C1A2OH6LfrID0pXUeOyurY0GbGRjzEIz7eKRUB7m8U7pm75CvYx5YyhtwRCM3MxaxtYhpxlY1RCbcvqONQO6Q5Xwi-Cg3U-mIMWpOy4B2f32dmRmn7_YmapDnDQqYJ08uTvQ8Kg2sdPkegg5cMvXpEJ0zCpMqMshTtec-vt4YY3F1dl6HA6ANeDQYBf3CeaAk2YHdjvu5oD-5IahK598xEXTBp5uM6HWbpexxWDnvod7W0K4v31XsgZjQppx3KDflQ64l-RZ7dX1FasyfXWfUzTjvY3zYubVzJUy6UQFcujp6smyoquH9uE5mOZ8Oq7vKrkN_g6w-Ko1cINpq0aofHmtrESuce4JYVGz1tBT53LzKQGgueffeZ7Kmh7DYsBYGKUAWPaPnI8eFfYgzq0qnCoA-CcZuYQcvTfML-4glR68xJFvXizbg1ojnhx-f2IxfEOcya8S_yUqC4dNtM2VDBdCg0i_Iz95G_eDyXD-dG0RyqGaQCa4RvuIW1lXHOd8ar9fX7qN1tdP-SaEef2gKBW7W3PbSMAGhM_TkOVgjc4r4nfufOtUBt11YcrCqgGF_6CgLlN1yOEd-x5cdVYtf_3JJpzIfsl-tiqzW-vS_5RpqLMNN0iYbwl0savqlz9ftKpH9hI6d4-z68h81SbTR3_eh2nUl3Jv6Dq2_49FMIAefRrsqTRUe1bhaxUjJPoBt4v98Yj1Fj39YpiDNDNO4ZXtSOr2aOYh8wx7CfxxwayGbx-PqtpmOY8fYaEVgCqJC3wE3M8LOu-SvxpKshlMw2sR2sxOT_n3OVnhAzyOjTu-uMe30xKpxKT2-XVwcbN4iNQm6WlMG802C3nw9Q9FQmFxWmOm6XlIKFSYTjUxOWcohaGljKOQbD-H5eJarMKjy2GniqW3ZXdIPO3vyEFLyG6jJ-8rQtO8g63pZriNo0LIYTegTlRQvGYI8fX-8zYJsPk_UUhrI7skofLmjmD-xAQTSUBBPu6108pOleaQF1Y_9-oMyzaJXTAs1ojXxF-U8Uhkgh3QUfrWnepG2EaGa8IPihAPQw_mwaPC358mf5c8HsgRbz5qbB49zVSoXDiunynEGGsuoTS_Ey5bGMC5twnfWLTin3T_TKorkY7XqisA4iZwoLiYlPHHEww_-GJUUL7ZQ_5w8IXlkzMFwjQPl325gdGexqkLv9CLewhbjbWMHygrLNShquX1KVmpV7azYLKufweQgirb7gig6MreDbP3_3n9HE1VVnKumpYvudF_0nTFL_A9BE4JERR3A6D-vVwfaaRSNga_41eIQEixeYkMEEhD10P7axp0p2bf-Kco6TFrgX7bBkXwtCPwf09x3scVGm2Q0UmwVGrVY0UM-UZyuNCbM9GtVEbfWAK9OSUPWQpMR3liE9eMsuCC7_b2P0AUk081FHtvgH2LiPZPkg7gDGRprtcHr16VDeDFCvZS46wOPySyAOvguRLU4JHokt4nW-1I11K3GngI2dmbKYeHgli0OowwxCZ6LEFpO3Fgj5b4Ul8TOK5fTlOWVVKKZGxTyfLFRQZkblqOS_v8JVhvchpnBlbJ2J0T6Bc3g1P_QNjy8BG5k-KX3jwcyJfrnwDKxLbK9fCnGGgT8Y39bnbmL85g_7iHee5F1wrohjCmPccRSgFAeIv8yKX1ERjIyzPfIaXYlku66wieXLv1b9JZFsDyiFF6YsHcMdDL4VTP6ZyshkAZWApmCxMmDwNsxdRmTdjA7e7bTqw2jIveUBzaDu17MeYV7wataJ0OEBqcuZh3lB0HIcZ3imZEylRlBjbI4IQwUzd4UY4im706A9SsSjh_2q_QgQnKs15YWRUbWO7ZEFiGpJdrP6lD8f7y5LfNyevmr7lldrm4dVrArVITO1-J_pJNMIXVtJY4Y1qi_fDNvL2amFhnBxIfSZDcNMS9C52SgW9U-ymz8Sc_HigG6rDZciuL3Gdx5-ifoZ3SNuTvn1n5j3riqckhVtYgHRGcxca8IsAvAVpvBmFkI6LYr74vhyVwBDVUM5452qnqmSFrGdLuQ5vJkjUgcxTYkxbBx58RP0GF6w_c7reDZ4tx28h1rHSHkdptqBSK8yPfGUHzqdRXOL_Ob8zOMjbO8bcex6TGgfueJKKtRRXE88lGucP-dQG&cid=CAASJORoK9S6H7qUnroTkOm2GZtwhBzYOOHwIuNzI2sWHySZb5vRmg&rfl=1%2Chttps%253A%252F%252Fchicago.suntimes.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 04:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 04:50:03 GMT
dvbs_src_internal104.js
cdn.doubleverify.com/ Frame 5805 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal104.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4172163&sid=18330&dvregion=0&unit=970x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gKvwiqQVP7GvQMAJRGVYNr&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15173805049&DVP_DBM_4=396400450&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=103855315983&turl=https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
143376772b6e7e319663f8e8db84aaa558c77c7e691e0b8bc9e5af8e2f0645e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Jun 2022 11:48:35 GMT
Server
Microsoft-IIS/10.0
ETag
"80ab4686ad75d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18100
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame FE94 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
cf-cache-status
HIT
age
1838
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
wn
prod-dash-10-0-140-144
last-modified
Wed, 01 Jun 2022 13:16:12 GMT
server
cloudflare
etag
W/"2177-1654089372000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
715acfc299db2355-ZRH
expires
Fri, 03 Jun 2022 21:24:53 GMT
l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ Frame FE94 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
server
nginx
etag
"aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39712
l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ Frame FE94 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=FV0czWAOfe&templateId=OTE6OM5RX6AA&templateVariantId=OTV4B3MIQ5I8Q&offerId=fakeOfferId&experienceId=EXE87VS65S81&iframeId=offer_b5c9c2fd231468f9235d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fchicago.suntimes.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
server
nginx
etag
"cea691f813baff9c459e093daf1ff69d154fedc0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37980
truncated
/ Frame 7611 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
465d5c4b344820e1ee61182d05f8194598569f7a4f0656fd5fa065dc824fc770

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A6E8 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
Origin
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 09:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Jun 2022 09:10:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame A6E8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2WGWiRvr8PewmeCiXJDbbDwdQ0vk7mD1HASTGUdnDy0L53TUfw1o-DVKBtDlfl4OWJtZVhG3P1I4t8yh4-lIWjP6TW_fAEWPlHX8QcXXvzv61rtXOT-irTU6t_QKXjYfhMPhbdesKU0lNbQmGRAQZQhBxWA&dbm_d=AKAmf-AtZI7_w_F6vTBZ2jwLwLR1_2S_nKWjFizepX22-hrRXBhvwXyy56axv5SKIRVJDt3Fex_6fjqXdllKEBjOOyBW4H2_U_bI18CQ0Jxu9eoyDz71TO_HFvbim0wbGl3fMIGyUCtEU2_-c1GSASZVkuCoEXg4hgEYNJzblGN4kCMw6VzCh382-H4uIkpW47AmRSE62T3v-CBifeO0WTQtuoJMn6g7xZYKHC0x9t-pOoFUjYA_O2dKEPWlwvSu4NILbdWecyuRu6RVEo1L1BXgtCggb7Oa3g443ygn2tcyBLiTvNeERNqfCUi3Yf9_7uu_Dff259Nc5gdoRDgOBzrlLCkb5HVdqvUiS2wGmH57Ke4e0Y9a6J9STU9T5t6i1nJBTP8l8pUPoLTsjYM_CjvVrb643xIg3PuMewASBsJ-TVExc9iPC1WduySyTVf6RoaF23mAKzt2W9Txpu-Ps6oWGOSZalLJafiFbFHlkNtonIDKz2Uw-wWghBWz8mEgMsZesmdMiHPiCUlR9MFGZUwNyNyE1rGg5T_MlILQjt6kWlwhENCUeCCesMRw2Qq_hVNMHyR2UpWmXIYK4fdmh0hP3ThzUcpZde51rOvEw9y1lvMvHG94VHq1XYiLt4pJDUQpmutQDUj15RdaIKF-HViqBIucFgYeyJM0V3e04LyH_21-man8vvS4vBT8nzw3-q6Q-myd6ZopW42DAJziwcz9y5l7kWQ_w-u0sFmrwFB0xd9u2ZNUfa23gzbjad5f5eYzoH32kEY8nmYURK5B-Q7HR0NkQUrEoVfh8auFtVe4NtutpmvlL6rNOhX7JZ1xc9UeYpxB6Tikl03FDc6g-T20tbZWM28mY9rW_36Zuzf8blXodkdwtihlRaZjfER4HolnD_QYZWoSeGDzBH3ian5DV3fITQzxnzenDbF3k3jDwDIT1oxKG0vJGbPGqSBnxJoLQ4I_JQ8E_v6v3d7-RqyBS-UpJplH0pTlYNUXwmYMGzGf7HoVZgDdZK14Mo7MWEWRKMKOdS3HH2jKEBPmhSv6MMkYV-889mRwo7uQGpbDQKINceb7YVPNA_Y5blW_SAL4iXftgl1KgoFHiX9zv9Kjq5U8M0ivUcUNNc8JXh4qbCZg5JdRONw9za078v7ByK8Wjv4Z4SwTjVbr0Rf7Sx_KoQ2-6RI4Rpe7mBlUQm9-jlqDPkFGCWUR86_3PbnHy-9-bzB8jJK8AcICOL9isOYM1nmL241AmELk7hxU3M-68RLPob0vzv6QAOrz06KCoQEwJgpMBmIISKMiQJinaMTXwLjtjlUVAxsoB_I_PerukBNp07TfHjXMJ3F86Uh9zQrqXPA1nvsJ194MXnBlvR_Qi-xOMfV_0WehUFS7BtDCZvLyxchtFs3ctiJK44MG3cu0hHCbmp3_RT82gD8zgRKEB6kQrlgovv6yWguadhv24cWkmKdw8iTi-UCUwD8veIP6rKZ_oDB85iNjEr6LygneRiB3UKg0troQOoJOIY5cvuJOe2hzIjNHUG7w8L9QrTQzm5g3yRCEDrgU4Mynw3wFn50YdF6c4SC78EO2XxH2VSAqGTVzU2jSWdSvym_tJ10_ACZkHKcfnIvaC45Rz4hq5hMFryVpx40BGqej0gSNb8LtBCTPN9cD0knEsBAikqF3pyg868c1uGzT_AT7QksRb8wIW2g_ht1OYtjSvyxYJR62g355sip-vnvIDLbjWqXqd0b1X428DPnVs3FUiUYcqMzQLFkoO8pB5ed6dQh3WBZcya3v7maOzwgIY7Qd9t8NC3Dfv7-waD-qQYLb1ufm7vgY-pb6z72kHeOKz_YR8WEjDJDaqrneBA5INVYN2lPAPfktUSxAgthd9g7G5pr1949YmjqEBh1a17S_OUvrP1FI_VlvficFcaVCytCSxR9QJuK8RRo-seNQDoXMAxE2MZ6xH2T4LcDq4ynFTUeWFY1JwWGa4w5MYQCHt2kRkYs2aEzm-2ROEMvxSz_S_wOUha7CeJ_3g4frVTB_v_2RtZhmOyGlTSkWAliHOLoAbxBTD_b4KCHWMLu2vUf5qTtdLZOJDx5mA1Wqv5X4Zs_ehZeDb-8MNk2ugIcrAi0ZO55WSb5RUAmRGAtjZq38nFSIYKBJuwBq9VIL440tg4WOzgWq6jWsf5iUAWpo1RhNnSZSPytHliz3xu0Z15mV1WKcHqXVYeDR08L5MFz-3AToKDPCcbVbMoSu9j2uXJed8asBlEUktLql9uduv3acDhjV6Y12-XDuoRGlErcLA9ZgBm5AsjJmGAKsS747C7bx3OFYjEUtAdaktPvXnsfVrbgZAWdowvcpkZy8DZwliBcQLy410dBk11QnI51hAJQio1tvPWaVayhCTA2qrO4eErxSeRCjfh_1B7VGXR_nolbIjuDULL3nPeBifRdLZ2IDZRYuou_ZIbHWO4ct4otqNRuUXQSSaelBXWgEYqsbemf00PS2AJWM7sTsnHb0tP1-I2ZeSJLISA0T-XYOGLOw1Yg7WgJc9h5xhEq6Le0EKHfhuL639Ndq1vRUGGRRJUzAXCTAdQyBIlMRyyO1nBpU7PZCMsRDMTNy3n4HNaFY6N8Kca_GqhOGz0z9oul-qnnjwko8OtmnJWMVjFbptBrGXjFm_EZEbb_-BQgwF0sQrS4uGNncivayeHKyR8uy-ppk-EY-gXlHIP-tVJJH3OkUWdoX-0fbPJMYqtqvD0Ii8oAz6nBhjpxTlX4708ZMHcT6JEkxss1LDTGfD1yhYL43L8MnBq0JCZMQBKvq17sC2ixO25lAQpqfAdPA9tCLcgpK9H_GlbOJj0NfX2rVGkPyHxUQAAts8Etvk5xWUoH0ID_m20QowTryxawOyWpJlZwZ0z_R5OpIZ3rMNxk9AszdIMF1YIEVdC8sEZY95-yqTIc6G2Dubn6IB-L5E50as88BXsnFp2VEqJZ5g4y29fZuqs0FHwp6NC9gclJUqOpUlhOn9tzPO0hqwNWBSArLgLVefTwIoN5XFT98KLdaLql5a-gl3un0yBTD6129TYvrKTI8iNAcvYLMQmKzlGnBvGwUNm4BNC1xsl6bBCggK7NGeWZUAD9KPxiwVxfFfmhRMsks2WDDP3nsYe-TlExcpR-fugSXGbquig18ATFmj8lLeEpuazovydWw3h9TYc-zBUtWXV7uO4swj4uhnAGDCqpaffwxwnoPKMtEH4xDnHU-lrBP8b95SCVBQ7EknKfEjbfwPrtlOmYKTGcN-kcu5ubE_l-FUK3abCwbZ2acHdNvSnZi-fFLead7VX8wmJTMsk51KetsqgsvZ-OOJjyO6MD6pi4UKz5bFMq7-C5GQNOusKHqOdlmhDa41yIiwPbnMLnLYdFDSCMgu7Y0z25c_1HhbveRSBXtFDGwTJVZ7S99d5Cs9pJBbIrcTOyiwBcdKS4qo46wNbrjzM0IZeJvaqZV6SjuvW5Fr3RmQQXxDQz74HlYnNtgh_aIhlEUwnEC6Yfw6oXwIjsulEs&cid=CAASJORokl9Dkig13nmJVLoH4T28QvmL5KcO777loTySF5iuM_BVNg&rfl=1%2Chttps%253A%252F%252Fchicago.suntimes.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 19:20:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame A6E8 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2WGWiRvr8PewmeCiXJDbbDwdQ0vk7mD1HASTGUdnDy0L53TUfw1o-DVKBtDlfl4OWJtZVhG3P1I4t8yh4-lIWjP6TW_fAEWPlHX8QcXXvzv61rtXOT-irTU6t_QKXjYfhMPhbdesKU0lNbQmGRAQZQhBxWA&dbm_d=AKAmf-AtZI7_w_F6vTBZ2jwLwLR1_2S_nKWjFizepX22-hrRXBhvwXyy56axv5SKIRVJDt3Fex_6fjqXdllKEBjOOyBW4H2_U_bI18CQ0Jxu9eoyDz71TO_HFvbim0wbGl3fMIGyUCtEU2_-c1GSASZVkuCoEXg4hgEYNJzblGN4kCMw6VzCh382-H4uIkpW47AmRSE62T3v-CBifeO0WTQtuoJMn6g7xZYKHC0x9t-pOoFUjYA_O2dKEPWlwvSu4NILbdWecyuRu6RVEo1L1BXgtCggb7Oa3g443ygn2tcyBLiTvNeERNqfCUi3Yf9_7uu_Dff259Nc5gdoRDgOBzrlLCkb5HVdqvUiS2wGmH57Ke4e0Y9a6J9STU9T5t6i1nJBTP8l8pUPoLTsjYM_CjvVrb643xIg3PuMewASBsJ-TVExc9iPC1WduySyTVf6RoaF23mAKzt2W9Txpu-Ps6oWGOSZalLJafiFbFHlkNtonIDKz2Uw-wWghBWz8mEgMsZesmdMiHPiCUlR9MFGZUwNyNyE1rGg5T_MlILQjt6kWlwhENCUeCCesMRw2Qq_hVNMHyR2UpWmXIYK4fdmh0hP3ThzUcpZde51rOvEw9y1lvMvHG94VHq1XYiLt4pJDUQpmutQDUj15RdaIKF-HViqBIucFgYeyJM0V3e04LyH_21-man8vvS4vBT8nzw3-q6Q-myd6ZopW42DAJziwcz9y5l7kWQ_w-u0sFmrwFB0xd9u2ZNUfa23gzbjad5f5eYzoH32kEY8nmYURK5B-Q7HR0NkQUrEoVfh8auFtVe4NtutpmvlL6rNOhX7JZ1xc9UeYpxB6Tikl03FDc6g-T20tbZWM28mY9rW_36Zuzf8blXodkdwtihlRaZjfER4HolnD_QYZWoSeGDzBH3ian5DV3fITQzxnzenDbF3k3jDwDIT1oxKG0vJGbPGqSBnxJoLQ4I_JQ8E_v6v3d7-RqyBS-UpJplH0pTlYNUXwmYMGzGf7HoVZgDdZK14Mo7MWEWRKMKOdS3HH2jKEBPmhSv6MMkYV-889mRwo7uQGpbDQKINceb7YVPNA_Y5blW_SAL4iXftgl1KgoFHiX9zv9Kjq5U8M0ivUcUNNc8JXh4qbCZg5JdRONw9za078v7ByK8Wjv4Z4SwTjVbr0Rf7Sx_KoQ2-6RI4Rpe7mBlUQm9-jlqDPkFGCWUR86_3PbnHy-9-bzB8jJK8AcICOL9isOYM1nmL241AmELk7hxU3M-68RLPob0vzv6QAOrz06KCoQEwJgpMBmIISKMiQJinaMTXwLjtjlUVAxsoB_I_PerukBNp07TfHjXMJ3F86Uh9zQrqXPA1nvsJ194MXnBlvR_Qi-xOMfV_0WehUFS7BtDCZvLyxchtFs3ctiJK44MG3cu0hHCbmp3_RT82gD8zgRKEB6kQrlgovv6yWguadhv24cWkmKdw8iTi-UCUwD8veIP6rKZ_oDB85iNjEr6LygneRiB3UKg0troQOoJOIY5cvuJOe2hzIjNHUG7w8L9QrTQzm5g3yRCEDrgU4Mynw3wFn50YdF6c4SC78EO2XxH2VSAqGTVzU2jSWdSvym_tJ10_ACZkHKcfnIvaC45Rz4hq5hMFryVpx40BGqej0gSNb8LtBCTPN9cD0knEsBAikqF3pyg868c1uGzT_AT7QksRb8wIW2g_ht1OYtjSvyxYJR62g355sip-vnvIDLbjWqXqd0b1X428DPnVs3FUiUYcqMzQLFkoO8pB5ed6dQh3WBZcya3v7maOzwgIY7Qd9t8NC3Dfv7-waD-qQYLb1ufm7vgY-pb6z72kHeOKz_YR8WEjDJDaqrneBA5INVYN2lPAPfktUSxAgthd9g7G5pr1949YmjqEBh1a17S_OUvrP1FI_VlvficFcaVCytCSxR9QJuK8RRo-seNQDoXMAxE2MZ6xH2T4LcDq4ynFTUeWFY1JwWGa4w5MYQCHt2kRkYs2aEzm-2ROEMvxSz_S_wOUha7CeJ_3g4frVTB_v_2RtZhmOyGlTSkWAliHOLoAbxBTD_b4KCHWMLu2vUf5qTtdLZOJDx5mA1Wqv5X4Zs_ehZeDb-8MNk2ugIcrAi0ZO55WSb5RUAmRGAtjZq38nFSIYKBJuwBq9VIL440tg4WOzgWq6jWsf5iUAWpo1RhNnSZSPytHliz3xu0Z15mV1WKcHqXVYeDR08L5MFz-3AToKDPCcbVbMoSu9j2uXJed8asBlEUktLql9uduv3acDhjV6Y12-XDuoRGlErcLA9ZgBm5AsjJmGAKsS747C7bx3OFYjEUtAdaktPvXnsfVrbgZAWdowvcpkZy8DZwliBcQLy410dBk11QnI51hAJQio1tvPWaVayhCTA2qrO4eErxSeRCjfh_1B7VGXR_nolbIjuDULL3nPeBifRdLZ2IDZRYuou_ZIbHWO4ct4otqNRuUXQSSaelBXWgEYqsbemf00PS2AJWM7sTsnHb0tP1-I2ZeSJLISA0T-XYOGLOw1Yg7WgJc9h5xhEq6Le0EKHfhuL639Ndq1vRUGGRRJUzAXCTAdQyBIlMRyyO1nBpU7PZCMsRDMTNy3n4HNaFY6N8Kca_GqhOGz0z9oul-qnnjwko8OtmnJWMVjFbptBrGXjFm_EZEbb_-BQgwF0sQrS4uGNncivayeHKyR8uy-ppk-EY-gXlHIP-tVJJH3OkUWdoX-0fbPJMYqtqvD0Ii8oAz6nBhjpxTlX4708ZMHcT6JEkxss1LDTGfD1yhYL43L8MnBq0JCZMQBKvq17sC2ixO25lAQpqfAdPA9tCLcgpK9H_GlbOJj0NfX2rVGkPyHxUQAAts8Etvk5xWUoH0ID_m20QowTryxawOyWpJlZwZ0z_R5OpIZ3rMNxk9AszdIMF1YIEVdC8sEZY95-yqTIc6G2Dubn6IB-L5E50as88BXsnFp2VEqJZ5g4y29fZuqs0FHwp6NC9gclJUqOpUlhOn9tzPO0hqwNWBSArLgLVefTwIoN5XFT98KLdaLql5a-gl3un0yBTD6129TYvrKTI8iNAcvYLMQmKzlGnBvGwUNm4BNC1xsl6bBCggK7NGeWZUAD9KPxiwVxfFfmhRMsks2WDDP3nsYe-TlExcpR-fugSXGbquig18ATFmj8lLeEpuazovydWw3h9TYc-zBUtWXV7uO4swj4uhnAGDCqpaffwxwnoPKMtEH4xDnHU-lrBP8b95SCVBQ7EknKfEjbfwPrtlOmYKTGcN-kcu5ubE_l-FUK3abCwbZ2acHdNvSnZi-fFLead7VX8wmJTMsk51KetsqgsvZ-OOJjyO6MD6pi4UKz5bFMq7-C5GQNOusKHqOdlmhDa41yIiwPbnMLnLYdFDSCMgu7Y0z25c_1HhbveRSBXtFDGwTJVZ7S99d5Cs9pJBbIrcTOyiwBcdKS4qo46wNbrjzM0IZeJvaqZV6SjuvW5Fr3RmQQXxDQz74HlYnNtgh_aIhlEUwnEC6Yfw6oXwIjsulEs&cid=CAASJORokl9Dkig13nmJVLoH4T28QvmL5KcO777loTySF5iuM_BVNg&rfl=1%2Chttps%253A%252F%252Fchicago.suntimes.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10536
x-xss-protection
0
server
cafe
etag
754631604453815386
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 19:19:52 GMT
1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 		68 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=feb6b46121fe
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.135.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:54 GMT
Last-Modified
Mon, 26 Oct 2020 16:52:19 GMT
Server
AmazonS3
x-amz-request-id
KVC59QP1Y3RZ6R47
ETag
"91e42db1c66c0b276abf6234dc50b2eb"
Content-Type
image/png
Cache-Control
no-store
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
afJa6w4Eln+J5CTgNkuGmbaLlqj/dpGTQCaRIAK5HoWqH0PUs3uc0hV0G/wDnAp2fRUFB8bJZCY=
verify.js
rtb0.doubleverify.com/ Frame 5805 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_923297892880&jsTagObjCallback=__tagObject_callback_923297892880&num=6&ctx=1828362&cmp=115750&plc=4172163&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=923297892880&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=102&bridua=3&dup=null&turl=https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gKvwiqQVP7GvQMAJRGVYNr&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15173805049&DVP_DBM_4=396400450&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=103855315983&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=152&eparams=DC4FC%3Dl9EEADTbpTauTau49%3A428%40%5DDF%3FE%3A%3E6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau49%3A428%40%5DDF%3FE%3A%3E6D%5D4%40%3ETar9EEADTbpTauTau24763g_7e44egg2eg62%607h3h2ha%60_h65%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau49%3A428%40%5DDF%3FE%3A%3E6D%5D4%40%3ETau65F42E%3A%40%3FTaua_aaTaueTauaTauab%60daeb%60Tau%3D%40J%40%3D2%5CF%3F%3AG6CD%3AEJ%5C49%3A428%40%5C%60__%5C%3E%3A%3D%3D%3A%40%3F%5CDFAA%40CE%5CDEF56%3FED%5C%407%5C4%40%3D%40C%5C%3D2C86DE%5C5%40%3F2E%3A%40%3F%5C%3A%3F%5CD49%40%40%3D%5C9%3ADE%40CJ&dvp_exetime=6.30&callbackName=__verify_callback_923297892880
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal104.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
53ebfed8e701ff93bd57ec5641f3347c654e9ce5c1d34e492c69a42224424bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
keep-alive
Expires
06/02/2022 19:24:53
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1654284293607&sessionId=354c325e-3f0d-8068-dc9f-d56cc0c7ae92&url=chicago.suntimes.com&cheqSource=1&cheqEvent=2&responseTime=892
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
701f3e65edf069f48ee453d57706e4fa
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136feac53dee45839e9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474cef498fbd38e820d861915981032aa77f0cf81e43072e9a5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1a08f77f6aa890117ae8d9eb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f8286ecfa88e7e11f22a27db7b8f22e5535eadb6090b314e64c1354d5085ed6d987888fbc9227c32c90c6f5ae53df5f5b1aa35e6490c2971d728abc20f85abcc8199074fc2c131e53976deb568d91f82aeb876b925ca9cfcbcb69ce01046cf75515507b4432d6bb6fa24edbcb9668a4936ab0972acd83eae87682bcaa0f342ed8a40a098bfa590b51a3bcb665a525c6b515b0bc7faf39fe68d30696578eec75da497fbdfdc331602261032a16014ef6bdd5338c1ff4000e0376baf0529cdc5d58abe69bf9a13394f0b7a3daa7edec171e7eac12c5f2443adc1d345f8e3c036c35a866ec25419db49d7ed2399461d4e965dfa41fcd2e1d2b211e6e51c991a78462695f9b0457d78fcbb1dbcb4f069eb9a17e94c96f78ddda0e3f68fa8dc45021b63b98599f1eff229814dfd40efbbc32fe868ed29a2a7efdb329699002d39facb9448e66350a17d139515ab5bf4dccb9568cccd9bb0b88d9c36a506055b479e940ff49a0c2298438436c&cb=1654284293607&cri=PyNIomJFB8
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
rep.gif
comcluster.cxense.com/Repo/ Frame 50C6 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.4.0&typ=pgv&rnd=l3yu5llxfjw50v2m&sid=1148697685424599205&loc=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&new=0&arf=0&ltm=1654284293123&ref=https%3A%2F%2Ft.co%2F&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l3yu5lxl7bn2l6az&ckp=l3yu5llt224jg32e&glb=&amo=1654276329&cp_userState=anon&cst=1l4hs7irn8ldy3wglplw6tp3e
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 379E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
123236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 09:10:57 GMT
expires
Fri, 02 Jun 2023 09:10:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
id
id.cxense.com/public/user/ 		116 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l3yu5llt224jg32e%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221l4hs7irn8ldy3wglplw6tp3e%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221l4hs7irn8ldy3wglplw6tp3e%22%7D%5D%2C%22siteId%22%3A%221148697685424599205%22%2C%22location%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history%22%7D&callback=cXJsonpCBl3yu5m9yjtu08t45
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
558094a4f6a1c0f76cb9efbf3e974570283180002beb1ab006a0d4eb7a76e845
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
116
expires
Mon, 26 Jul 1997 05:00:00 GMT
300x600.html
s0.2mdn.net/sadbundle/17661082194833047552/ Frame A4AC 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e51195e5ea45118ffbfed37ed01f51606492e12bc2066275e95ca1df7270a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:53 GMT
expires
Sat, 03 Jun 2023 19:24:53 GMT
last-modified
Fri, 22 Apr 2022 08:43:28 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A6E8 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTT9iLhDq4f_L12ovvio8kK7cDvAtIfovUrSxWHlDNy3LvusPIpf4gTom4Rw1lAWMbacBzCOTmZDX7RpbGtOS9dQP0qSF5nFAej7VctMVfxQtZRURIDolXq9KoxsQa2rA6hnvCzCFeik3PET1ZUBaFfP-H6MXNq-Lhk22LRGnNjZRKWrSkLEUesCgI4jK60zBrYvC3krginTmPtDKDYO9inIZmNtdTHWwymR36iO5Iwdbsfmf2B0QGvC0bVgGWdsrB5J7Mgt17XUY1cvsPcaSwczzzJYYCNzCWPCq5AWzskfb0WBCiCoIbq3XcLXbKLizEy5oZYHhoNxrQWURzrbPKHYeIhLzyzZgYPtx2VIEe3kBY8nS-TWrA71em3hXSivXiFfjGAFqxov8BkMqJ4At1EQhU4o6T0ozcjjP5l2Lnd55xo_G7m2_r3P56udQlO2de-q2lQE9cQVbTP0UzG64EXN0reh-z0tIyWAmPeDPFdr6xS-McMvdQKHrAEiS18fdv2DsqSXveY0UFOEX4nP3Ob3S7pFnLr-qwEd2Qv6CE-qA9dRNPG0DOJiI86YaMyuOveNLIh7xryET4HNO1Ja9XjSWWDUJ4dPCC1sf-nHF9Y5YDlqcrWBzPQVT5yGh-IExVt5SVXuwESHNPXAjfKeIQr-h5NgjXgUH8pvVtSxd7mA-Qiz2sxs826tWb5dv9az01iJsXFj9TET7TuxqqHKckOA7LmQnC3bunARF58H4ZBWS08aoTN4MhxhrdcwML3HsOtAE4JsnznjGU7e2Ihx_rJAljJxySpupM869vMXL9FxN1c2zSBUUnw4rM9iLtG4JFan94StFPnSelWK4ucjTa0WaUAWsn4qL-CAEPJIQGG5x_jyl7e56iX3F0uS14A7dVAO0DFlkr_lpX_cMEyHxkIzl_EwEbdOT9wzFA2aLscQAcctA-hXNbLGeFRyCcLAlmTpS_WBGIkilFTtxilJ3J3CPRHIBb1kWeetl3DY68TddEp-5X0UzTDrGDVX8E-_a5m9ceMnI8ur5S9KLvuygO5yEAvUk-tOTHhoaj68rJV1hZ5KctqC0bnFQqHYCFCX0oJ3DjswGUpS8_eqyiBF15CSOQB1xEqCpwzKw7hO0kt49ZOF-Tq61TVypV3JRGoiWFMRlHhMNMHLUvFKLkwmkd_tvwaVjLhAsUeKY8ZFSPnoE1MreSmNflhDqunaSBsoUtVVQgYF3A6yaENbDgZ08227wJeZOs9h9zRI8A8m8XECM&sai=AMfl-YSz16YtRhvi1wdnFE1VJ5vk531WD86XPlP8Mpp25ED5yyi6anXZSflf4Zvu1d3y2ZKKIq-RyQLM0JT30VsGtJ3KLBaPXVrK5n5vEiqSNm2W78tTg_OCIaXAvI68qQKboeHKxkWUlnpdmJvnVRIR1BBHmx_q0xz3NNy3LB5Say70j_VX_t2DrZJ_r1NMKAylYYw6QvFuijIBbetm9gtM7w&sig=Cg0ArKJSzIbzQcAi9cHyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=107&cisv=r20220601.93479&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 03 Jun 2022 19:24:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A6E8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 04:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 04:50:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 27FB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 04 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
last-modified
Thu, 02 Jun 2022 05:54:28 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1654154190.787528"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sun, 03 Jul 2022 19:24:53 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
last-modified
Thu, 02 Jun 2022 05:54:28 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1654154172.075214"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 03 Jul 2022 19:24:53 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=e4a1d334c00ed55395f995569d1d341f_38719_1654284293541&tm=1124&eT=0&widgetWidth=1600&widgetHeight=427&widgetX=0&widgetY=4217&wRV=2000749&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=472&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
X-TraceId
6ec02361e1dda40fafa0352bb3daf662
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
truncated
/ Frame A6E8 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
469bf83e6645f10c8b3ef8e4c62bdf8cd8288b0500ea0644ff0c9a5712a01867

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
Enabler_01_248.js
s0.2mdn.net/879366/ Frame A4AC 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 09:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Jun 2022 09:10:57 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A4AC 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Jun 2022 19:24:53 GMT
starti
s-117.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-117.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&se=af330077-e778-49ea-b25e-8fed497c81fd&pv=117.25&dd=chicago.suntimes.com&sa=shd&s=0.0&p=1990454619&cb=1654284293732
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.62.117.246 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128968
x-xss-protection
0
expires
Fri, 03 Jun 2022 19:24:53 GMT
events
prd-collector-anon.ex.co/main/ 		2 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654284294.757152,VS0,VE0
x-served-by
cache-hhn4054-HHN
x-cache
MISS
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
landscape022c7ed2-de41-4d8f-87d5-b5b5fe20c590_1654282361518.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscape022c7ed2-de41-4d8f-87d5-b5b5fe20c590_1654282361518.jpg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.22.169 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-22-169.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ce6ce7f34fecd43754e9d174846f9ef8c52e3001adac49c6fdee6583726b0d6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:53 GMT
Cache-Tag
190453267955712275162617875679268706541,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
43510
X-Served-By
cache-iad-kjyo7100086-IAD
Last-Modified
Fri, 03 Jun 2022 18:53:07 GMT
Server
cloudinary
X-Timer
S1654282510.104587,VS0,VE1
ETag
"d23b7fad7a83ee5e8bf0add6016190d0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555869
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chicago.suntimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 19:07:55 GMT
x-content-type-options
nosniff
age
346618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 19:07:55 GMT
gpv
s-117.channelexco.com/player/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-117.channelexco.com/player/gpv?p=1990454619&d=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&sid=&pv=117.25&w=780&h=439&f=0&dd=chicago.suntimes.com&vs=1&sa=shd&gpvck=v022757140__780x439______DEF__nil__360&s=0.0&roll=0&rolls=0.0&av=&dv=&fv=1990454619-592219154%2C1990454619-820530290%2C1990454619-1477400787%2C1990454619-617337243%2C1990454619-251876980%2C1990454619-2013262491%2C1990454619-1706155542%2C1990454619-2129354211%2C1990454619-1208278648%2C1990454619-297750848%2C1990454619-1249315734%2C1990454619-1057681503&sid2=default&impDetail=1&sid3=main&auctionFast=5&auction=1&schain=1.0%2C1!playbuzz.com%2C0010J00001r9agUQAQ%2C1%2C%2C%2C&asr=1&esrv2=http%3A%2F%2Fe.channelexco.com%2Fevents&erate_low=10&ssl=1&cirBreak=1&cb=1654284293776&callback=_1654284293776952
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.62.117.246 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
6c363d748f1f9e1e5702d2e3ad2fa5db21d8024812721c6fb71b3da61bc97834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
server
openresty
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
592cbffd-a1d0-4eb8-a31c-5b1269e51126_1645756600404.png
cdn.playbuzz.com/logos/ 		16 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.playbuzz.com/logos/592cbffd-a1d0-4eb8-a31c-5b1269e51126_1645756600404.png
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.157.71 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-71.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e2d2e6e3d28980322b82926a609eaccf797ff4349a376bbc4dff6bb439f221b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
15215
last-modified
Sun, 24 Apr 2022 19:20:23 GMT
server
AmazonS3
etag
"217b5c8ce699083f792df121626b905b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 03 Jun 2023 19:24:53 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E9A9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
123236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 09:10:57 GMT
expires
Fri, 02 Jun 2023 09:10:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 5805 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=2026518e147f4515abcda3b4fd8fc5df&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0316&dvp_acibv=&bsigr=24189255813248&cbust=1654284293782821
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal104.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
Vary
Origin
Access-Control-Allow-Origin
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
06/02/2022 19:24:53
globalpassback_970x250.gif
cdn.besafe.global/ Frame 5805 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.besafe.global/globalpassback_970x250.gif
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7800:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57de4b084cceeb4e8da50287c08aee11da8485936c317e787b829c14a60fbb66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 08:09:08 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Thu, 26 Sep 2019 21:39:55 GMT
server
AmazonS3
age
40562
etag
"51e1e3c642837bb2cd7299bccc325440"
x-amz-meta-sha256
57de4b084cceeb4e8da50287c08aee11da8485936c317e787b829c14a60fbb66
content-type
image/gif
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
37564
x-amz-cf-id
6WXfKugnbVaVnmZw3lv5yOx8fi-PJ2QGQoePfJ5Hn4e5pzHA5bF_fA==
x-amz-meta-s3b-last-modified
20190926T205011Z
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame 379E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
28386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 11:31:47 GMT
592cbffd-a1d0-4eb8-a31c-5b1269e51126_1647450373106.png
cdn.playbuzz.com/logos/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.playbuzz.com/logos/592cbffd-a1d0-4eb8-a31c-5b1269e51126_1647450373106.png
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.157.71 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-71.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
13bab25b1678166903b51d5b138cc3a2aac1bb308ba82b10f5fe89dc2681742f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
18594
last-modified
Sun, 24 Apr 2022 19:20:23 GMT
server
AmazonS3
etag
"87011e5d7aa3a899da765a44e951606b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 03 Jun 2023 19:24:53 GMT
video%2Fupload%2Fc_scale%2Cw_800%2Fv1490095101%2Flandscape022c7ed2-de41-4d8f-87d5-b5b5fe20c590_1654282361518.mp4
mcd.ex.co/ 		202 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video%2Fupload%2Fc_scale%2Cw_800%2Fv1490095101%2Flandscape022c7ed2-de41-4d8f-87d5-b5b5fe20c590_1654282361518.mp4
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.22.169 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-22-169.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash

Request headers

Referer
https://chicago.suntimes.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 03 Jun 2022 19:24:53 GMT
Cache-Tag
190453267955712275162617875679268706541,295080953872673752238392952027982591845,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Status
206 Partial Content
Connection
keep-alive
Content-Length
207295
X-Request-Id
310b5f4847ea879bbd702ddf638e272b
X-Served-By
cache-iad-kiad7000125-IAD
Content-Range
bytes 0-207294/207295
Last-Modified
Fri, 03 Jun 2022 18:53:51 GMT
Server
cloudinary
X-Timer
S1654282510.233598,VS0,VE1
ETag
"127f09982c7a5ad3f23b60d025aeebdf"
Content-Type
video/mp4;codecs=avc1
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555797
X-Ua-Compatible
IE=Edge,chrome=1
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
current
dclk-match.dotomi.com/match/bounce/ Frame 27FB 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKvxP9W4OoUt0rg1_04AwIU&google_cver=1&google_push=AYg5qPKfwNxepQ54DjFRwmv-M7e__HsInLHVKgH4wMmOMG6LT-qkZJIfr3fCcHYxRYr44_2k7KsxXIhir5opLoD7azTYYOM8SmI6
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 27FB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGnQ3PC2HGUxpTOvIjVsxAc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGnQ3PC2HGUxpTOvIjVsxAc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UFA3VjhFQXkxTlhjVUo1&google_gid=CAESEGnQ3PC2HGUxpTOvIjVsxAc&google_cver=1&google_push=AYg5qPJdmbrjaNewzE6_ThX1yj-7ONpibg98AWFiAcbh_OY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UFA3VjhFQXkxTlhjVUo1&google_gid=CAESEGnQ3PC2HGUxpTOvIjVsxAc&google_cver=1&google_push=AYg5qPJdmbrjaNewzE6_ThX1yj-7ONpibg98AWFiAcbh_OYuRHGpoP9kw-tGlf_79PnaDn3mzpz3kE2s3I9a4MphPTuz9sVUES0
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:53 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-025786580083fbd6c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UFA3VjhFQXkxTlhjVUo1&google_gid=CAESEGnQ3PC2HGUxpTOvIjVsxAc&google_cver=1&google_push=AYg5qPJdmbrjaNewzE6_ThX1yj-7ONpibg98AWFiAcbh_OYuRHGpoP9kw-tGlf_79PnaDn3mzpz3kE2s3I9a4MphPTuz9sVUES0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 27FB 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBW_q40nSioB_7F-6ATPRW0&google_cver=1&google_push=AYg5qPKI1zHE6flRGc3U-u66fQGfdnIXaPNUIkk2TWmmcuxn0UZzkRegGY_rZKqYhDyVeTATJf1SSzWWiTTTrSHIfl5gCl9r9WM
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 27FB
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKUV86uOyDjGx-5V7Ym3EZs&google_cver=1&google_push=AYg5qPLBHdsyDQGUQy7e50D0a3um35bt1Hd-Gcv83o5_H8fQyB1HFtAhhSaQwi0IbPHc9GdqnxHdlO-Qxyh...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLBHdsyDQGUQy7e50D0a3um35bt1Hd-Gcv83o5_H8fQyB1HFtAhhSaQwi0IbPHc9GdqnxHdlO-Qxyh16LcsGJjfkSwN-gg&google_hm=vlwyxdegSke1GH_QyPvt0QM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLBHdsyDQGUQy7e50D0a3um35bt1Hd-Gcv83o5_H8fQyB1HFtAhhSaQwi0IbPHc9GdqnxHdlO-Qxyh16LcsGJjfkSwN-gg&google_hm=vlwyxdegSke1GH_QyPvt0QM
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLBHdsyDQGUQy7e50D0a3um35bt1Hd-Gcv83o5_H8fQyB1HFtAhhSaQwi0IbPHc9GdqnxHdlO-Qxyh16LcsGJjfkSwN-gg&google_hm=vlwyxdegSke1GH_QyPvt0QM
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 27FB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKOl8jFaZS3R9xrH_dR8UnM&google_cver=1&google_push=AYg5qPLFxqB2IIjh_lJ7q-Vv9e44BrF0vmKbJ-HxCumwZKP7EiGyjdvTh435IqDCzXpvwRGrlByQEXtm...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKOl8jFaZS3R9xrH_dR8UnM&google_cver=1&google_push=AYg5qPLFxqB2IIjh_lJ7q-Vv9e44BrF0vmKbJ-HxCumwZKP7EiGyjdvTh435IqDCzXpvwRGrlBy...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg0NTc1MzY1NDE0NDQ3NzY0OQ&google_push=AYg5qPLFxqB2IIjh_lJ7q-Vv9e44BrF0vmKbJ-HxCumwZKP7EiGyjdvTh435IqDCzXpvwRGrlByQEX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg0NTc1MzY1NDE0NDQ3NzY0OQ&google_push=AYg5qPLFxqB2IIjh_lJ7q-Vv9e44BrF0vmKbJ-HxCumwZKP7EiGyjdvTh435IqDCzXpvwRGrlByQEXtmPtlEPgTANghS508l9oY6
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg0NTc1MzY1NDE0NDQ3NzY0OQ&google_push=AYg5qPLFxqB2IIjh_lJ7q-Vv9e44BrF0vmKbJ-HxCumwZKP7EiGyjdvTh435IqDCzXpvwRGrlByQEXtmPtlEPgTANghS508l9oY6
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 27FB
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEKZAhj46Dy3k-JrW1k41xfk&google_cver=1&google_push=AYg5qPJsRe4AZYXbcgBYV2h5bHT4auX27PLjXuaMdikuTI-89HRdaokP2IQdb7lZEq9dAchdRaTeUSv8LdBcgCY1Q9cxVA...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKZAhj46Dy3k-JrW1k41xfk&google_cver=1&google_push=AYg5qPJsRe4AZYXbcgBYV2h5bHT4auX27PLjXuaMdikuTI-89HRdaokP2IQdb7lZEq9dAchdRaTeUSv8LdBcgCY1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fu8QarRBRcqHXGH4D3AlXA&google_push=AYg5qPJsRe4AZYXbcgBYV2h5bHT4auX27PLjXuaMdikuTI-89HRdaokP2IQdb7lZEq9dAchdRaTeUSv8LdBcgCY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fu8QarRBRcqHXGH4D3AlXA&google_push=AYg5qPJsRe4AZYXbcgBYV2h5bHT4auX27PLjXuaMdikuTI-89HRdaokP2IQdb7lZEq9dAchdRaTeUSv8LdBcgCY1Q9cxVANdHqo
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fu8QarRBRcqHXGH4D3AlXA&google_push=AYg5qPJsRe4AZYXbcgBYV2h5bHT4auX27PLjXuaMdikuTI-89HRdaokP2IQdb7lZEq9dAchdRaTeUSv8LdBcgCY1Q9cxVANdHqo
date
Fri, 03 Jun 2022 19:24:54 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 27FB 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPCdsOjlTpT8stjLMLxaDRQ&google_cver=1&google_push=AYg5qPJUNAnhw_1qleerPobHz-IY1UVmSse-FpMvO-Ep43eBauUUsO8gLgFnoMo9W7TgDtNyrbUE1rBBxb8nd1V1iK3j3zX-0sbY
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 27FB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuKy_ptZaFG_h50Oatc-xo1-GX9YA8ijiz7pdoZ7Illi2M29ayxhSUWHNNWHzpDERViNke
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dv-measurements2796.js
cdn.doubleverify.com/ Frame 9CD2 		531 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2796.js
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3d0685dc68855dec8530af1efcd110df79d8ea58355f0414a5c1516b703a37c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 May 2022 13:51:50 GMT
Server
Microsoft-IIS/10.0
ETag
"05fa093f574d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100293
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B295 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 04 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5805 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0c1349ef6049373e19b0d1d33462dff8c46e52087f353beb85d80a10d847c1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame A6E8 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTT9iLhDq4f_L12ovvio8kK7cDvAtIfovUrSxWHlDNy3LvusPIpf4gTom4Rw1lAWMbacBzCOTmZDX7RpbGtOS9dQP0qSF5nFAej7VctMVfxQtZRURIDolXq9KoxsQa2rA6hnvCzCFeik3PET1ZUBaFfP-H6MXNq-Lhk22LRGnNjZRKWrSkLEUesCgI4jK60zBrYvC3krginTmPtDKDYO9inIZmNtdTHWwymR36iO5Iwdbsfmf2B0QGvC0bVgGWdsrB5J7Mgt17XUY1cvsPcaSwczzzJYYCNzCWPCq5AWzskfb0WBCiCoIbq3XcLXbKLizEy5oZYHhoNxrQWURzrbPKHYeIhLzyzZgYPtx2VIEe3kBY8nS-TWrA71em3hXSivXiFfjGAFqxov8BkMqJ4At1EQhU4o6T0ozcjjP5l2Lnd55xo_G7m2_r3P56udQlO2de-q2lQE9cQVbTP0UzG64EXN0reh-z0tIyWAmPeDPFdr6xS-McMvdQKHrAEiS18fdv2DsqSXveY0UFOEX4nP3Ob3S7pFnLr-qwEd2Qv6CE-qA9dRNPG0DOJiI86YaMyuOveNLIh7xryET4HNO1Ja9XjSWWDUJ4dPCC1sf-nHF9Y5YDlqcrWBzPQVT5yGh-IExVt5SVXuwESHNPXAjfKeIQr-h5NgjXgUH8pvVtSxd7mA-Qiz2sxs826tWb5dv9az01iJsXFj9TET7TuxqqHKckOA7LmQnC3bunARF58H4ZBWS08aoTN4MhxhrdcwML3HsOtAE4JsnznjGU7e2Ihx_rJAljJxySpupM869vMXL9FxN1c2zSBUUnw4rM9iLtG4JFan94StFPnSelWK4ucjTa0WaUAWsn4qL-CAEPJIQGG5x_jyl7e56iX3F0uS14A7dVAO0DFlkr_lpX_cMEyHxkIzl_EwEbdOT9wzFA2aLscQAcctA-hXNbLGeFRyCcLAlmTpS_WBGIkilFTtxilJ3J3CPRHIBb1kWeetl3DY68TddEp-5X0UzTDrGDVX8E-_a5m9ceMnI8ur5S9KLvuygO5yEAvUk-tOTHhoaj68rJV1hZ5KctqC0bnFQqHYCFCX0oJ3DjswGUpS8_eqyiBF15CSOQB1xEqCpwzKw7hO0kt49ZOF-Tq61TVypV3JRGoiWFMRlHhMNMHLUvFKLkwmkd_tvwaVjLhAsUeKY8ZFSPnoE1MreSmNflhDqunaSBsoUtVVQgYF3A6yaENbDgZ08227wJeZOs9h9zRI8A8m8XECM&sai=AMfl-YSz16YtRhvi1wdnFE1VJ5vk531WD86XPlP8Mpp25ED5yyi6anXZSflf4Zvu1d3y2ZKKIq-RyQLM0JT30VsGtJ3KLBaPXVrK5n5vEiqSNm2W78tTg_OCIaXAvI68qQKboeHKxkWUlnpdmJvnVRIR1BBHmx_q0xz3NNy3LB5Say70j_VX_t2DrZJ_r1NMKAylYYw6QvFuijIBbetm9gtM7w&sig=Cg0ArKJSzIbzQcAi9cHyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=422&vt=11&dtpt=309&dett=3&cstd=107&cisv=r20220601.93479&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame A8F1 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
130109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 07:16:25 GMT
expires
Fri, 02 Jun 2023 07:16:25 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Jun 2022 19:24:54 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=chicago.suntimes.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=chicago.suntimes.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
prebid.js
cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/ Frame 652C 		510 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.22.171 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-22-171.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7ca4e2bd73ce9b1cc76f2dbd853da9603940116cf6a6654d63470b6c36230c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
153157
last-modified
Mon, 16 May 2022 10:28:44 GMT
server
AmazonS3
etag
"96c07c02ed3b9ae883f8e832aa263c2e"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 10 Jun 2022 19:24:54 GMT
/
google2waycm.netmng.com/cm/ Frame B295 		0
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B295
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFI95XQ_mZxh6vpjA7Dsg9A&google_cver=1&google_push=AYg5qPL1_GRRzVsBqON_ReOUaQAW2ouqJeKOEMJT9SA-gDX7N4uK2o8NIoaDhZidEhb-8DtgjrNOIkNuAKUBX54-LDAk4xBTdxJm
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU4NDM2OTk2NDUxOTE1MTA3MA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFI95XQ_mZxh6vpjA7Dsg9A&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFI95XQ_mZxh6vpjA7Dsg9A&google_cver=1
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFI95XQ_mZxh6vpjA7Dsg9A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B295
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKHYpYoro98DeGOr-IBbxXw&google_cver=1&google_push=AYg5qPJQ_V21XdIE0XnN02sOLmSW7dN2mDv8OkGK1SSgS6otKgcBZoZST1utBlkvtSLYg2yztBA5hq9jjOua44cRyaz5YSb_1FDbYw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A806AF5E7BE45C59FC7490D7F935879&google_push=AYg5qPJQ_V21XdIE0XnN02sOLmSW7dN2mDv8OkGK1SSgS6otKgcBZoZST1utBlkvtSLYg2yztBA5hq9jjOua44c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A806AF5E7BE45C59FC7490D7F935879&google_push=AYg5qPJQ_V21XdIE0XnN02sOLmSW7dN2mDv8OkGK1SSgS6otKgcBZoZST1utBlkvtSLYg2yztBA5hq9jjOua44cRyaz5YSb_1FDbYw
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Jun 2022 19:24:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A806AF5E7BE45C59FC7490D7F935879&google_push=AYg5qPJQ_V21XdIE0XnN02sOLmSW7dN2mDv8OkGK1SSgS6otKgcBZoZST1utBlkvtSLYg2yztBA5hq9jjOua44cRyaz5YSb_1FDbYw
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 02 Jun 2022 19:24:54 GMT
pixel
cm.g.doubleclick.net/ Frame B295
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKHvNGEVzzU_4mmBv7hnnT8&google_cver=1&google_push=AYg5qPKHRS8ks-s59_w2kKPttJNYn8u85vufPs0YMdjdYtlq5bvTG_yU3vnon7b71KyuUlfoE4e1z5m3lqlWxnxb...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=23v1MpcZSlaSEMGMPcbGJg2&google_push=AYg5qPKHRS8ks-s59_w2kKPttJNYn8u85vufPs0YMdjdYtlq5bvTG_yU3vnon7b71KyuUlfoE4e1z5m3lqlWxnxbKDPH4muJx_lXBQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=23v1MpcZSlaSEMGMPcbGJg2&google_push=AYg5qPKHRS8ks-s59_w2kKPttJNYn8u85vufPs0YMdjdYtlq5bvTG_yU3vnon7b71KyuUlfoE4e1z5m3lqlWxnxbKDPH4muJx_lXBQ
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Jun 2022 19:24:54 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=23v1MpcZSlaSEMGMPcbGJg2&google_push=AYg5qPKHRS8ks-s59_w2kKPttJNYn8u85vufPs0YMdjdYtlq5bvTG_yU3vnon7b71KyuUlfoE4e1z5m3lqlWxnxbKDPH4muJx_lXBQ
x-host
tde-deliveryengine-production-6dd6c7c9d8-sh9p6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame B295
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBPTnLdWqMPTEpwn_Pd8t94&google_cver=1&google_push=AYg5qPKoP2QPcgyS7mQC3Z05d7GKmVuZNedf-hz3uykGUVVxKVzQcHwOmAZjO-s2ZCsy8PvzwTSeiUE3uONtIGnE6GWT2jb25C...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPKoP2QPcgyS7mQC3Z05d7GKmVuZNedf-hz3uykGUVVxKVzQcHwOmAZjO-s2ZCsy8PvzwTSeiUE3uONtIGnE6GWT2jb25C0...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc0MTI2NjU2MzEyMjk3Njk3Njk1Ng%3D%3D&google_push=AYg5qPKoP2QPcgyS7mQC3Z05d7GKmVuZNedf-hz3uykGUVVxKVzQcHwO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc0MTI2NjU2MzEyMjk3Njk3Njk1Ng%3D%3D&google_push=AYg5qPKoP2QPcgyS7mQC3Z05d7GKmVuZNedf-hz3uykGUVVxKVzQcHwOmAZjO-s2ZCsy8PvzwTSeiUE3uONtIGnE6GWT2jb25C04Bw
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc0MTI2NjU2MzEyMjk3Njk3Njk1Ng%3D%3D&google_push=AYg5qPKoP2QPcgyS7mQC3Z05d7GKmVuZNedf-hz3uykGUVVxKVzQcHwOmAZjO-s2ZCsy8PvzwTSeiUE3uONtIGnE6GWT2jb25C04Bw
date
Fri, 03 Jun 2022 19:24:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame B295 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPCdsOjlTpT8stjLMLxaDRQ&google_cver=1&google_push=AYg5qPII3x-Qau5qaaD9tOB5sgKO7-ZYgNgnMBD0HdObfR5UVs_ng8iRKldYeWk-bLkcbMFQQER3wgSXSXusiw2R9xargKRFnine7g
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:53 GMT
content-length
0
/
onetag-sys.com/match/ Frame B295
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELt1r-ELeCWCNsUtqeGs7V0&google_cver=1&google_push=AYg5qPIfMs3yWLboaBRIjDbrh5L_8b4Nk9auNddKzP2ilqnQ78M_guBErK6jhkefY6cRVPujK_3YAID-jzR...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIfMs3yWLboaBRIjDbrh5L_8b4Nk9auNddKzP2ilqnQ78M_guBErK6jhkefY6cRVPujK_3YAID-jzRwi9TNli-5GmYSUn8S6Dk
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B295 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JD2RXsSAJ9Eqina-ZrAYI1v2WoxEDrPvtTEqhmPDHaAVNJeW5WRkXUllvuCfNAqi1AW-khEA
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
visit.js
tps.doubleverify.com/ Frame 9CD2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=204&ttfrms=27&brid=3&brver=102.0.5005.61&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau49%3A428%40%5DDF%3FE%3A%3E6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau49%3A428%40%5DDF%3FE%3A%3E6D%5D4%40%3ETar9EEADTbpTauTau24763g_7e44egg2eg62%607h3h2ha%60_h65%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau49%3A428%40%5DDF%3FE%3A%3E6D%5D4%40%3ETau65F42E%3A%40%3FTaua_aaTaueTauaTauab%60daeb%60Tau%3D%40J%40%3D2%5CF%3F%3AG6CD%3AEJ%5C49%3A428%40%5C%60__%5C%3E%3A%3D%3D%3A%40%3F%5CDFAA%40CE%5CDEF56%3FED%5C%407%5C4%40%3D%40C%5C%3D2C86DE%5C5%40%3F2E%3A%40%3F%5C%3A%3F%5CD49%40%40%3D%5C9%3ADE%40CJ&srcurlD=0&aUrlD=-1&ssl=https:&uid=1654284294110784&jsCallback=dvCallback_1654284294110100&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2796&tgjsver=2796&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Facfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&sdf=2&dvp_epl=554&noc=4&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gKvwiqQVP7GvQMAJRGVYNr&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15173805049&DVP_DBM_4=396400450&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=103855315983&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=24120505894.537453&dvp_tukv=51386717819.62158&dvp_uuid=292494093289.3693&dvp_strhd=0.40000009536743164&dvpx_strhd=0.40000009536743164&dvp_tuid=775080665523
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2796.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
2bf63a5ea4a5695ef9dc4a7d71d6d0262ab2ee54acb2ae9d5a7d36c0d1c78901

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:54 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
06/02/2022 19:24:54
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EC2B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 03 Jun 2022 20:16:42 GMT
rtb_vast_proxy
s-117.channelexco.com/ 		60 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-117.channelexco.com/rtb_vast_proxy?ap=TkhYPkVLKXhmKzZAPTh6USXz89fKkjdB61-vrCWUU5BCJozkYIjrfpseCiCkTm32tFhdk_ORjFUek5vunwinbh6ssOil73myflJqdEXP1zPRKlQhm-uR93tm2RUw5AnNMKOFDwdMPu_1aQyjdR-mOpVAASDBSW7GiSqxpuudADWFrIXPBYtGJgjibIRkX5uQNlZPMugCa2S4u6bVvidSuphGuFXZABpmRkvGLLz3bOZWKOD5Q2bk7U-O2Thh0lq6EoUoorbMbMZfPdcK8vhZk6aJldoLp40qSMsdaXZnhlTP7oafL0phfRlMoJwLb5McRMDJ83MpcMC_HCygHhjZgNGwH--vVVb_sXnbsXS55jWPCQX4UClk0RqrPk0ucPM4alhSSEp6LoL01hYKfpQ4hQoQeaEomOalZqfxnfSAYZxjqaMyCJ0OTOpENyPRLI_eGXRaqakT90vEmIjHxoHZnaJJSp30rSpRzIOnvGvR1TC5xevODjd0g-AdzBXByJ-0-igbW4y4meGANH4vL41-0pw4AVeaHW_ubStUVMG2wvyZlE43gTFxrsRKEJDegdKQQ85j3jcdkudMFo6OLL8k8Az5295DdgLuLFoqrZim4YcaozGpm-9fkbSwmEsnN8zC-WxFOwl8kyEY5p1QYL0JDYM1bRNJi0TAzqqCiEbtrmz_1qoIgeyvWVcXNabNCf5ePEAAAzuZ7eKPYQxdvhqA5Fa8vBAMCIjUWenrkqpPqGrlKuCZ9ctlq9HwIc-c5jQH2EHsUExuYyfkpBugbWHInpCqG0mzNHa30lhZDD_CPkYO_9Sj1btaYCPN5sowwd8dOF83a15s43Y41ZTN2iqRNSftD9ZTSTHGeJ812CrnT9v9Hgy01QcQTaTs55Z1EDiRDXzPTqUGqw1Zck-PSAEgSJD6rc8BWeuiGzOExJmL3NM8kxQNF9bBa8G8vgtrHvzoiplLFgfF35-Pto1fxO69gGSqpvdDVvZ9jtevJbxWlMvgfj-GvOy3DE8nS2whRyUO6j80ZMj0eo1ECccheHszXe4uWQMoM01T6Ax9ZKNGWJHthJhXR00kzOsmMXprtS1QrMNiwlc8eZwBl2MVg1b2dEeghSp6T47bEyhyf4eDNNpuvBAwOLMqgr-0aEfCKM1xn6rq8o9lMe_MMAfM9FFCAUR9geB5KVwqmd0OOkIrDLcfd3ltQ8j7rFcPHglbWBQXdQEgvnukT8h1bda3vBZp_FueDQDr6ZAefTItvkoITU4urHDcpi8A6tDMsnJAp7v38JdSuWJ73iUeAT80m7YBJS6vznk0OTVPwp3AoOvVFT3WAvvTFd2p4TYNqZEWXu1Ck1K-uL105Rj1l0QcKHzDiePEaTSGKVKQbC7IM0snO9l08-gMdJyEfc3X2zc3z57w5c3nsr-KAsttk1isxXwHq8hg3nDVX8F5iEvKv0N4B7VZ2f0W8C9wDkMn5PC_G8RmhaHOwQXX8Qu_6mDubP6CnLHE6kvpKQpuWHIs1cG44VvFvUfILqm1e9pEbHfW-BLIeb-ABdKJG7aiBAJ7ZoaoaczNjvjrzgGK8-pA4ZmMJNwzw9IYfL3TzKo7pb9z0Tf2IUBmpuHDuACJCZymBvXXEYJ0nbmlNPVocK3SYiMpJmauBNm7-Ops6nzYFF1YhaDA_SSbs9a0FJiQuw3Z4cxIztu7yh9OAjbOHYIBDOKZ4OAeW81-A0nISQ59tfgkLtwo5PctByBJKaxnA-C7341xGdW4LYXlDWN-Kvna6Ud-ovZpiebB6eMg9JZSINLUH_MFG1G3z4Mjc_J0eNhRdsXb0Alhm3O998v-5ip2kndxIsFAA54KMuv3TS5q7dDUUawMPO8zDMown61zWvwLh_2HbVpHV9i2tFDts0qM6pUvtx-As8AULgsejwVc2JgsLHSYeoteD5rHklZ40NPIhwMAETdJmCa9bO0FwC_hKLLZPOzlPQLUnE3g0OeqHWUor8fntrF9iiDI8Ug54dVWxbrGeWkAn1IKNsSzPQaMvnjk7fPyBQHIWrCRlV8I_C-8q6kWkt_NRh_X_-63OwfIZrYa4IxinARo2AujrC0qWigV5rHDQudJmxWKikRhgzTDXuFDUBDN9PjEaSJChAj38dXxkWGZwT9LuUx3SVNjbt8TgoKmOGdUidYfuCXCEDB25MWE3SgPI882VIGkCzl28o06k7qJJCxoCBNMng9O7m3AccUrHrXXYJs6dQkhlnikbW-rQx0rxRtLR3SZUa4fuCrSEP1fnNaSsBpzPPSd7HtWzdFxEbqUTdxDLHiCA0yhbZwII0ny7kqpMzpvLEGElJcDulLR5lzPQFHpl9K2My2P9TyyY6A6vO3thzHNPqHuWj8wKoZPpze0XJxatvwQoPj2PN_rrxGFHD0SugvEcbXQoii1DrkYc3bkS9uU1EhuDp3BtDrgbkJn_Xn-LwJYqdOwBsFIrm04kKGh1MYzCcb90yNUZPbKvuOUI-45VAJHYaozy6N6kEKIEi_d_GsRTeC0VTCLc14wbFCj5qWTHlTil1pjhISnqyb2n1F4i-14h1oS7BL51qH6cxlmDNwnm3K8gA8n7Nn9QxbGxiLToDFeOUYgh1hNHa6VE2qyp8Jyh4sHtnpgqbLsMs47UzptgEqhKBACHvw0CwnyykS2S__bn5IvL9m3cWg1cbgGdidJsjo6gWQmVweGpPsBkRWMGduX7f-95aJl1H6nrXn9UjFDvmCrAJv-tQLeYLgHnwZbENOlk049lZNjMOjsVhDoj0i2APVg8lhTy6rh_nJKaqSRkWo2EhExwbtB-61ObyHFJAr3GtUVSsRQivqTMD5o9nMKn61kIsPGtR7LW6iYZfYNZepnSwXjIzKf2iGZEA5TnS03b6fkjAImNmFMsY9xuoFmBzrUOGOGBbCrrorMRKmfb0GjWS9HxpFL0_hztq5DAa0DZ2pz8kLPGoXMWLPoDrCnDD46u8BKkO7fjFwl0V9ZnaMGvf5DF8JqIMh-KOxrNTu-Pc-YFDZR14DZedNA-QbS7UdTUPYDMcDs_5UomHgB5ncg04dj0WvEfmHYJH6s4TxqlSssp4GcvAnKd1tMf7Mo3Fr0ZaKuK7KzSX686f18PEQa69C9rklc8_MdNRGsFKJIuYXAUQftsA6cbgsLA3X3fuwvUfbTgiX0WgfzPAKZgpojJWo0GZrtkELkQVDOC0NhDg0VgjfzJvGRWJuYJ6wvuZ8J4aWWEuuRm5e1sV_rpnLIasfvyOYiJs8BrRKHjJGa34JQ-fbTPdAZclyb0j7rW99VRKmGXWxiZMmAnMVcy-8~&ap_size=3308
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.62.117.246 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A4AC 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76ea264298c64e25a5ff3206c3247468ba8906ce960a6c75f96efd669f36c0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5616
x-xss-protection
0
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame E9A9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
28387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 11:31:47 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame A4AC 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:10:01 GMT
x-content-type-options
nosniff
age
893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Jun 2022 19:25:01 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame A4AC 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:18:16 GMT
x-content-type-options
nosniff
age
398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Jun 2022 19:33:16 GMT
60005582_20220527245319629_300x600_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A4AC 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220527245319629_300x600_LOOK-01.png
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a56d67cc31ef3917b67f1648dc299788dd7367b308b0808f61848c9a0ec79f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 08:58:39 GMT
x-content-type-options
nosniff
age
37575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50138
x-xss-protection
0
last-modified
Fri, 27 May 2022 07:53:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Jun 2022 08:58:39 GMT
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A4AC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 19:54:59 GMT
x-content-type-options
nosniff
age
84595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Jun 2022 19:54:59 GMT
60005582_20220527245315959_300x600_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A4AC 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220527245315959_300x600_INTRO.png
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53df47c56a20f3a7714565691fc9313108808b93296229ec68ba8f78a914dd67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 08:58:39 GMT
x-content-type-options
nosniff
age
37575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51704
x-xss-protection
0
last-modified
Fri, 27 May 2022 07:53:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Jun 2022 08:58:39 GMT
60005582_20220527245337643_APP_iPhone-13-Pro_Green.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A4AC 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220527245337643_APP_iPhone-13-Pro_Green.png
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e2e661e9bdd91cafdd5a98cc1006b66458b76ef23a4ed86e2e6527895931e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17661082194833047552/300x600.html?e=69&leftOffset=0&topOffset=0&c=tKQWVfavfy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 08:58:37 GMT
x-content-type-options
nosniff
age
37577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25677
x-xss-protection
0
last-modified
Fri, 27 May 2022 07:53:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Jun 2022 08:58:37 GMT
postview.gif
portal.o2online.de/nws/img/ Frame A4AC 		43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27880537_4307561_337692172_170180369_QTYP0404A20220601&ref=27880537_4307561_337692172_170180369_QTYP0404A20220601
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 , Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:54 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
rtb_vast_proxy
s-117.channelexco.com/ 		60 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-117.channelexco.com/rtb_vast_proxy?ap=PkombEJSfjlFWVc9T3ZFakIuqlvWDS63CUsriMs1f8Z1fvIUD5uUZWPNIrAVBlCpZNSFTTxkTe-O-yyZmD8lEZazP368FCUbazkoad-QoiFcfWX-n6Iumuhw8MTjuQuJKTt1cY-Ydm0IdephhDCwWEFEuktEi6oOrfGllOQ_ws1qtfXSMcCJygJUDz8r2aejEbF94tuLgNh7tEdPXoo7lO9-v4_6Cm_s8DeK_JdqmVxPI9EXdjogl2FLk3f5e3LtdMqqNkS67mnfg_rhxqm16P2JmXLadnhkH4-sVxSy83wduzA9AZyyauZTY-NT_W1cGTe4iHp6rQitge94LpZmYkPHool5CHxGl4n9Wk2SBdyhgjbu1EDadM-75hQHGbhUKQxiZjg5upDns5-Xvo6ffiCBxleDhKCGaBhpXawqzs_8CGaCeMAyIjcYZoMY4v_8PVVq1VdYu0jrAS3KyOK9k7FrfVI50hofFEMxcn_lVIUI90JWU-Hd97lJNbqEz4MSOHAJ4s58Wo4Xh2yAndgi5kL1VN6Cy7pOL35vQaD1vF_e-eXL1UVENJfXs4hNPIUnjy2SWcSYJlvydyixenxe4t-fpG39CyYggd5Fqaw5Ef4N3AjJ1rndlXvyMtc8liIZYsYLWo3h2X8Dk2hdBM1H56K719kscF3FRbEFsg9ifHvJYoMYnaEnvNSwOGJxzQRz5XhJ6BjwI3MqOFXIzg0kaWaIQu5CHva6b5LOchvJCd9i4j46V9ykZopMmFoNtsctPydpwkkNTUREb8uF-qHT_idzpSgjZvZlnsSX2GD8KP0IDKCUdI3KAN937lDjFhXgX4qiDmH5QOHkwaEk9Rb2fqUCKwXJqVtDk9XvwvybACC9kdMYwxxRhPEVMZvNXrN844MzoYpAiGnPzem5x-Qdc6zTg2rJh2eM0dTZocgus4JqoKoQlxupQSTZRwMad-OVg3l_97fdYbx43VuA8_kWXOPL0g2Ti0Rr3lp-4fLmnXa0RmCWT22uxod0XJUBVT4vuS9lxHUzYfM0xPqM1haCCKNl-QIwp8Jtu6fgtVjWemYyRtd937DZM67q5Zwf7Hel1WVPNYE6OEMRYrHyzuThGpf5IevCxSQOwsNRIhq_MMq7RvlEUKh4N1Wx0W-YJJWlcRRfbzaICU1CS9URg8W82MqtR0AYHUe21QyB0wWx2r4awN1v255LfEy9qfQqgZZ-UbsQbSWycdhFn9PfZG8FTmIVjAIL96XfKEwspJ_C8APNhYkwTbvFyrqqSe-VQskR5v-NT5KqU8_zAOLX66MD7HRPpeajYrGUq2So8hIzIuZSeyvAW9dKqoIkVBPnmTn2bC61RV4yymsI_4fk7Q9Bp_pMbQ89Foz5NykJpK3hhI5lCj7vh-JM5f2Kz8S679d6e480nJKS3fDM-Qa3zWbZEn_UcppmDXYnK_bGaq669q_t0hCkx7kGtXMJdlkJfcI92J87DNC62-p6Y4PLAyoDCY_VriwLS6ivOhlo2nfDFCO3-k_qrRygAtc3tj4UAqVcm0i8wBk6m9FWInUx5ngMe0aIwF67A-iBmLmW8fAqgrAg_OtHh2OYOv-d1Rvg_RuZZpG1ve_UTP6PLBVh8DfFdN7dAPMHKti015-e_r_wLodwN7xlxSMOzlQUPjaRkRsn0AKNqKirYM4OinXfDvLJYlNA8xRYQ_3Rx8W1I291H4VrSXB4tU6ow7NODLTDww4dfGf4viUj8X-NAbgeGelKPbvgnUWLFF-OlZMkaPtrsqvNcRq5uF_HXUQ7Qc-g2UPrHiEuPp5SQ5v3_86ELNNy_-lGyLOhi6NFE6k7usT3pkXOINk-dlDa2ZWqkDxVoQrvtVhrXhhQE45mvYJZcPrmmyprs_nTLjmoUxsWV7wmiGCJS9QXtbHqHvJVaWBCVHL8UQVTXRBJQo9vO_NCNKZEGoG4eGcU1b2jSEBQJA1hiBt9Ttjvku4hjDFwhYLElgBY-vbdzDv16qk1JiKsQpNipuLVfV47Utfw-Gi09uY2_6uJsvYHSrw06P-qkT5M7XDI43SE93eZT4DXuCiEkz8JAtgQG77jo-stSlF4NQqZkv2mqlsw7JNFClA0uqxPafL-gtMx-tQi_qIHAfdKwYzaDS-BXEAtZC34Gkbh2on_AJMN-EwIc6gxAcxHT3Y_Mgtpeqqcr-PUw2xfmWx6k2pakPFYRe36kVgQNjfnYIlOBZw0NzrLerThe8sx1jQRYyqyiBxSxayj2But-QjmTQJsfB11ea_V-ozUwpvOQUDWgVCdF--LphO-G2Amf6azqmfnvCteloh4NxvO5JtHqe_gZm9mg9FAqa9ZuYpeLE7rzlJPX8IMIAazLfzDJcxUwirk-drKBbVbJYDxXg1UJLDV4d3ZRxVVSca6zxyPmyq94oHE60fxvNyANLfDMRx-cXwwTz4VBDHy5POgtFEMB9oqbFR0olo_IK7KWCggvl9juNehD6O9IR50nzrLtXhONg82CvD954YTQWHN55ASD5IJUnz8Gy5vm4hk1FqQZDXxE9Fe1whjTGLnjd1K_vXpoDQVWAmrNk07nnvOXcSDQciFWOmhj125swi_d7nn7m-uFZSVK3D7mPeY_7fZKOxkDV0oeewbythP4KOyk0AvxuMkSB5McMQ1PA9YW0eXdZz9UINRRrFa5XIn48-AJI1hmdQb2repIivjHrD36qFwP-Xi3sMmt4FBPvShDiLRRsPamoquVy-cxeQcAlDB5l8v247Wl_odMM-P5TBvGuZJMe-AK5sL6yEli73cmRfWsYyz5LUoyCytX3_xfl6VIvqO8oW6g56lPoeMHEwd7ZKbeXV9SWwqa7_ylxm6m3Q9l6TTSKMgOAKmCIPVe4A8TFZWGcgpAMhx1S2j1A_yHUQE0bqGjwcpa6xvmSyr6ciKQp7H0GhpB1bdHz2YkzK99XNEJZxIlOqP4xwkiPjejyy9ND1c2jz69rMRQ76ecCCDSI1Hb-wvcU1W8wUE91aB7oMdd8t7AMaDKrqkhrq8lLpA_OF_KC3KiFLSTr4vRBfEFlRtXOd4hIVtMoJwjDx6SQvISEtQU3_EiaykPh0A_T79AjYnjAj5o1u-o-3STi5oa3mub9t8WVnwrMvISbKHkc4AlGIJgEjKzlSafOhMzJ9WQDFTjKm1BV0iyjRzFDxKTaPT_B6nxKn0c_kQyW8VJ1TdlEhJzew4VvuEj8aLeDAK4_wTMspjAARWB5Lirr1mhDblC0HEen7kHmqJI6ntQUGnyEgIHuTVuFgQHgG8S2RoMibAoXyo4ckKPn9-nS8nQHGfY44~&ap_size=3308
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.62.117.246 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame B49B 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
130109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 07:16:25 GMT
expires
Fri, 02 Jun 2023 07:16:25 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A4AC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 19:24:54 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1C72 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 03 Jun 2022 20:16:42 GMT
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame D69D 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
130109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 07:16:25 GMT
expires
Fri, 02 Jun 2023 07:16:25 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4CA4 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 03 Jun 2022 20:16:42 GMT
events
e.channelexco.com/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 6086 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
130109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 07:16:25 GMT
expires
Fri, 02 Jun 2023 07:16:25 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&w=780&h=439
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://chicago.suntimes.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
avjp
playbuzzltd-d.openx.net/v/1.0/ Frame 652C 		106 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6487382b-8e10-45bc-a1ea-888d8931bb7f&nocache=1654284294414&schain=1.0%2C1!playbuzz.com%2C0010J00001r9agUQAQ%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A660%2C%22h%22%3A371%2C%22api%22%3A%5B1%2C2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playbackmethod%22%3A%5B1%2C2%2C3%5D%2C%22linearity%22%3A1%2C%22minduration%22%3A1%2C%22maxduration%22%3A120%7D%7D%5D%7D&auid=557057725&vwd=660&vht=371
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
via
1.1 google
server
OXGW/eecec1e
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://chicago.suntimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 652C 		67 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=29819874&componentId=prebid&componentSubId=mustang&timestamp=1654284294416&pKey=-1580682150&schain=1.0%2C1!playbuzz.com%2C0010J00001r9agUQAQ%2C1%2C%2C%2C%2C&loc=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&playerSize=660x371
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:54 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://chicago.suntimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1654284294494002-573
Expires
Fri, 03 Jun 2022 19:24:54 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 652C 		173 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.79.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-79-13.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6da14234d384c0278b527bf4c56d8e83ef869b99ccbde99e4567bcbef2277dbf

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
x-prebid
pbs-java/1.90.0
content-type
application/json
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
translator
hbopenbid.pubmatic.com/ Frame 652C 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://chicago.suntimes.com
date
Fri, 03 Jun 2022 19:24:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C549 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 03 Jun 2022 20:16:42 GMT
event.png
tpsc-eu3.doubleverify.com/ Frame 9CD2
Redirect Chain
  • https://cdn.doubleverify.com/redirect/?host=tpsc-eu3&param=akipv6&impid=c46896df4e22499490f419e0a0677edd&cbust=1654284294507125
  • https://tpsc-eu3.doubleverify.com/event.png?impid=c46896df4e22499490f419e0a0677edd&akipv6=2001:ac8:20:3b00:1012:e946:9b91:532a
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=c46896df4e22499490f419e0a0677edd&akipv6=2001:ac8:20:3b00:1012:e946:9b91:532a
Requested by
Host: acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
URL: https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:54 GMT
Cache-Control
max-age=0
Connection
keep-alive
Expires
06/02/2022 19:24:54

Redirect headers

Location
https://tpsc-eu3.doubleverify.com/event.png?impid=c46896df4e22499490f419e0a0677edd&akipv6=2001:ac8:20:3b00:1012:e946:9b91:532a
Date
Fri, 03 Jun 2022 19:24:54 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame E9D2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
28387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 11:31:47 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A8F1 		1 KB
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C61924087%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Ced_Desktop_suntimes.com_4&description_url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&tfcd=0&npa=0&sz=400x300%7C640x400%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2073856891636887&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4294235160&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=513303D1-6736-48EC-8268-A0B70FD346BB&nel=0&eid=44750824%2C44760950%2C44761692%2C44762462&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&ref=https%3A%2F%2Ft.co%2F&dt=1654284294691&cookie=ID%3D50483677c2bd3392%3AT%3D1654284292%3AS%3DALNI_MYju76wH0joZ2MG8_FdzxLOOWpKDw&scor=3769346540781519&ged=ve4_td3_tt1_pd3_la3000_er3336.315.3486.615_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
affe2ddd367b5552812bb5fa802c686ee2bcafaff43d4625784c543c1de6b3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
829
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame B49B 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C61924087%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Ced_Desktop_suntimes.com_3&description_url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&tfcd=0&npa=0&sz=400x300%7C640x400%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1228220839336283&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4270091197&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=513303D1-6736-48EC-8268-A0B70FD346BB&nel=0&eid=44750824%2C44760950%2C44761692%2C44762462&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&ref=https%3A%2F%2Ft.co%2F&dt=1654284294743&cookie=ID%3D50483677c2bd3392%3AT%3D1654284292%3AS%3DALNI_MYju76wH0joZ2MG8_FdzxLOOWpKDw&scor=1246348943100713&ged=ve4_td3_tt1_pd3_la3000_er3336.315.3486.615_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
6b5ede315c9fedcfe46d2aa9d260cdba9c80de5b260aab2769cfebb2d57fa25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
832
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A6E8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbBGQ9kM2wkYWwV-pl7CzInfsIjJf6j34i7cRt6klLuWDPUy970vwNLIODiozXYP6n4Nfh8fZmfl8LJmEGyFCqAen18c7alcJYUlVv1hGtV9T_AgXBTv17zeYc&sai=AMfl-YR8MBhdprMGR-c1VBece0b3w_XfAsBgA9cSTi5op5Q798xf5RRvZpJLMJqd9t_bcq46fJAd4XEQcvMVw8N2idM-gb1qxaT4QPY5EXp5-KIMkIC_UScT3kugWDc&sig=Cg0ArKJSzKW6NDZ_SrEEEAE&cid=CAASJORokl9Dkig13nmJVLoH4T28QvmL5KcO777loTySF5iuM_BVNg&id=lidar2&mcvt=1044&p=889,1075,1489,1375&mtos=0,0,1044,1044,1044&tos=0,0,1044,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=0.52&if=1&vu=1&app=0&itpl=20&adk=911222320&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654284293308&rpt=377&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D69D 		1 KB
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C61924087%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Ced_Desktop_suntimes.com_9&description_url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&tfcd=0&npa=0&sz=400x300%7C640x400%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1245385187635248&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1581869664&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=513303D1-6736-48EC-8268-A0B70FD346BB&nel=0&eid=44750824%2C44760950%2C44761692%2C44762462&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&ref=https%3A%2F%2Ft.co%2F&dt=1654284294814&cookie=ID%3D50483677c2bd3392%3AT%3D1654284292%3AS%3DALNI_MYju76wH0joZ2MG8_FdzxLOOWpKDw&scor=824691152678485&ged=ve4_td3_tt1_pd3_la3000_er3336.315.3486.615_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
639b935cbd168975cee48f88c0b5e593d94a8bd165f6a9a89ad73658d58b8c72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
831
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 379E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMjAlBWCaYt7CGpGnx_APlqqEgAoAAAAAOAHgBAI&bg=!ExClEFTNAAao8wy8iPM7ACkAdvg8WvQj26mrkpAc0iyXRrO1uKRHQcZktedJ4bj2UUvfY9CPUpGG0wIAAALpUgAAAAJoAQeZAwGca2jQl_o4Vy--ck8gxV9-gy80ZBMqtCEYqBgcg6A-ad7JEJtrMvkQ2oplcibBKvgpbrGGsWbh0kvUxN8Jw2fk5G2lgvORChOjN1bAT1M4Uj7pwvCy0INvr-8Pr7ahaAqedJHYxzT5f2JW7-JPbV-eliGF--zAVcitZb9uOze7zaYM8DlIfVP0LiVSJ1dCEBTskD3dg484yM96YIBV_0h19TPgrJrSCckTFxzsLGo7yCrh1pGunKXkh5kCJc9cmMdcofuozpEPyNrKF8cUYtZgpvdUgSlc0Myo9d19zkJU6lPqe0f91zDLlSIgD07E6q4aJoUrAauprwyIIbgAPOtDCt7wuhfUHLc8fa3xfpYOuDG7VvwJFDh2muht6Ck8xJVIn6Y2HR7D9TZZxnYpgKUwUtcwMSaGMZNnn-HHe4aIVXD5hUKkVbKQSTLVythzLuCW8uEAQRNeiTiMKGzpoABrruAoYyENOz_59nuYIFdc-EjRjM_JQ-ClST-Gl4pShZet1GXb3K7nKU3zvRzB9jVV3fAMOBoJyVJPF9cJD9sD-C0En03XrV7ZDLldnyeGQzUEmSpv5VfaOxCT1QP3QyuOqCjsDHI6cSqQvRQQ9RdwQW9DJW-Mt_HCiEieAlYdKPmBZjEYLZH3ui7p6TXLGccGPfn41-SL4fdWPU4O1CUwZJ6sWfYbEsCEVk8lJ887jTRv_2jC5Vv7HN6jCwlFHE_dTs8TtGL5pheX30GXoqv9IaiThaWvFx3paienbjukXgDXdlJFCGQK2tx89oPiK2oq1VchqDkArFP3tUTGXiIhxTLbMK0pWDH-MGfIbZBcFdl0g5Ym3bHxIflouVfGGC3csESCvm98BYIH3NMRIKGFswknIAgOrJ8kmDVZOJTGWIVYPsNtISoJ_g5-Tt_JaNga_qaGVGyJbSKYkx458deKeFhGFdHA6Pv-y_ASE8DzOTIBJCgQG0WJQTqNDYIGv8J2uFDFF0rEDVkr2HS9yZMb_A428QmYSb-B4skxZmI5j87r
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6086 		1 KB
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C61924087%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Ced_Desktop_suntimes.com_5&description_url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&tfcd=0&npa=0&sz=400x300%7C640x400%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=792326107886279&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=818425790&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=513303D1-6736-48EC-8268-A0B70FD346BB&nel=0&eid=44750824%2C44760950%2C44761692%2C44762462&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&ref=https%3A%2F%2Ft.co%2F&dt=1654284294823&cookie=ID%3D50483677c2bd3392%3AT%3D1654284292%3AS%3DALNI_MYju76wH0joZ2MG8_FdzxLOOWpKDw&scor=4156080472831524&ged=ve4_td3_tt1_pd3_la3000_er3336.315.3486.615_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
670b967e821edfd6a09df51134a8c1259f84759816a33fc8b9785eed3188c9b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
831
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022053101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdbe3c59ac14dc0924b9c9e795635da7d63d7d353141322b85247c19b5280c4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10648
x-xss-protection
0
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
daa4ce4adb867592b70f61e2230f56c20394e17c84e33c4d1cab7d6ca9d9ae47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 18:08:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 02:08:20 GMT
server
nginx
age
4569
etag
W/"62981b94-11560"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
mHXbfpnxWO5oDnBxgiSCIFdS1AOuWWeJzKxK5h8ohhP2--O5DYVnRA==
expires
Fri, 03 Jun 2022 20:08:45 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1744924553&t=event&ni=0&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Loyola%20University%20Chicago%20gets%20%24100%20million%20to%20support%20students%20of%20color%20%E2%80%94%20the%20largest%20donation%20in%20school%20history%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aDjAAEABAAAAAC~&jid=&gjid=&cid=2126610865.1654284293&tid=UA-52083976-1&_gid=1572522791.1654284293&gtm=2wg610PRHXFPN&cd1=22916672&cd2=article&cd4=Tom%20Schuba&cd5=2022-06-02%2022%3A19&cd6=0&cd8=2022-06-03%2013%3A12&cd9=13&cd10=suburban-chicago%2C%20news%2C%20chicago%2C%20education%2C%20front-page%2C%20metro-state&cd11=chicago.suntimes.com&cd12=chicago.suntimes.com&cd20=chicago.suntimes.com%3Achicago.suntimes.com%3Asuburban-chicago%3Anews%3Achicago%3Ala-voz-english-versions%3Aeducation%3Afront-page%3Ametro-state&cd22=dated&cd26=22&cd33=no%20value%20set&cd53=360&cd55=Education&z=750554808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 03:46:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56287
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1744924553&t=event&ni=0&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Loyola%20University%20Chicago%20gets%20%24100%20million%20to%20support%20students%20of%20color%20%E2%80%94%20the%20largest%20donation%20in%20school%20history%20-%20Chicago%20Sun-Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aDjAAEABAAAAAC~&jid=&gjid=&cid=2126610865.1654284293&tid=UA-52083976-6&_gid=1572522791.1654284293&gtm=2wg610PRHXFPN&cd1=22916672&cd2=article&cd4=Tom%20Schuba&cd5=2022-06-02%2022%3A19&cd6=0&cd8=2022-06-03%2013%3A12&cd9=13&cd10=suburban-chicago%2C%20news%2C%20chicago%2C%20education%2C%20front-page%2C%20metro-state&cd11=chicago.suntimes.com&cd12=chicago.suntimes.com&cd20=chicago.suntimes.com%3Achicago.suntimes.com%3Asuburban-chicago%3Anews%3Achicago%3Ala-voz-english-versions%3Aeducation%3Afront-page%3Ametro-state&cd22=dated&cd26=22&cd33=no%20value%20set&cd53=360&cd55=Education&z=901307483
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 03:46:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56287
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 19:24:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9A9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BE51SBWCaYuD7Goa43wPGhZPoCAAAAAA4AeAEAg&bg=!wsGlwYXNAAao8wy8iPM7ACkAdvg8Wvhd_oJLUAgVlrrK3ccXyoZ8wZIY-4Reuq4k3BBK5d0SWpOO-QIAAAIlUgAAAAFoAQeZAvacNIk5jLIBaZog8I0aHVPlynbhM5WRfzP9h1RWahnxJY10tEdd_ZkheQgDEPrr_lZPYb-7v-GbJBV2Dg6l0tnrOsbneNXjVkFoUWP7sZ-GP-GG-MTSUOOcqyfdSM5LHL75X7CToUrI49cS_NOOTPyCeYxcIB8MW9YgmwE6lA3rgH-YjAcpBoZiiloO60OLhXm4ffnuujH_5JY1wvSoBCwH25qoHktgQTBPsW9x6WPhO8jd69W-oe5ZMswoPhfiR2EbdChccJxMurPJ__du9TKEdENyx1wwjyZ3w27Lh00lJeliIqroRZ-Gg8s0kP8qDBXIb7isdP1R2YaUEHKL6tIRm0jFgS7NjOJ8YSeDNy81qGDPAARTYoTYqbQeo2Z_iJRSsZxD2zW4IWqCh9Y8I4cshnImPJKrSAxiXqGUIy3Da-cYiIAI-mWTEvps-9lOGIjbcdwof0WbMuzL0cFFO3BSDjAi7KvZ6g7mAf57vLLsRhxk1mA8a6OYgo_2JX_ZCfOZbgFVQI0Q8GMzaxc_DOTKq1ni-ADt3y89pQyHaqqOIB9PAopSudVPKwea8z8heOZdW-5C21hvyS_eOyUkSkYkxaTrgFBxGJqakS2PhYY3zA9OsPDSDs7zISl98ZsyTVhMAsgwEdG8vAfAUinncnltsJek0IboXt9rzUYYDC60aM7WbrywylpQ7z-eMsXeLiHj6EhJkBL0sxC676tPCeOdOuRVfzduq-H_RmJwdTOiO7j2M6ute8UTx0SS684_JCGKRLvxc3rexlqAeUKZXnUiiX9Z8XPYwKPGpf7TBC1-eCqMZpL15NO-9hFsprzgSp1yuCzmxNRg1_5ZwCXS_-qAh460DnpUwX27pZBIH6c5IM-zLhIKj5B7c5uDBpR3I1D_yG8NMKeGFx9Sar_x4FJwbueDEO3xpNQ-rIvwOqLAetP7XTmqbKAPio3fpl5P4uDKBMhJDGLffRlmJtkqI360VuTFjbtjz7MEoulsQYBHnzlx0EmnuA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A8F1 		82 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Ced_Desktop_suntimes.com_4&sz=400x300%7C640x400%7C640x480&url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=513303D1-6736-48EC-8268-A0B70FD346BB&adk=4294235160&correlator=2073856891636887&dt=1654284294913&ged=ve4_td3_tt1_pd3_la3000_er3391.315.3762.975_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.517.2&osd=2&ptt=20&ref=https%3A%2F%2Ft.co%2F&scor=3769346540781519&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vis=1&u_so=l&eid=44750824%2C44760950%2C44761692%2C44762462&hl=en&frm=0&sdki=44d&sdkv=h.3.517.2&sdr=1&nel=0&cnc=61924087&kfa=0&tfcd=0&ctv=0&cookie=ID%3D50483677c2bd3392%3AT%3D1654284292%3AS%3DALNI_MYju76wH0joZ2MG8_FdzxLOOWpKDw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c2f6bed029952c63b912f77ad5db3fe56466ca1672c07a2e9d1ede122dd6bf8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16130
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B9FB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2150
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 18:49:04 GMT
expires
Sat, 03 Jun 2023 18:49:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EEF5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28581f9f9590158c731957c41a215d5b63dc2ca20086375226f5e2e827cad59f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TutzdVweU6a6GVkfvuCgRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chicago.suntimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-TutzdVweU6a6GVkfvuCgRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:54 GMT
expires
Fri, 03 Jun 2022 19:24:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame B9FB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
28387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Jun 2023 11:31:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EEF5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022053101&jk=3577992399060624&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 5805 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuh6nKt_6NJ1Twx7FJVWh0YRUEWBZN0c-lokjpU_cki05RV2VepGZnhkQBkPvqv78YoG2LQobTgxTjo1PxAuSmkQ0twyLpMbLma2t5KAzbotoX12aJtr3KhpHvZ&sai=AMfl-YTJkUB5VeZDcz_Uftwz3NY5KKGwPxIWn5rsqc3uYX1ZAthniyFZP_5jZfwDthdyztu6pmCQqGJYoMNQN2X89WjqRArTYolYsd8e5mXrOZ2sCNMQf7kUDmxZvuE&sig=Cg0ArKJSzJaqBjepltkBEAE&cid=CAASJORoK9S6H7qUnroTkOm2GZtwhBzYOOHwIuNzI2sWHySZb5vRmg&id=lidar2&mcvt=1006&p=203,315,457,1285&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1227206917&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654284293304&rpt=647&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=chicago.suntimes.com&p=%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&u=Cy9bDEPGFJG_g7gx&d=chicago.suntimes.com&g=38241&g0=suburban-chicago%2C%20news%2C%20chicago%2C%20education%2C%20front-page%2C%20metro-state&g1=Tom%20Schuba&n=1&f=00001&c=0&x=0&m=0&y=6314&o=2301&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Ft.co%2F&b=3799&t=C345CKCHD26_CaeCO_6jS55fzo3h&V=133&i=Loyola%20University%20Chicago%20gets%20%24100%20million%20to%20support%20students%20of%20color%20%E2%80%94%20the%20largest%20donation%20in%20s&tz=0&sn=1&sv=BNwHwtCDD7NdCcFGBGB5fWQyjJbKU&sr=https%3A%2F%2Ft.co%2F&sd=1&im=067b0fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-44-81.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40chicago.suntimes.com&g=38241&p=https%3A%2F%2Fmcd.ex.co%2Fvideo%252Fupload%252Fc_scale%252Cw_800%252Fv1490095101%252Flandscape022c7ed2-de41-4d8f-87d5-b5b5fe20c590_1654282361518.mp4&i=&g0=suburban-chicago%2C%20news%2C%20chicago%2C%20education%2C%20front-page%2C%20metro-state&g1=Tom%20Schuba&u=Bzr8FaD9EZzMCCRaRw&t=BU7gprBU673yByYob88y6DBmi1p&x=0&y=0&V=133&VS=H5&n=1&b=3799&r=https%3A%2F%2Ft.co%2F&_vd=10000&_vi=Loyola%20University%20Chicago%20gets%20%24100%20million%20to%20support%20students%20of%20color%20%E2%80%94%20the%20largest%20donation%20in%20s&_vp=chicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&_vh=chicago.suntimes.com&_pu=Cy9bDEPGFJG_g7gx&_pt=C345CKCHD26_CaeCO_6jS55fzo3h&_pr=https%3A%2F%2Ft.co%2F&_vdd=chicago.suntimes.com&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.002&_vpt=0&_vtn=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fso_4%2Fv1490095101%2Flandscape022c7ed2-de41-4d8f-87d5-b5b5fe20c590_1654282361518.jpg&_vaup=man&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-44-81.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
generate_204
tpc.googlesyndication.com/ Frame B9FB 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ql1rJA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
csi
csi.gstatic.com/ Frame A8F1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3yu5mrt&c=2313336694534&slotId=1156668347267&qqid=CO-uiJ6BkvgCFYmUewodb98LaA&gqid=BmCaYoajOMbQ7gO4o4n4CQ&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44750824%2C44760950%2C44761692%2C44762462&met.4=ghmsh_s.l3yu5nj4~ghmsh_s.l3yu5nj5&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=o06LhpmGOBVxiih7
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c17::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		2 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:24:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654284295.290150,VS0,VE0
x-served-by
cache-hhn4054-HHN
x-cache
MISS
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame A8F1 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9848746867798493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 18:48:25 GMT
x-content-type-options
nosniff
age
2190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jun 2022 19:38:25 GMT
AKedOLSCT1ZkWFKjKPIycTP-vp5JDBG9ELiDfVv7Zgh4=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A8F1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSCT1ZkWFKjKPIycTP-vp5JDBG9ELiDfVv7Zgh4=s48-c-k-c0x00ffffff-no-rj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1ced99e03d4c637f48dbae6f98267bffe7e1c18ad6e49fc311f4252e926c60ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 18:45:29 GMT
x-content-type-options
nosniff
age
2366
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1220
x-xss-protection
0
server
fife
etag
"v26"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 25 May 2022 08:49:28 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A8F1 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBy09BmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoElgNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCYs1Q3rBZRcz7dax2Rt2XgdR-qlU2AJli30ssYKVYbhXPtXg28WWpZwFJUmba3gwATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NrEJKv6aGIRFnC-ACgOYCwHICwHQCw6iDAgqBgoEz6exArgMAdgTDNAVAZgWAeIWAggB-BYBgBcB&sigh=VCt16nLTydg&label=show_ad&acvw=&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzQ0NDMzNTc1MTIMNTk2OTUxMDE5NTQ4QMgCUiMQDyUAALhBKAE6C0VCR1NQQ0FYcmw4Qglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame A8F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cxx2yBmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoEkwNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCZ01NfYDdbl7SXuK8tVBNdD-mCP4sJSiidVuOgShS1zdkr_eXk6QiC5o637wATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO-jLKgIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NoAKA8gLAaIMCCoGCgTPp7ECwhMaChIYsd35oT0iCggDEAEYASAAUAEYlNT9ngPYEwzQFQGYFgHiFgIIAYAXAbIXHgocCAASFHB1Yi05NzkwNzYyODExMDU3Njk5GNHVEw&sigh=h9nBbPsizIo&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzQ0NDMzNTc1MTIMNTk2OTUxMDE5NTQ4QMgCUiMQDyUAALhBKAE6C0VCR1NQQ0FYcmw4Qglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
truncated
/ Frame A8F1 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l3yu5mkk&c=2313336694534&slotId=1156668347267&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c17::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8F1 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.517.2&e=44750824%2C44760950%2C44761692%2C44762462&id=ima_html5&c=2268466607661731&domain=chicago.suntimes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr2---sn-4g5lzne6.googlevideo.com/
Redirect Chain
  • https://rr2---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1654313095&ei=B2CaYsrzCoPv1gLLrIzoAQ&ip=217.64.151.3&id=1011923c2017ae5f&itag=22&source=youtube&requiressl=yes&mh=Ga&mm=31&mn=sn-4g5lz...
  • https://rr2---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1654313095&ei=B2CaYsrzCoPv1gLLrIzoAQ&ip=217.64.151.3&id=1011923c2017ae5f&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...
3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr2---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1654313095&ei=B2CaYsrzCoPv1gLLrIzoAQ&ip=217.64.151.3&id=1011923c2017ae5f&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=23.057&lmt=1653775032300599&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgZUFWEqO0pA4n0-zg0So3liq_wHMxR5HMEtNKMGFq8qcCICtR-o62Sp4McBQfuBLexL2bSgeCLAKhGgXwJO8689uv&cpn=o06LhpmGOBVxiih7&redirect_counter=1&rm=sn-4g5eke7l&req_id=dce07ed3e18a36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Ga&mip=2001:ac8:20:3b00:1012:e946:9b91:532a&mm=31&mn=sn-4g5lzne6&ms=au&mt=1654284065&mv=m&mvi=2&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPokdQ4TVDhR1L7REXry7XOzmJoxp-rwmcMQ6khWGxmgAiA9NQ8qFj9FrQHnW1Yg9X60rOFU4_Hf7Gkezdyw7po1Cw%3D%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:12::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
763818f283d11718308a50856b2ff8cd751261d80d905855ba8c2105636072ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 28 May 2022 21:57:12 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2999855/2999856
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2999856
Expires
Fri, 03 Jun 2022 19:24:55 GMT

Redirect headers

Date
Fri, 03 Jun 2022 19:24:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr2---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1654313095&ei=B2CaYsrzCoPv1gLLrIzoAQ&ip=217.64.151.3&id=1011923c2017ae5f&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=23.057&lmt=1653775032300599&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgZUFWEqO0pA4n0-zg0So3liq_wHMxR5HMEtNKMGFq8qcCICtR-o62Sp4McBQfuBLexL2bSgeCLAKhGgXwJO8689uv&cpn=o06LhpmGOBVxiih7&redirect_counter=1&rm=sn-4g5eke7l&req_id=dce07ed3e18a36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Ga&mip=2001:ac8:20:3b00:1012:e946:9b91:532a&mm=31&mn=sn-4g5lzne6&ms=au&mt=1654284065&mv=m&mvi=2&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPokdQ4TVDhR1L7REXry7XOzmJoxp-rwmcMQ6khWGxmgAiA9NQ8qFj9FrQHnW1Yg9X60rOFU4_Hf7Gkezdyw7po1Cw%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Fri, 03 Jun 2022 19:24:55 GMT
log_event
www.youtube.com/youtubei/v1/ Frame CD59 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/VWAvh6L6nW4?feature=oembed
X-YouTube-Client-Version
1.20220531.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtLQWtCMXF5RnpWbyiEwOmUBg%3D%3D
X-YouTube-Ad-Signals
dt=1654284292722&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C450&vis=1&wgl=true&ca_type=image&bid=ANyPxKpx0KRaZTGMgrbBE-hb_EJ5ELB-UDZFyrtMGimyUzImP0OgRLIiqY1uu1M4BYL4_vMxLVGZZFp60MDztjH4fGQasgywCA

Response headers

date
Fri, 03 Jun 2022 19:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 03 Jun 2022 19:24:55 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A8F1 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBy09BmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoElgNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCYs1Q3rBZRcz7dax2Rt2XgdR-qlU2AJli30ssYKVYbhXPtXg28WWpZwFJUmba3gwATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NrEJKv6aGIRFnC-ACgOYCwHICwHQCw6iDAgqBgoEz6exArgMAdgTDNAVAZgWAeIWAggB-BYBgBcB&sigh=VCt16nLTydg&label=video_ad_loaded&acvw=&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzQ0NDMzNTc1MTIMNTk2OTUxMDE5NTQ4QMgCUiMQDyUAAOBBKAE6C0VCR1NQQ0FYcmw4Qglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame A8F1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 01:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Jun 2023 01:20:27 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame A8F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cxx2yBmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoEkwNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCZ01NfYDdbl7SXuK8tVBNdD-mCP4sJSiidVuOgShS1zdkr_eXk6QiC5o637wATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO-jLKgIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NoAKA8gLAaIMCCoGCgTPp7ECwhMaChIYsd35oT0iCggDEAEYASAAUAEYlNT9ngPYEwzQFQGYFgHiFgIIAYAXAbIXHgocCAASFHB1Yi05NzkwNzYyODExMDU3Njk5GNHVEw&sigh=h9nBbPsizIo&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.517.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A8F1 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRMouBmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoEkwNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCZ01NfYDdbl7SXuK8tVBNdD-mCP4sJSiidVuOgShS1zdkr_eXk6QiC5o637wATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NoAKA8gLAaIMCCoGCgTPp7EC2BMM0BUBmBYB4hYCCAH4FgGAFwE&sigh=6wxjlBTi3Wk&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D3391,315,3762,975%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D23010%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1005%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D475737313%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1654284294022%26ptlt%3D1654284295465%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1654284295285&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzQ0NDMzNTc1MTIMNTk2OTUxMDE5NTQ4QMgCUiYQDyUAAOBBKAE6C0VCR1NQQ0FYcmw4Qglnb29nbGVhZHNIpQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A8F1 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstN5nP-EQg5WWPIHeT869IcwXXSGfKP4wEZe2Iq5fjACBRtLwHUkP8JEtrjXaVGSBP0eCe4TLxvJTdg9MiOKxOy0H2NeFduuwcO7sYL2_4Dqlqb4c9hR9LC6IRd&sai=AMfl-YQnrLBibGDAkh6NgmzQHeIvmem6PeVuoCGZaH_r8CbeVJ3W78BUeIsIgOGZNZ5ZNli-sAA2sjDSI3sC2BXFbVNTkyZryP0wexsZDyLSKFjCe77CgBbzZM5paDk&sig=Cg0ArKJSzLdO2BOztH6WEAE&cid=CAASF-Ro1GgP0DDsbV3QT917bJodDFXZv86A&id=lidarv&acvw=sv%3D926%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D3391,315,3762,975%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D23010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1005%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D475737313%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1654284294022%26ptlt%3D1654284295467%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1654284295285&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A8F1 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRMouBmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoEkwNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCZ01NfYDdbl7SXuK8tVBNdD-mCP4sJSiidVuOgShS1zdkr_eXk6QiC5o637wATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NoAKA8gLAaIMCCoGCgTPp7EC2BMM0BUBmBYB4hYCCAH4FgGAFwE&sigh=6wxjlBTi3Wk&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D3391,315,3762,975%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D23010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1005%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D475737313%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1654284294022%26ptlt%3D1654284295468%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1654284295285&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzQ0NDMzNTc1MTIMNTk2OTUxMDE5NTQ4QMgCUiYQDyUAAOBBKAE6C0VCR1NQQ0FYcmw4Qglnb29nbGVhZHNIpQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8F1 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.517.2&e=44750824%2C44760950%2C44761692%2C44762462&id=ima_html5&c=2268466607661731&domain=chicago.suntimes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A8F1 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRMouBmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoEkwNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCZ01NfYDdbl7SXuK8tVBNdD-mCP4sJSiidVuOgShS1zdkr_eXk6QiC5o637wATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NoAKA8gLAaIMCCoGCgTPp7EC2BMM0BUBmBYB4hYCCAH4FgGAFwE&sigh=6wxjlBTi3Wk&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=admute&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D3391,315,3762,975%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D23010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D12%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1005%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D475737313%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1654284294022%26ptlt%3D1654284295471%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1654284295285&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzQ0NDMzNTc1MTIMNTk2OTUxMDE5NTQ4QMgCUiYQDyUAAOBBKAE6C0VCR1NQQ0FYcmw4Qglnb29nbGVhZHNIpQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A8F1 		0
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l3yu5nj9&c=2313336694534&slotId=1156668347267&qqid=CO-uiJ6BkvgCFYmUewodb98LaA&gqid=BmCaYoajOMbQ7gO4o4n4CQ&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=4&aab=0&itv=1&met.4=ghmsh_s.l3yu5nja~vss_tr.yz~ff.l3yu5not
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c17::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape022c7ed2-de41-4d8f-87d5-b5b5fe20c590_1654282361518.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscape022c7ed2-de41-4d8f-87d5-b5b5fe20c590_1654282361518.jpg
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.22.169 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-22-169.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ce6ce7f34fecd43754e9d174846f9ef8c52e3001adac49c6fdee6583726b0d6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:55 GMT
Cache-Tag
190453267955712275162617875679268706541,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
43510
X-Served-By
cache-iad-kjyo7100086-IAD
Last-Modified
Fri, 03 Jun 2022 18:53:07 GMT
Server
cloudinary
X-Timer
S1654282510.104587,VS0,VE1
ETag
"d23b7fad7a83ee5e8bf0add6016190d0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555867
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
prd-collector-anon.ex.co/main/ 		2 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:24:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654284295.493936,VS0,VE0
x-served-by
cache-hhn4054-HHN
x-cache
MISS
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
events
prd-collector-anon.ex.co/main/ 		2 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:24:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654284296.504949,VS0,VE0
x-served-by
cache-hhn4054-HHN
x-cache
MISS
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
adplayedi
s-117.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-117.channelexco.com/ppx/adplayedi?sid=&domain=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&se=af330077-e778-49ea-b25e-8fed497c81fd&pv=117.25&dd=chicago.suntimes.com&gpvck=v022757140__780x439______DEF__nil__360&sa=shd&s=1.8&p=1990454619&gpvn=13&t=1.8&cb=1654284295489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.62.117.246 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
areq
a.channelexco.com/ 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.channelexco.com/areq?sid=&domain=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&se=af330077-e778-49ea-b25e-8fed497c81fd&pv=117.25&dd=chicago.suntimes.com&gpvck=v022757140__780x439______DEF__nil__360&sa=shd&dmid1=1990454619-820530290&dmid2=1990454619-1477400787&dmid3=1990454619-1706155542&dmid4=1990454619-617337243&dmid5=1990454619-592219154&dmid6=1990454619-251876980&dmid7=1990454619-2013262491&cb=1654284295490
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.147.67 Dallas, United States, ASN394380 (LEASEWEB-USA-DAL, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:55 GMT
cache-control
no-cache
server
openresty
expires
Fri, 03 Jun 2022 19:24:54 GMT
multiple-events
s-117.channelexco.com/vpx/ 		0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-117.channelexco.com/vpx/multiple-events?events=errori%2Cerrori%2Cerrori%2Cloadedi%2Crequesti%2Cstarti&data=mu%3A%2Cp%3A1990454619%2Cv%3A820530290%2Cdmid%3A1990454619-820530290%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.2%7Cmu%3A%2Cp%3A1990454619%2Cv%3A1477400787%2Cdmid%3A1990454619-1477400787%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.2%7Cs%3A0.8%2Cmu%3A%2Cp%3A1990454619%2Cv%3A1706155542%2Cdmid%3A1990454619-1706155542%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.2%7Cs%3A1.6%2Cp%3A1990454619%2Cv%3A592219154%2Cdmid%3A1990454619-592219154%2Ct%3A1.3%2Cy%3A4%2Cyy%3A4%7Cs%3A1.8%2Cp%3A1990454619%2Cv%3A592219154%2Cdmid%3A1990454619-592219154%7Cs%3A1.8%2Cp%3A1990454619%2Cv%3A592219154%2Cdmid%3A1990454619-592219154%2Ct%3A0.2%2Cgpvn%3A13%2Cy%3A4%2Cyy%3A4%2Crtg%3A1%2Cwd%3A780%2Chd%3A439&sid=&domain=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&se=af330077-e778-49ea-b25e-8fed497c81fd&pv=117.25&dd=chicago.suntimes.com&gpvck=v022757140__780x439______DEF__nil__360&sa=shd&s=0.6&cb=1654284295503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.62.117.246 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40chicago.suntimes.com&g=38241&p=https%3A%2F%2Frr2---sn-4g5lzne6.googlevideo.com%2Fvideoplayback%3Fexpire%3D1654313095%26ei%3DB2CaYsrzCoPv1gLLrIzoAQ%26ip%3D217.64.151.3%26id%3D1011923c2017ae5f%26itag%3D22%26source%3Dyoutube%26requiressl%3Dyes%26mh%3DGa%26mm%3D31%26mn%3Dsn-4g5lzne6%26ms%3Dau%26mv%3Dm%26mvi%3D2%26pl%3D24%26susc%3Dgvp%26acao%3Dyes%26ctier%3DL%26mime%3Dvideo%2Fmp4%26vprv%3D1%26dur%3D23.057%26lmt%3D1653775032300599%26mt%3D1654283827%26txp%3D5432434%26sparams%3Dexpire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cdur%2Clmt%26sig%3DAOq0QJ8wRAIgZUFWEqO0pA4n0-zg0So3liq_wHMxR5HMEtNKMGFq8qcCICtR-o62Sp4McBQfuBLexL2bSgeCLAKhGgXwJO8689uv%26lsparams%3Dmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%26lsig%3DAG3C_xAwRQIgez6yluJcpwlZM1Db4oyLjfgXL4T5TuiAZdLVHWlgFKUCIQCewaaonDYRJcNLn36yNCRTJ5k7_MVOeMF1vE1akmcpeA%3D%3D%26cpn%3Do06LhpmGOBVxiih7&i=Advertisement&g0=suburban-chicago%2C%20news%2C%20chicago%2C%20education%2C%20front-page%2C%20metro-state&g1=Tom%20Schuba&u=Bzr8FaD9EZzMCCRaRw&t=CTtXcODUz2M0CF2AhvBjPf2rD7GNKq&x=0&y=0&V=133&VS=H5&n=1&b=3799&r=https%3A%2F%2Ft.co%2F&_vd=23011&_vi=Loyola%20University%20Chicago%20gets%20%24100%20million%20to%20support%20students%20of%20color%20%E2%80%94%20the%20largest%20donation%20in%20s&_vp=chicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&_vh=chicago.suntimes.com&_pu=Cy9bDEPGFJG_g7gx&_pt=C345CKCHD26_CaeCO_6jS55fzo3h&_pr=https%3A%2F%2Ft.co%2F&_vdd=chicago.suntimes.com&_vt=ct&_vs=s2&_vcs=0&_vbr=-1&_vvs=0.548&_vpt=40&_vaup=man&_vce=0&c=0.01&W=0&R=1&I=0&E=0&j=20&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-44-81.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 5D2F 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
383270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 May 2022 08:57:05 GMT
expires
Tue, 30 May 2023 08:57:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 5D2F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 06:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
131314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 06:56:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022053101&jk=3577992399060624&bg=!ammlaS3NAAao8wy8iPM7ACkAdvg8Whr8Uv0ZbXHdZMTCkAhQftj9wyF3nyu3N8y5iU-DRfSxG4yIBgIAAACVUgAAAANoAQeZAp5YQb6Qn7kF32hJb9X46yb2ZW8Y59ZbhDCQmlaB2E_aAKMtWXB1NGEbpspk9rT1grWnP3RWDftl_yY8YSF41VcAtj4L8uQq75Ifjxh3Nnr99HdRiLdylD9vrF16p1uKkDwORC3zOos6Sj_mKlGR1tI_IG5YWIctyB9qLtwblrot3WZN9KXEelZfFlVqgtzxI0cXwme_FGTAC-bNp6lybxGflec7eKOtKy_aHwZB9RoNpScIxJvRfEIW7dxVNWTqsMJpN_oUr9ZRiNnaY9XSyPSuispi573E-CubTybAqLtXLAWTgN3HpXbbvSksmmCltdYPZvweNyt57e-tkmjM-hYYfQTaZXO2hOr-I1SxDj69maD5hf6i9LlX0rEHZRdeDQtNvW3qyWVE9g5uRR4EEEnl_NI57g0FtJLKnThPm34Qy1l5WlarpyGq-TcrDCO1T842GN7c3QwyEVbDxdfB9QqpnG0oZTNXDM719Yi8chGOI6gf4NFgB4Fq5UYIcxCRt1vxN9j9Y3MVc-j8Hl1vqpCTUwBz9Kd5WeYABoEwnmw-EHe27plUNyuHqjmEiUtBWn4VdSt_AH1Fi0QS8AOjXz5jKtFGJANd0hUo2aO2Vu8h0coTU0WWjWfgK9Ph-KxXrhfwyLBD6yMyT84dmjG8Bb_ckIpTh541hlUxDlwEQGrTDwlx1lUQcMqvR4W0enAhOR_quJCEYW70oDTWiDZ6O_8sgeF4d7BbLjg4mnJ43EXU-Lzit9T-xfbtX3gHWfj5NmjIXOztpmqs4PmTBsRW60LPtkzjy1OromLmgFeS_XDiHWTFwsmoeFiusT5V83lAh40BmSHNHNvFF9-ri5xvj4TSi8QSIHwwMz_uOuN8fvvhvhWNORN0AZMuAa2j2xEy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
playback
s.youtube.com/api/stats/ Frame A8F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44750824%2C44760950%2C44761692%2C44762462&el=adunit&cpn=o06LhpmGOBVxiih7&docid=EBGSPCAXrl8&visitordata=Cgt0U3pMU3U1ckNxOA%253D%253D&ver=2&cmt=0.187&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fchicago.suntimes.com%2F&len=23.011&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=102.0.5005.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=21&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c01::71 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D2F 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.517.2&bgai=BGcfgBmCaYu-TOomp7gPvvq_ABgAAAAA4AboFEwiGvoaegZL4AhVGqHsKHbhRAp8&bg=!goGlgcXNAAao8wy8iPM7ACkAdvg8WloxnCm6SBeJfwH5MMgmTGRSPczrxc8Zz33BJKyaUmpEq9i6NgIAAABcUgAAAAJoAQeZAk3E0K3YRgl3GnuL8mklUY3C4MCZfms3IuJcTtMpTjW-9kfGkDANN16d_oGTfydK2TkDrVF19rsXF6u3Qplvm7z7a3LaYqFmw7x_6CBGdmaUglBWBBaVBb5b_ly53kpGIATRWKOh_hTFpq7nkC9Ce66CO0gg-ZF3YcsXF7W0Ppkimv9JpZ0S1wI6GFFLJAk1glB_429fnFAUwuz2t6RodQRwFiE-nkxQBdk2ya2H1h-epE9TitCfnBHbr430AOhB4C0g7DhGqScPLj-Z0h7fTutbh-NbGVk9IFUEOppy5x40Cb17QVn8clm_8sijgF1rP2tTAa9xW7mxvLtDuJAgrbB2MHFPqlHoE3A1dcgSVTpegULijEm5wqiJ3te-ZCwsMtogYe2G5o7Td1eOu74_FS3A9GDy_JMzvoi-i25fzZUjhM056y4FIgUUcb0lGX9AF3Ve3UeNpXGT7jZA7ydTNywSdHEQRYQvOPDofndtfxPKIDGjzu7Gxt9YUAjeXLDZC4WXfmYraYog05rmlmskxwzuX2PXuv-taxxYuFavava6wH_AVBd9FD6suqEcQHqDFpxg7Q7qvTgPXREfnF7Rkam01TvMkuotHi8gaJXCGphmwLOHpn7ZkIVdz9U9u0bl6Hby9zqAmqgpfIkZHoDSNpVGZ4R0axs7XoNR7Dvxv_Kqpp7vAy8XiPRQLkxo0YF3TEO25lgeFS9x4MBvLY2xwFMLComUoUBbD5B1bF_3DA_eDiqBzbveBukbWMiZaNmZ9VD_XBMbiUdHIkWaNt62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		2 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:24:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654284296.748752,VS0,VE0
x-served-by
cache-hhn4054-HHN
x-cache
MISS
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:55 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~l3yu5nkb&c=2313336694534&slotId=1156668347267&met.4=hvd_lc.l3yu5nka~hvd_ad.l3yu5nka~hvd_mad.l3yu5nka~hvd_admu.l3yu5nka~hvd_src.l3yu5nka&ps=660x371
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c17::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=chicago.suntimes.com&p=%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&u=Cy9bDEPGFJG_g7gx&d=chicago.suntimes.com&g=38241&g0=suburban-chicago%2C%20news%2C%20chicago%2C%20education%2C%20front-page%2C%20metro-state&g1=Tom%20Schuba&n=1&f=00001&c=0.02&x=0&m=0&y=6314&o=2301&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=https%3A%2F%2Ft.co%2F&b=3799&t=C345CKCHD26_CaeCO_6jS55fzo3h&V=133&tz=0&_vi=Advertisement&_vp=https://rr2---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1654313095&ei=B2CaYsrzCoPv1gLLrIzoAQ&ip=217.64.151.3&id=1011923c2017ae5f&itag=22&source=youtube&requiressl=yes&mh=Ga&mm=31&mn=sn-4g5lzne6&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=23.057&lmt=1653775032300599&mt=1654283827&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgZUFWEqO0pA4n0-zg0So3liq_wHMxR5HMEtNKMGFq8qcCICtR-o62Sp4McBQfuBLexL2bSgeCLAKhGgXwJO8689uv&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgez6yluJcpwlZM1Db4oyLjfgXL4T5TuiAZdLVHWlgFKUCIQCewaaonDYRJcNLn36yNCRTJ5k7_MVOeMF1vE1akmcpeA==&cpn=o06LhpmGOBVxiih7&_vdd=video%40chicago.suntimes.com&_vs=s2&_vt=ct&_vap=&_vtn=&_vd=23011&sn=2&sv=BNwHwtCDD7NdCcFGBGB5fWQyjJbKU&sr=https%3A%2F%2Ft.co%2F&sd=1&im=067b0fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-44-81.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:56 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
event.png
tpsc-eu3.doubleverify.com/ Frame 9CD2 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=c46896df4e22499490f419e0a0677edd&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&dvp_atali=1&vdur=110&eoid=10&msrjs=2796&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0316&dvp_acibv=&bsigr=24189255813248&sdf=2&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=39&vltms=110&sei=289&vetms=288&engms=1&engisel=1&ttfurm=2423&cbust=1654284296508164
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2796.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:56 GMT
Vary
Origin
Access-Control-Allow-Origin
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
06/02/2022 19:24:56
event.png
tpsc-eu3.doubleverify.com/ Frame 9CD2 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=c46896df4e22499490f419e0a0677edd&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=12&ismms=35&isumms=34&isvelg=1&nvr=6&isgmmims=35&isgmv4mims=35&elmtp=6&isbxdms=2435&b0=100&b11=2594&adhgt=250&adwdth=970&norwdth=970&norhgt=250&engisel=1&vsos=13&dvp_vsosnmr=16&lftb=2694&sftb=2694&msrdp=1&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=966&isuiabvms=966&isgmpims=34&isgmv4dpims=966&ispmxpms=966&engalms=33&dvp_dpr=1&cbust=1654284297507819
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2796.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:57 GMT
Vary
Origin
Access-Control-Allow-Origin
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
06/02/2022 19:24:57
events
prd-collector-anon.ex.co/main/ 		2 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:24:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1654284298.562788,VS0,VE0
x-served-by
cache-hhn4054-HHN
x-cache
MISS
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
content-length
2
retry-after
0
x-cache-hits
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A8F1 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstN5nP-EQg5WWPIHeT869IcwXXSGfKP4wEZe2Iq5fjACBRtLwHUkP8JEtrjXaVGSBP0eCe4TLxvJTdg9MiOKxOy0H2NeFduuwcO7sYL2_4Dqlqb4c9hR9LC6IRd&sai=AMfl-YQnrLBibGDAkh6NgmzQHeIvmem6PeVuoCGZaH_r8CbeVJ3W78BUeIsIgOGZNZ5ZNli-sAA2sjDSI3sC2BXFbVNTkyZryP0wexsZDyLSKFjCe77CgBbzZM5paDk&sig=Cg0ArKJSzLdO2BOztH6WEAE&cid=CAASF-Ro1GgP0DDsbV3QT917bJodDFXZv86A&id=lidarv&acvw=sv%3D926%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D999,1255,1185,1585%26tos%3D2007,0,0,0,0%26mtos%3D2007,2007,2007,2007,2007%26amtos%3D0,0,0,0,0%26mcvt%3D2007%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2220%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D628%26pst%3D413%26dur%3D23010%26vmtime%3D1938%26dtos%3D2007%26dtoss%3D1%26dvs%3D2007%26dfvs%3D2007%26dvpt%3D2208%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1005%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D475737313%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26pnmm%3D1654284294022%26ptlt%3D1654284297680%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2007&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1654284295285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
api-esp.piano.io/public/sdk/v04/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:57 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
108662
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 May 2022 10:09:58 GMT
server
cloudflare
etag
W/"1bbec-1811997f4f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
715acfdd3bc6021d-ZRH
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sat, 03 Jun 2023 19:24:57 GMT
jquery-2.2.0.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:57 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e55"
vary
Accept-Encoding
x-hw
1654284297.dop132.fr8.t,1654284297.cds161.fr8.hn,1654284297.cds107.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
19
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=l3yu5llt224jg32e&stored_visitor=&pnespid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://chicago.suntimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://chicago.suntimes.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
715acfdeca4f01df-ZRH
date
Fri, 03 Jun 2022 19:24:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
19
api-esp.piano.io/publisher/fusion/lucid/data/ 		460 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=l3yu5llt224jg32e&stored_visitor=&pnespid=
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d90b226b13f5f4db75acec7d2c21c0c7d24b1356180e7095f4e336e801992b5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"1cc-Y/d1nS4WJNrOEiVScA1FeC/Y+80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chicago.suntimes.com
access-control-allow-credentials
true
cf-ray
715acfdfcb9623f7-ZRH
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7AF6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27371
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 03 Jun 2022 19:24:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 04 Jun 2022 03:01:09 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 640D 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 03 Jun 2022 19:24:58 GMT
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame F27A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Jun 2022 19:24:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 652C
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=c57742b52e04675705c24786ee541a1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0eb7_7105096958196737308&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YzU3NzQyYjUyZTA0Njc1NzA1YzI0Nzg2ZWU1NDFhMQ==&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJbOJaPBUYHHBFeS-pPg9O8&google_cver=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1654284298434048-549
Expires
Fri, 03 Jun 2022 19:24:58 GMT
avjp
playbuzzltd-d.openx.net/v/1.0/ Frame 652C 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b69276b2-a752-46a8-a5c7-99e4682a7562&nocache=1654284298161&schain=1.0%2C1!playbuzz.com%2C0010J00001r9agUQAQ%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A330%2C%22h%22%3A186%2C%22api%22%3A%5B1%2C2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playbackmethod%22%3A%5B1%2C2%2C3%5D%2C%22linearity%22%3A1%2C%22minduration%22%3A1%2C%22maxduration%22%3A120%7D%7D%5D%7D&auid=557057725&vwd=330&vht=186
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
via
1.1 google
server
OXGW/eecec1e
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://chicago.suntimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 652C 		67 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=29819874&componentId=prebid&componentSubId=mustang&timestamp=1654284298161&pKey=-1580565719&schain=1.0%2C1!playbuzz.com%2C0010J00001r9agUQAQ%2C1%2C%2C%2C%2C&loc=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&playerSize=330x186
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/prebid/5.20.0/badcaa3-2022-05-16-10-28-43/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:58 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://chicago.suntimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1654284298077089-597
Expires
Fri, 03 Jun 2022 19:24:58 GMT
usync.js
eus.rubiconproject.com/ Frame F27A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 19:24:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30048
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sat, 04 Jun 2022 03:45:46 GMT
khaos.jpg
token.rubiconproject.com/ Frame F27A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
PugMaster
image6.pubmatic.com/AdServer/ Frame 7AF6 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57747672&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
16b5a83b695a5ec5e45110fff66918fa161ac99de3e85f63e27bf3099f2c6a29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:57 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
40
api-esp.piano.io/tracker/lucid/visit/ 		65 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&visitor=l3yu5llt224jg32e
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9c5fd4ee7f43a4b711131d7d108ae81257dcfb9c83f000c005726535a9c8203
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
content-encoding
gzip
vary
X-HTTP-Method-Override
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"41-JmqVQ7IFsa0ytsPjW7z/PiiZfrI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chicago.suntimes.com
access-control-allow-credentials
true
cf-ray
715acfe19efb23f7-ZRH
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
40
api-esp.piano.io/tracker/lucid/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&visitor=l3yu5llt224jg32e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://chicago.suntimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://chicago.suntimes.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
715acfe0ce0601df-ZRH
date
Fri, 03 Jun 2022 19:24:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
match
c1.adform.net/serving/cookie/ Frame 3B3D 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2582F157-E52E-4ED0-9075-3514DFCF1B74
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 03 Jun 2022 19:24:58 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame B4E0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5641148811591932552
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5641148811591932552
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Jun 2022 19:24:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5641148811591932552
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 8592
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d4cf629a-600b-4e00-847e-42cc7a7cbfae&gdpr=0&gdpr_consent=
42 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d4cf629a-600b-4e00-847e-42cc7a7cbfae&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Jun 2022 19:24:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 03 Jun 2022 19:24:59 GMT
Expires
Fri, 03 Jun 2022 19:24:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master nrt-pixel-x17 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d4cf629a-600b-4e00-847e-42cc7a7cbfae&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 85A5 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 19:24:57 GMT
expires
Fri, 03 Jun 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
414112
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9C37
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7105096958209423500
42 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7105096958209423500
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Jun 2022 19:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 03 Jun 2022 19:24:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7105096958209423500
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 0A92
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Hl1wNeHNTYBKQTTV2KKco9lAlwM
42 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Hl1wNeHNTYBKQTTV2KKco9lAlwM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Jun 2022 19:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Jun 2022 19:24:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Hl1wNeHNTYBKQTTV2KKco9lAlwM
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame F574 		0
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 03 Jun 2022 19:24:58 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4040-HHN
x-timer
S1654284298.449437,VS0,VE0
redir
rtb-csync.smartadserver.com/ Frame BE2F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGdFUwN0ZOTUFBQUZSNFJHYnhqUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFtU07FNMAAAFR4RGbxjQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFtU07FNMAAAFR4RGbxjQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Fri, 03 Jun 2022 19:24:58 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 03 Jun 2022 19:24:58 GMT
Server
nginx
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFtU07FNMAAAFR4RGbxjQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
bridge
cm.adgrx.com/ Frame 6771 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 03 Jun 2022 19:24:58 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-4
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame D838
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 03 Jun 2022 19:24:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 03 Jun 2022 19:24:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
i.match
s.tribalfusion.com/z/ Frame D07D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
715acfe29ef501eb-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 03 Jun 2022 19:24:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
715acfe15cc801eb-ZRH
content-type
text/html
date
Fri, 03 Jun 2022 19:24:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
346
cookiesync
core.iprom.net/ Frame D059 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 03 Jun 2022 19:24:58 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-a6025c1b49c8@version_1.506v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 95DD
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1654284298464
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Jun 2022 19:24:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 03 Jun 2022 19:24:58 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
Pug
image2.pubmatic.com/AdServer/ Frame 27B0
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4dda3db1181716f6/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=4dda3db1181716f6/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26g...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWQQgYQhbbSbTbUMU
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWQQgYQhbbSbTbUMU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Jun 2022 19:24:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWQQgYQhbbSbTbUMU
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame D7D8
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a75da23b-3675-4d12-94d8-3eeb4ce612d1-tuct993e58a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a75da23b-3675-4d12-94d8-3eeb4ce612d1-tuct993e58a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Fri, 03 Jun 2022 19:24:58 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4064-HHN
x-timer
S1654284299.548881,VS0,VE8

Redirect headers

accept-ranges
bytes
content-length
0
date
Fri, 03 Jun 2022 19:24:58 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a75da23b-3675-4d12-94d8-3eeb4ce612d1-tuct993e58a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6940-MXP
x-timer
S1654284298.479567,VS0,VE24
x-vcl-time-ms
24
pub
matching.truffle.bid/sync/ Frame C87C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 03 Jun 2022 19:24:58 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7AF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JYLxV-UuTtCQdTUU388bdA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=27371
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 04 Jun 2022 03:01:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=29e3629a-600b-4700-bebe-44677642d932
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=29e3629a-600b-4700-bebe-44677642d932
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 03 Jun 2022 19:24:59 GMT
Server
MT3 4419 e1034d5 master nrt-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=29e3629a-600b-4700-bebe-44677642d932
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 03 Jun 2022 19:24:58 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7AF6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2582F157-E52E-4ED0-9075-3514DFCF1B74
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=625f8dd6e3f57e2d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjU4MkYxNTctRTUyRS00RUQwLTkwNzUtMzUxNERGQ0YxQjc0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJW1Nq32yWXSCQ3vCikVDHc&google_cver=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJW1Nq32yWXSCQ3vCikVDHc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJW1Nq32yWXSCQ3vCikVDHc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7AF6 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 02 Jun 2022 19:24:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4845753654144477649
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4845753654144477649
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4845753654144477649
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 7AF6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6127276270254454964&gdpr=0&gdpr_consent=
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6127276270254454964&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:58 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5aa7861e-974f-4896-aee1-0e65a487cac3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6127276270254454964&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cy7P73Msxu9oKpK9dCzbtncvxrhoeJW6JytNiUt-
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cy7P73Msxu9oKpK9dCzbtncvxrhoeJW6JytNiUt-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cy7P73Msxu9oKpK9dCzbtncvxrhoeJW6JytNiUt-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
2582F157-E52E-4ED0-9075-3514DFCF1B74
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7AF6 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2582F157-E52E-4ED0-9075-3514DFCF1B74?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:922:6908:c2c0:f56e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2582F157-E52E-4ED0-9075-3514DFCF1B74&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2582F157-E52E-4ED0-9075-3514DFCF1B74&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wDrt6nxE2uWF67wuaLoYlmoYr14klXo-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wDrt6nxE2uWF67wuaLoYlmoYr14klXo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wDrt6nxE2uWF67wuaLoYlmoYr14klXo-~A&gdpr=0&gdpr_consent=
date
Fri, 03 Jun 2022 19:24:58 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
odr.mookie1.com/t/v2/ Frame 7AF6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7b7b2d9d-246d-4981-b560-a9b899eb3c94&ssp=pubmatic&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7b7b2d9d-246d-4981-b560-a9b899eb3c94&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7b7b2d9d-246d-4981-b560-a9b899eb3c94&ssp=pubmatic&gdpr=0&gdpr_consent=
Date
Fri, 03 Jun 2022 19:24:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4584369964519151070&gdpr=0&gdpr_consent=&us_privacy=
1 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4584369964519151070&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4584369964519151070&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 03 Jun 2022 19:24:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7AF6 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2582F157-E52E-4ED0-9075-3514DFCF1B74&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dd00521e-8ce7-45d5-827a-5c07040ef590&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dd00521e-8ce7-45d5-827a-5c07040ef590&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dd00521e-8ce7-45d5-827a-5c07040ef590&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 03 Jun 2022 19:24:58 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7AF6 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:24:58 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7AF6
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6127276270254454964
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6127276270254454964
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 09:29:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 19:24:58 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2351d593-eab2-44f0-b0c4-56cb2b77197c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6127276270254454964
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		77 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=FV0czWAOfe&tbc=%7Bkpex%7D_l0lmlXZDsoB1TApqUXxIDvesOdEetlmh8TXmeZuORiIkMDo3a-9KJcK90RJDo3k&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp6889
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8e2583fcbe57084f285897873522bdaf414f984d1b761bd7f9099804cbe72d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
715acfe23fbb2355-ZRH
date
Fri, 03 Jun 2022 19:24:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-123-115
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
p3p
CP="NON DSP COR OUR IND"
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cmx1xcrAQjJ
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t.co
URL: https://t.co/EZfYB6goBX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3950
date
Fri, 03 Jun 2022 18:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 03 Jun 2022 20:19:08 GMT
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:25:00 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
SPug
simage4.pubmatic.com/AdServer/ Frame 7AF6 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.121 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 19:25:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40chicago.suntimes.com&g=38241&p=https%3A%2F%2Frr2---sn-4g5lzne6.googlevideo.com%2Fvideoplayback%3Fexpire%3D1654313095%26ei%3DB2CaYsrzCoPv1gLLrIzoAQ%26ip%3D217.64.151.3%26id%3D1011923c2017ae5f%26itag%3D22%26source%3Dyoutube%26requiressl%3Dyes%26mh%3DGa%26mm%3D31%26mn%3Dsn-4g5lzne6%26ms%3Dau%26mv%3Dm%26mvi%3D2%26pl%3D24%26susc%3Dgvp%26acao%3Dyes%26ctier%3DL%26mime%3Dvideo%2Fmp4%26vprv%3D1%26dur%3D23.057%26lmt%3D1653775032300599%26mt%3D1654283827%26txp%3D5432434%26sparams%3Dexpire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cdur%2Clmt%26sig%3DAOq0QJ8wRAIgZUFWEqO0pA4n0-zg0So3liq_wHMxR5HMEtNKMGFq8qcCICtR-o62Sp4McBQfuBLexL2bSgeCLAKhGgXwJO8689uv%26lsparams%3Dmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%26lsig%3DAG3C_xAwRQIgez6yluJcpwlZM1Db4oyLjfgXL4T5TuiAZdLVHWlgFKUCIQCewaaonDYRJcNLn36yNCRTJ5k7_MVOeMF1vE1akmcpeA%3D%3D%26cpn%3Do06LhpmGOBVxiih7&i=Advertisement&g0=suburban-chicago%2C%20news%2C%20chicago%2C%20education%2C%20front-page%2C%20metro-state&g1=Tom%20Schuba&u=Bzr8FaD9EZzMCCRaRw&t=CTtXcODUz2M0CF2AhvBjPf2rD7GNKq&x=0&y=0&V=133&VS=H5&n=1&b=3799&_vd=23011&_vi=Loyola%20University%20Chicago%20gets%20%24100%20million%20to%20support%20students%20of%20color%20%E2%80%94%20the%20largest%20donation%20in%20s&_vp=chicago.suntimes.com%2Feducation%2F2022%2F6%2F2%2F23152631%2Floyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history&_vh=chicago.suntimes.com&_pu=Cy9bDEPGFJG_g7gx&_pt=C345CKCHD26_CaeCO_6jS55fzo3h&_pr=https%3A%2F%2Ft.co%2F&_vdd=chicago.suntimes.com&_vt=ct&_vs=s2&_vcs=1&_vbr=-1&_vvs=5.548&_vpt=5040&_vaup=man&_vce=5&c=0.09&W=0&R=1&I=0&E=5&j=20&tz=0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-44-81.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:25:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A8F1 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRMouBmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoEkwNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCZ01NfYDdbl7SXuK8tVBNdD-mCP4sJSiidVuOgShS1zdkr_eXk6QiC5o637wATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NoAKA8gLAaIMCCoGCgTPp7EC2BMM0BUBmBYB4hYCCAH4FgGAFwE&sigh=6wxjlBTi3Wk&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=video_skip_shown&ad_mt=5227&acvw=sv%3D926%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D999,1255,1185,1585%26p0%3D3391,315,3762,975%26tos%3D5065,0,0,0,0%26mtos%3D5065,5065,5065,5065,5065%26amtos%3D0,0,0,0,0%26mcvt%3D5065%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5278%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1238%26pst%3D413%26dur%3D23010%26vmtime%3D5227%26is%3D275%26i0%3D18%26cs%3D16781587%26c%3D1%26c0%3D0%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D5065,5065,5065,5065,5065%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1005%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D475737313%26psm%3D-2147483585%26psv%3D63%26psfv%3D63%26psa%3D0%26pnmm%3D1654284294022%26ptlt%3D1654284300738%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5065%26ss0%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1654284295285&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzQ0NDMzNTc1MTIMNTk2OTUxMDE5NTQ4QMgCUiYQDyUAAOBBKAE6C0VCR1NQQ0FYcmw4Qglnb29nbGVhZHNIpQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:25:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A8F1 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRMouBmCaYu-TOomp7gPvvq_ABv-bh45qh8nmsfcPsJAfEAEguY2OKGCVgoCAsAegAZTU_Z4DyAEFqQISSLoygm4nPuACAKgDAZgEAKoEkwNP0MgiN9Kx8L5iWKK1Ndrq0l7Ral1w8osEQSjBzbdd58J-R8UjiFLfNOGcsPgfYnYME-o-UCWiVxlEaDuQNl9xZcENBfYj8w8pzfTG-LcSiyDxa7lTqoRf78G-WIbp19o9eCutUmxVNcMZiOnXZJG5sImGqRY8JsSeAttjNk8WwxjbM1l-gNViXH69Vra9DNyIR64la6A5n5o1t0dfA4SSXRvEYl9mJTDi00bNTAmeAJvs5_XRNAeubEtfEalenI315Iw04Gk30iuMBMLVMazs0-74uXcvbYGaDBw9pmWzshH6M6K6wmv4kb83NvGBHWLdXnMuKP01NfL9TBHdBPsrzvgC-lQ5ZlBg_g3OxmPHTr7vjTaTnU9NqZ1vk1_cG99YizmgcxDuxPwFAzKPqyuePYvdqnJh7fdXJ97YqDfTAc4yvkeTV15C0whT5JSUilGkzKSTM6mgvs9Uw0IxHa9FDo1ODoDJqCZ01NfYDdbl7SXuK8tVBNdD-mCP4sJSiidVuOgShS1zdkr_eXk6QiC5o637wATn1rT_hgTgBAGgBlSAB9SrgmGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjM5MTIyNjc4Nzg3OTc5NoAKA8gLAaIMCCoGCgTPp7EC2BMM0BUBmBYB4hYCCAH4FgGAFwE&sigh=6wxjlBTi3Wk&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=videoplaytime25&ad_mt=5977&acvw=sv%3D926%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D999,1255,1185,1585%26tos%3D5817,0,0,0,0%26mtos%3D5817,5817,5817,5817,5817%26amtos%3D0,0,0,0,0%26mcvt%3D5817%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6030%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1439%26pst%3D413%26dur%3D23010%26vmtime%3D5977%26dtos%3D3810%26dtoss%3D2%26dvs%3D3810%26dfvs%3D3810%26dvpt%3D3810%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D5817,5817,5817,5817,5817%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1005%26femvt%3D0%26emc%3D32%26emuc%3D0%26emb%3D30,0,0,0,0%26avms%3Dexc%26qi%3D475737313%26psm%3D-2147483585%26psv%3D63%26psfv%3D63%26psa%3D0%26pnmm%3D1654284294022%26ptlt%3D1654284301490%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5817&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1654284295285&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzQ0NDMzNTc1MTIMNTk2OTUxMDE5NTQ4QMgCUiYQDyUAAOBBKAE6C0VCR1NQQ0FYcmw4Qglnb29nbGVhZHNIpQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:25:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_track
chicago.suntimes.com/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chicago.suntimes.com/_track
Requested by
Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-36.dus51.r.cloudfront.net
Software
N/A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Jun 2022 19:25:02 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
server
N/A
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
6WXbSIecenmcSAhAQPgGBZKNFxCeIbkzTW_Cd_AX-omGeVwNf6dimg==
strict-transport-security
max-age=31536000; includeSubdomains;
x-cache
Miss from cloudfront
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://chicago.suntimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:25:04 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
dc_oe=ChMIoJKsnYGS-AIVBtx3Ch3GwgSNEAAYACCR_pJRQhMI8KuInYGS-AIVxrDeCh3d-AK3;met=1;&timestamp=1654284304181;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A6E8 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoJKsnYGS-AIVBtx3Ch3GwgSNEAAYACCR_pJRQhMI8KuInYGS-AIVxrDeCh3d-AK3;met=1;&timestamp=1654284304181;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 19:25:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,7000&display=swap
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEFDpq02fxtgjP10PuHUpGO0&google_cver=1&google_push=AYg5qPJN5gCwdxH4jXD43TqoxvB2blccFYQeMSOrHVSuoH_bYkHhK-QjZNyOOcQbnvb4gCnvrND2wFR18DSXrpEdS0nG02_q1rTSow

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| setNptTechAdblockerCookie object| script function| isAdblockerEnabled function| getCookieValue object| WebComponents object| head object| dataLayer object| googletag object| dfpAdSlotsObject object| dfpAdSlots object| staticAdSlots function| fbAsyncInit object| link object| relList object| i18n function| showPianoLogin function| pianoLogout function| toggleFields object| js_tags string| template string| categoryName number| cstArchive undefined| pathname object| tp function| fixLeadMargin object| FB object| webpackChunkbrightspot_theme_core object| regeneratorRuntime function| unfocus object| google_tag_manager object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| htlbidLoaded function| pbjsChunk object| pbjs object| _pbjsGlobals function| HTLBIDLoader object| apstag object| htlbid boolean| htlbidStarted string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| BlockAdBlock object| blockAdBlock object| PianoESPConfig object| _matherq undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal boolean| apstagLOADED object| gaplugins object| gaData function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| cX function| ___tp object| __ctcg_65349_0_exec function| cxCCE_callQueueExecute object| cxTest object| ID5 object| cXNative object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE object| __EXCO object| CEDATO_TAG object| CEDATO_API string| pbPageIdentifier object| ampInaboxIframes object| ampInaboxPendingMessages object| CEDATO_INIT undefined| cXJsonpCBl3yu5m9yjtu08t45 function| CEDATO_DEBUG function| _1654284293776952 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_209251 object| closure_lm_285614 object| freewheelssp_cache object| _sf_async_config object| _cbv object| GoogleGcLKhOms object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies function| onYouTubeIframeAPIReady object| google_image_requests object| PianoESP undefined| $ undefined| jQuery

94 Cookies

Domain/Path Name / Value
chicago.suntimes.com/education/2022/6/2/23152631 Name: exco-uid
Value: qy4m74ukjss3zm2b
.t.co/ Name: muc
Value: 66c41dad-925d-42cb-8f07-82c996336c6d
.bit.ly/ Name: _bit
Value: m53joP-611b3ccfeb11a9f5b8-008
.youtube.com/ Name: YSC
Value: MLYUpNwuNUk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KAkB1qyFzVo
.suntimes.com/ Name: _ga
Value: GA1.2.2126610865.1654284293
.suntimes.com/ Name: _gid
Value: GA1.2.1572522791.1654284293
.suntimes.com/ Name: _gat_UA-52083976-6
Value: 1
.suntimes.com/ Name: _gat_UA-52083976-1
Value: 1
chicago.suntimes.com/ Name: __adblocker
Value: false
.suntimes.com/ Name: _fbp
Value: fb.1.1654284292950.365209631
.facebook.com/ Name: fr
Value: 0LBwvrf2eJn4UyA5R..BimmAE...1.0.BimmAE.
.piano.io/ Name: __cf_bm
Value: LQI7wN3UdwGBHQ4L1mNyzu36BuyDy6DB0_mduMO4ycU-1654284292-0-AaS23U9wfQhr64KhahmiWX1K+aNvHe4D/KLDwKc7R6Kc0MDvFicdNarHzShZVOnE4j/12qry9edE3a7IMHpt+Zs=
.suntimes.com/ Name: __tbc
Value: %7Bkpex%7D_l0lmlXZDsoB1TApqUXxIDvesOdEetlmh8TXmeZuORiIkMDo3a-9KJcK90RJDo3k
.suntimes.com/ Name: cX_P
Value: l3yu5llt224jg32e
.suntimes.com/ Name: __pat
Value: -18000000
.suntimes.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-l3yu5llyv8duhd35%22%2C%22domain%22%3A%22.suntimes.com%22%2C%22time%22%3A1654284293047%7D
.suntimes.com/ Name: xbc
Value: %7Bkpex%7DlYlpmaBDwIRXmuCm2mhhe4zNU6pWBcUS_eUtWZ7T0eJGAyzA07e6m1sPiIDGHmInMVJaJY2vSHURMYhCvieZpnK0bxwsS2ry4lx1PDrFF3R4WxIG2hOjvii2iGTmVOwiDxp9vozw1lw5loWGSlmXdRtYkiZ6DK7-picX1uRTxo8H6wVgIubS2MFmxvZWA3YyUG9JpOnZOIhm_uhsqvev6IstQd4OwRmVm0FNW9BdDu90UBiTBYNinuQtKmsTAu24vlJmMRWKaDW9SyHlgNKlZx_4ALazzxqM3dAVESrY-6Vsw1RCcOeBUb2q1Dq41rkcwbahHFANiGwp9pE25nalA0-KExh59mn9DTnTCTxrNRi6mti6ES2WkcJ6UTWY9JW8W6YyAXyfIipY6DdPvUzYOHt9XjCoKCl19hEPV2_qFuB-egcxSCibND77Bbl_xVQMiBHoMcv5MjT8ibWRTl547wHAgyk1mGsRm3hMnu57OLSWC-sfqOusKpb-WDd9wLE8OPNUYH3KtBrAA-27Oi9-tIJZ5j5VVuIMcvnS5v32cb1oncRXSxylR48kj5OVuMp8JDC43Gvot-qPSBti3NN1pw
.suntimes.com/ Name: cX_S
Value: l3yu5lxl7bn2l6az
.doubleclick.net/ Name: IDE
Value: AHWqTUmAXRhA6fuanxER8V8_-0IjY2istiyH8E09wQLH8e-VMmvFBbHoIYm3eauh_eY
.suntimes.com/ Name: __gads
Value: ID=50483677c2bd3392:T=1654284292:S=ALNI_MYju76wH0joZ2MG8_FdzxLOOWpKDw
.adnxs.com/ Name: uuid2
Value: 6127276270254454964
.casalemedia.com/ Name: CMID
Value: YppgBUxFpFt72wB.rHNCygAA
.casalemedia.com/ Name: CMPS
Value: 5197
.casalemedia.com/ Name: CMPRO
Value: 1112
.casalemedia.com/ Name: CMST
Value: YppgBWKaYAUA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb]I0[fo!1yIE`fS1ueD1W-044)d+]NEAS[Dpqny^`ar/DE5W9gNuBg'G*.ogTsoZ3X_P(hw9P-HC_#ttFQ)w4l3
.cxense.com/ Name: gckp
Value: 2wz9jf39wt4lilbx9nw48m00f
.casalemedia.com/ Name: CMRUM3
Value: 2d629a60052760CAESEEYToMybs_gPIzgFiNhtDS0
.suntimes.com/ Name: cX_G
Value: cx%3A3hrv9hvrqt8uovu1skjn896uh%3Asiwjuj4w1bsq
.ctnsnet.com/ Name: cid_be5c32c5d7a04a47b5187fd0c8fbedd1
Value: 1
.ctnsnet.com/ Name: gid_CAESEKUV86uOyDjGx-5V7Ym3EZs
Value: 1
.w55c.net/ Name: wfivefivec
Value: PP7V8EAy1NXcUJ5
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: C
Value: 1
.360yield.com/ Name: tuuid
Value: 7eef106a-b441-45ca-875c-61f80f70255c
.360yield.com/ Name: tuuid_lu
Value: 1654284294
.adform.net/ Name: uid
Value: 4845753654144477649
.3lift.com/ Name: tluid
Value: 2741266563122976976956
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22DB7BF532-9719-4A56-9210-C18C3DC6C626%22%7D
.turn.com/ Name: uid
Value: 4584369964519151070
.simpli.fi/ Name: suid
Value: 8A806AF5E7BE45C59FC7490D7F935879
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27880537_4307561_337692172_170180369_QTYP0404A20220601&ref=27880537_4307561_337692172_170180369_QTYP0404A20220601
ads.stickyadstv.com/ Name: UID
Value: c57742b52e04675705c24786ee541a1
.suntimes.com/ Name: _cb
Value: Cy9bDEPGFJG_g7gx
.suntimes.com/ Name: _chartbeat2
Value: .1654284294970.1654284294970.1.BNwHwtCDD7NdCcFGBGB5fWQyjJbKU.1
.suntimes.com/ Name: _cb_svref
Value: https%3A%2F%2Ft.co%2F
.suntimes.com/ Name: _v__chartbeat3
Value: Bzr8FaD9EZzMCCRaRw
.ads.pubmatic.com/ Name: KCCH
Value: YES
ads.stickyadstv.com/ Name: pxId
Value: 12226
ads.stickyadstv.com/ Name: sessionId
Value: 128cdc6531ac12bea661ed0f87759d
chicago.suntimes.com/ Name: pnespsdk_ssn
Value: %7B%22%24s%22%3A1654284298357%2C%22visitNumber%22%3A1%7D
chicago.suntimes.com/ Name: pnespsdk_visitor
Value: l3yu5llt224jg32e
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2582F157-E52E-4ED0-9075-3514DFCF1B74
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158901:2
.pubmatic.com/ Name: DPSync3
Value: 1655424000%3A219_201_197%7C1654300800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1655424000%3A56_8_71_176_3_165_99_88_204_21_161_233_81_238_55_22_234_222_220_54_13_7_166_243%7C1655510400%3A35%7C1654819200%3A2_15_223%7C1656806400%3A203%7C1655078400%3A63
.fwmrm.net/ Name: _uid
Value: "l0eb7_7105096958196737308"
.quantserve.com/ Name: d
Value: EMMBCwGlJvijAA
.quantserve.com/ Name: mc
Value: 629a600a-6d310-82306-dc4b7
.adfarm1.adition.com/ Name: UserID1
Value: 7105096958209423500
.bidswitch.net/ Name: tuuid
Value: 7b7b2d9d-246d-4981-b560-a9b899eb3c94
.bidswitch.net/ Name: c
Value: 1654284298
.bidswitch.net/ Name: tuuid_lu
Value: 1654284298
.yahoo.com/ Name: A3
Value: d=AQABBApgmmICEJp002fAGx9eKFgJ7ITk200FEgEBAQGxm2KkYgAAAAAA_eMAAA&S=AQAAAlYCdUJJaD6bi7X3G6I_1IU
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l0eb7_7105096958196737308
ads.stickyadstv.com/ Name: MRM_UID
Value: l0eb7_7105096958196737308
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2597
.adsby.bidtheatre.com/ Name: __kuid
Value: dd00521e-8ce7-45d5-827a-5c07040ef590.423498298
.de17a.com/ Name: guid2
Value: 1.5641148811591932552
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJW1Nq32yWXSCQ3vCikVDHc&KRTB&16514-CAESEJW1Nq32yWXSCQ3vCikVDHc&KRTB&23025-CAESEJW1Nq32yWXSCQ3vCikVDHc
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6127276270254454964&KRTB&23339-6127276270254454964
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-cy7P73Msxu9oKpK9dCzbtncvxrhoeJW6JytNiUt-&KRTB&19420-cy7P73Msxu9oKpK9dCzbtncvxrhoeJW6JytNiUt-&KRTB&22979-cy7P73Msxu9oKpK9dCzbtncvxrhoeJW6JytNiUt-
ads.playground.xyz/ Name: connect.sid
Value: s%3AMJtLbJ9XpdpkHoKiQ1OcEF0KexSNEgUm.nuU9nyZFDGlGS4Nk7YZ0zbDaQ59sAtkQAOyB5qJ2SUk
.onaudience.com/ Name: done_redirects104
Value: 1
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEJbOJaPBUYHHBFeS-pPg9O8
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5641148811591932552
.bidr.io/ Name: bito
Value: AAFtU07FNMAAAFR4RGbxjQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-9y7pfzHtWQQgYQhbbSbTbUMU
.onaudience.com/ Name: cookie
Value: 625f8dd6e3f57e2d
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1e5d7035-e1cd-4d80-4a41-34d5d8a29ca3.TKW5onnbxbfqLvokPY%2BDUkx6GkHR9%2Bc%2FB6yC8oDYrqU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHl1wNeHNTYBKQTTV2KKco9lAlwM.0YAGyck0itx%2FfpUsKPCQmXIhan7Nj4HZYwoX1jdiyCo
.tribalfusion.com/ Name: ANON_ID
Value: axnseFsKBRgFmDqU7puNhAmAJt5RDaGKRpwbDvITS42nFn1bXU3TZdqFnBT8rWRfYL8J3Mw3iQL3fnvPZatoJy
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1654284298
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Hl1wNeHNTYBKQTTV2KKco9lAlwM
.pubmatic.com/ Name: PugT
Value: 1654284298
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4584369964519151070&KRTB&23150-4584369964519151070
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4845753654144477649&KRTB&23263-4845753654144477649
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7105096958209423500&KRTB&23369-7105096958209423500

3 Console Messages

Source Level URL
Text
javascript error URL: https://chicago.suntimes.com/education/2022/6/2/23152631/loyola-university-chicago-100-million-support-students-of-color-largest-donation-in-school-history(Line 2927)
Message:
Access to CSS stylesheet at 'https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,7000&display=swap' from origin 'https://chicago.suntimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,7000&display=swap
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.channelexco.com
a.tribalfusion.com
aamapi.com
acfeb80f6cc688a68ea1f9b9a92109ed.safeframe.googlesyndication.com
ad.turn.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.undertone.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams-pageview-public.s3.amazonaws.com
api-esp.piano.io
bit.ly
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
cdn.besafe.global
cdn.cxense.com
cdn.doubleverify.com
cdn.ex.co
cdn.id5-sync.com
cdn.playbuzz.com
cdn.tinypass.com
cdn.undertone.com
cdnjs.cloudflare.com
chicago.suntimes.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
comcluster.cxense.com
connect.facebook.net
core.iprom.net
csi.gstatic.com
cst.brightspotcdn.com
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.channelexco.com
eb2.3lift.com
eus.rubiconproject.com
experience.tinypass.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hbopenbid.pubmatic.com
htlbid.com
i.ytimg.com
ib.adnxs.com
id.cxense.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jnn-pa.googleapis.com
log.outbrainimg.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mcd.ex.co
mcdp-nydc1.outbrain.com
odb.outbrain.com
odr.mookie1.com
onetag-sys.com
p.channelexco.com
p.typekit.net
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
playbuzzltd-d.openx.net
player.ex.co
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r.turn.com
rock.defybrick.com
rr2---sn-4g5lzne6.googlevideo.com
rtb-csync.smartadserver.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s-117.channelexco.com
s.tribalfusion.com
s.youtube.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
static.chartbeat.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
t.co
tag.targeting.unrulymedia.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
fonts.googleapis.com
google2waycm.netmng.com
103.229.205.243
104.111.242.245
104.244.42.5
104.89.20.125
108.157.4.36
108.62.117.246
13.32.27.92
141.94.101.34
141.94.170.77
141.95.98.64
142.250.185.194
142.250.185.66
142.250.185.98
142.250.74.194
147.75.83.64
151.101.129.44
151.101.14.132
151.101.194.49
151.101.66.132
159.122.14.34
159.65.196.12
178.250.2.151
18.134.84.24
18.158.79.13
18.66.248.126
185.33.221.13
185.33.221.50
185.64.189.110
185.64.189.112
185.64.190.78
185.86.137.122
185.86.137.132
195.5.165.20
198.47.127.20
2.18.234.233
2.20.157.71
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::11
204.237.133.120
204.237.133.121
209.58.147.67
213.155.156.168
213.19.147.43
213.19.147.44
23.35.236.201
23.35.236.247
23.35.237.181
23.35.237.86
23.82.15.162
23.88.75.188
2600:1f14:600:6e00:5992:27c2:5276:6fe4
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:2057:400:1a:ba5c:3900:93a1
2600:9000:2156:5200:18:1fcd:351:7bc1
2600:9000:2156:7800:8:455e:4a00:93a1
2600:9000:2315:9800:1f:2473:9080:93a1
2606:4700:3030::6815:5476
2606:4700:4400::ac40:98f5
2606:4700::6810:f015
2606:4700::6811:190e
2606:4700::6811:b7b1
2606:4700::6811:b9b1
2607:f8b0:4001:c17::5e
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:12::7
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c04::9a
2a00:1450:4013:c01::71
2a02:26f0:3500:58b::4469
2a02:26f0:6c00:2a7::268b
2a02:26f0:f7::5c7b:e01c
2a02:26f0:f7::5c7b:e024
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:d29:3602:922:6908:c2c0:f56e
3.126.56.137
34.102.253.54
34.149.12.213
34.98.67.61
35.156.193.10
35.186.193.173
35.190.0.66
35.244.159.8
37.157.4.23
44.196.137.234
46.105.202.126
5.161.54.172
51.79.83.225
51.89.9.253
52.223.40.198
52.48.133.87
52.50.60.18
54.208.44.81
54.231.135.81
54.93.146.241
63.35.168.36
64.202.112.159
65.9.63.95
65.9.71.118
66.155.71.149
67.199.248.10
69.173.144.138
72.251.241.206
76.223.111.18
82.113.101.132
85.114.159.118
95.101.22.169
95.101.22.171
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
05249613e68d7a66d506899124e21514b574362dffd48a9f7c341115787fa43c
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
075fdc0beb578a62be55c75faf734d98bb454567dc7ac2729136d3bea3dd0ce8
099cab8513e9629e5817e2c50f9aacd16eaed375b0b25dd832ca1ac1c5fd9ea2
0a0f1f074a49e6e0bbbbe79dee5b15bd3fe458ead6d8244c25ee687f1698c8b4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1042fd56a61a8c34571740f697f388a5a5a4d207c137b35d920518b38037d2cf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13bab25b1678166903b51d5b138cc3a2aac1bb308ba82b10f5fe89dc2681742f
143376772b6e7e319663f8e8db84aaa558c77c7e691e0b8bc9e5af8e2f0645e5
16b5a83b695a5ec5e45110fff66918fa161ac99de3e85f63e27bf3099f2c6a29
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1a9dcc7dcd1ecd40025db562b89893efa2f8759bfdfdb8631f30dcc0f8a10602
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ced99e03d4c637f48dbae6f98267bffe7e1c18ad6e49fc311f4252e926c60ad
1e51195e5ea45118ffbfed37ed01f51606492e12bc2066275e95ca1df7270a37
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
28581f9f9590158c731957c41a215d5b63dc2ca20086375226f5e2e827cad59f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2bf63a5ea4a5695ef9dc4a7d71d6d0262ab2ee54acb2ae9d5a7d36c0d1c78901
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2e661e9bdd91cafdd5a98cc1006b66458b76ef23a4ed86e2e6527895931e0e
30f12f62fe70425fa8fa79999cdc2268a6951ecbb2fa4c2cc8654a56fc376d2a
314b2f064382d3b7bd462422e23143312d4de2c23047b8647c619d22abdd23db
31b99831d56779682a9fee96e939c2bc1a8b32c94d6026e8feff6fcfbd4edf88
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
371929c79d6f11b5a1ec01dbfc35e63a314050e09e798e5e1456d8c142f86a1f
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3af0b27778eee4121db0756d42ec29933a83dd2dbb6c45e69e85c18fc4a26c28
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3ce405c4b1e446e08232655e3198f4aa7b8339ac55e4cd9b8c63230ccfc281ed
3d0685dc68855dec8530af1efcd110df79d8ea58355f0414a5c1516b703a37c2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee
4494a1c3e8ca5be658640a5b292dd6f8753418a507088ff30cbbbec87dbdbfd7
465d5c4b344820e1ee61182d05f8194598569f7a4f0656fd5fa065dc824fc770
469bf83e6645f10c8b3ef8e4c62bdf8cd8288b0500ea0644ff0c9a5712a01867
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
518d4781a917554a6ddb8f86516918fc34a00e1232156bea0d3a4ff22141f8f3
51f5d801f68f728dc54c54e314ee3f8e175f2ea27754cf3e5fbbfb86801e5e17
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
53df47c56a20f3a7714565691fc9313108808b93296229ec68ba8f78a914dd67
53ebfed8e701ff93bd57ec5641f3347c654e9ce5c1d34e492c69a42224424bd1
558094a4f6a1c0f76cb9efbf3e974570283180002beb1ab006a0d4eb7a76e845
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57de4b084cceeb4e8da50287c08aee11da8485936c317e787b829c14a60fbb66
59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097
5a56d67cc31ef3917b67f1648dc299788dd7367b308b0808f61848c9a0ec79f3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
62244150f04d7ec797bb671232e59083db031f026e3bdee84599678163fa399e
623aab405058e30a77d9161bd1a4e1ba46549e2b7937db37205dbdb772852662
639b935cbd168975cee48f88c0b5e593d94a8bd165f6a9a89ad73658d58b8c72
63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
654aa3f06b93a8c75dbbeb10405f66dd37436936f8b0c813246ed92242007330
6638a839866eeeba0f2fcf5dd964f3dec6a7b54be76052bf240ba3ef2b835895
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
670b967e821edfd6a09df51134a8c1259f84759816a33fc8b9785eed3188c9b8
67660c72f074afc0e674822efc3f9589c3e857a2af72f68ed28d86274f489d20
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
6b5ede315c9fedcfe46d2aa9d260cdba9c80de5b260aab2769cfebb2d57fa25f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c363d748f1f9e1e5702d2e3ad2fa5db21d8024812721c6fb71b3da61bc97834
6da14234d384c0278b527bf4c56d8e83ef869b99ccbde99e4567bcbef2277dbf
6e754928dc6f4ca067a0e625829e9c8c5edcab3a782fa6fcb4bc77952bba2187
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
742eda3b2d2aefb9c25c7daa5dfe251f02317aae3027a7f8221710d9a5a3d3d5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
763818f283d11718308a50856b2ff8cd751261d80d905855ba8c2105636072ed
76ea264298c64e25a5ff3206c3247468ba8906ce960a6c75f96efd669f36c0b0
7ca4e2bd73ce9b1cc76f2dbd853da9603940116cf6a6654d63470b6c36230c34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845057b62bb7cf71afae6ccd8220f98a0ae0f98fcaba1fe4ff192194442ebdf2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
87048f9461aef0f1c56877773d259fb0069cf25d82f6c4ce053b957e59fc7b63
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91223074ba67e23b77c3e8cdcb260e79604b8da81efe87b946ceefbd70ae062c
91ea972878d617fb612fbcf7cce791bf7235f8cab75397dd6efe5c5200794d9a
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
967b67620c294cb5ef96a23714bf1b939077e14f15db13f6b02b1b92608ee581
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9739ff701d8fad1c9dfa7534c112223f86709ff4e144aa2dfa5b72e6a4bd8e7a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d7805992cf7b7a6eb820f848e9eed600cb66123bcf4a71bb94f6851ebc1eb86
9d90b226b13f5f4db75acec7d2c21c0c7d24b1356180e7095f4e336e801992b5
9dbd95dbbbf7fbed4fa91cc9b2486d355c80d606cbad78516d88a3672c8ac9f6
9edb1605ac35e49d076bc3e9fdfb511d090ff1af398bbef3505bc1ef72d6a271
9f8e2583fcbe57084f285897873522bdaf414f984d1b761bd7f9099804cbe72d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8
a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76db64f035b32e2cf5d52cf41682598a5b72167ea03b1ae3e383f28f10bdc03
a8e6303b464b7e1cf6319a232802d194c75649f9ecfaff1c1575d4066556c1b3
ad16e8f45ea7d29516298e028b7c0ddc073895c9299ac0e29aa6c1ccc9a44a2d
affe2ddd367b5552812bb5fa802c686ee2bcafaff43d4625784c543c1de6b3cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b668e843499461acaf97c3e2b7c4a55940f37e6b083168928b538f9736213f63
b7f25a08f3102c1739dd8e52279addae0f7fc8d37b210a0cd6ad836f20b3ba8a
b9c5fd4ee7f43a4b711131d7d108ae81257dcfb9c83f000c005726535a9c8203
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
bb9110db00efe72a4d54132ee19c858a9b86e3427e41496b644dac0614182855
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
be491f084ae9823aa8c2e070956bb2b036f4591b53e827edf112887551fc31b0
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c0c1349ef6049373e19b0d1d33462dff8c46e52087f353beb85d80a10d847c1f
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2f6bed029952c63b912f77ad5db3fe56466ca1672c07a2e9d1ede122dd6bf8e
c9becd41ef2684ac18d4fff325222b7d79234bc84b3959983367b024d40e2892
cdbe3c59ac14dc0924b9c9e795635da7d63d7d353141322b85247c19b5280c4d
ce6ce7f34fecd43754e9d174846f9ef8c52e3001adac49c6fdee6583726b0d6c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6b3f78216154550a2995a9c68dd0411ed2e3c1d70980bfbbed6186c62e985e
cfa51911106a64d4b274ec739c28fb2c5b0d2aacbac11b8b49c4b06174199c71
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d107109a0255c12b10dad938469acd450d85eb173caa4dd09bc462f7f3c3084a
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d35e437ceda33d8a71486e3daaa29502a9177265bcf5ddfe9053391eccd695e3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
daa4ce4adb867592b70f61e2230f56c20394e17c84e33c4d1cab7d6ca9d9ae47
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2d2e6e3d28980322b82926a609eaccf797ff4349a376bbc4dff6bb439f221b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
e882f21f00443d4bd815464bda4aab82c1b0280a8fede958d7e429a5d29cd46f
eab05a4880d274a61ab4d7918d0be1b9c67c383211abe508748acb772eeefd7a
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ebe745d09b799b5252d065d962d4f9cb06116e8806af1a17c9b71e6d546011bc
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec967186d8071280b5ef6d1bd09160157a4f593a232fd7211460e55e50cf7248
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b2aa044e220b8f9ec02d387f0a408309d8563232656a8700338f293598e1e0
f5cacda73a7b677180e4428c3d0345b49d890c98bd25eb3db239c3f96efbee22
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a0dbff813bc7c5605b8a86f87c6aaf78793b501ad00953f5fe4fc3beee65e5
fb171a085a05c6747e17d0b7fcfa03915a10cd2d2bbb5b874b7d172d5a871cf0