www.baltimoresun.com Open in urlscan Pro
192.0.66.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://search.app/bioKm4HjSML22MDb7
Effective URL:
https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Submission: On June 11 via manual (June 11th 2024, 12:23:50 pm UTC) from US — Scanned from DE

Summary HTTP 218 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 63 IPs in 6 countries across 38 domains to perform 218 HTTP transactions. The main IP is 192.0.66.202, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.baltimoresun.com. The Cisco Umbrella rank of the primary domain is 168334.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.

This is the only time www.baltimoresun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
26	192.0.66.202 192.0.66.202	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	18.239.36.96 18.239.36.96	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2600:9000:244... 2600:9000:2449:e600:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:244... 2600:9000:2449:1e00:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c02::54	15169 (GOOGLE) (GOOGLE)
1	18.239.36.104 18.239.36.104	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.53 18.66.122.53	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	23.212.213.167 23.212.213.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	18.173.205.108 18.173.205.108	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.6 108.156.60.6	16509 (AMAZON-02) (AMAZON-02)
1	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	18.66.112.102 18.66.112.102	16509 (AMAZON-02) (AMAZON-02)
1 32	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:311... 2606:4700:3110::6812:3303	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	2600:9000:244... 2600:9000:2449:3800:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.245.31.78 18.245.31.78	16509 (AMAZON-02) (AMAZON-02)
4	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
4	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:ffb6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
8	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	18.173.206.9 18.173.206.9	16509 (AMAZON-02) (AMAZON-02)
2	18.244.18.27 18.244.18.27	16509 (AMAZON-02) (AMAZON-02)
8	3.230.91.157 3.230.91.157	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:800:e:8add:c340:93a1	16509 (AMAZON-02) (AMAZON-02)
17	18.239.50.24 18.239.50.24	16509 (AMAZON-02) (AMAZON-02)
2	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
2	35.162.0.228 35.162.0.228	16509 (AMAZON-02) (AMAZON-02)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
1	104.18.13.242 104.18.13.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.90.194.146 3.90.194.146	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:225... 2600:9000:225e:6800:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	104.26.4.15 104.26.4.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.31.65 18.245.31.65	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	108.138.192.67 108.138.192.67	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
9	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	18.239.68.199 18.239.68.199	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:3000:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	16.182.108.201 16.182.108.201	16509 (AMAZON-02) (AMAZON-02)
2	3.5.11.17 3.5.11.17	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
2	20.50.88.241 20.50.88.241	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	141.226.228.48 141.226.228.48	() ()
218	63

1 199.36.158.100 (United States) 1 redirects

ASN54113 (FASTLY, US)

search.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 192.0.66.202 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.baltimoresun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.36.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-96.ams58.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2449:e600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:1e00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-104.ams58.r.cloudfront.net

d250.baltimoresun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-53.fra60.r.cloudfront.net

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.213.167 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-213-167.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.173.205.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-108.fra56.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-6.ams1.r.cloudfront.net

embedcdn.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-102.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.18.41.104 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3110::6812:3303 (United States)

ASN13335 (CLOUDFLARENET, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:3800:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-78.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ffb6 (United States)

ASN13335 (CLOUDFLARENET, US)

mng-prod.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

loader-config.baltimoresun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp.theoaklandpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2i.theoaklandpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engage.theoaklandpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pranmcpkx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.206.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-206-9.fra56.r.cloudfront.net

d1y4ng3lozj2yp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.230.91.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-91-157.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:800:e:8add:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)

mp.mmvideocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.239.50.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-24.ams58.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.162.0.228 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-0-228.us-west-2.compute.amazonaws.com

session.baltimoresun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.90.194.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-194-146.compute-1.amazonaws.com

playlist.stnvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:6800:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.15 (None, )

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-65.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.192.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-192-67.mxp64.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.64.146.152 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.68.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-68-199.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:3000:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.108.201 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.11.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.241 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 141.226.228.48 (None, )

ASN- ()

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 4164 cds.connatix.com — Cisco Umbrella Rank: 4125 capi.connatix.com — Cisco Umbrella Rank: 903 ins.connatix.com — Cisco Umbrella Rank: 5726 lit.connatix.com — Cisco Umbrella Rank: 7108 vid.connatix.com — Cisco Umbrella Rank: 5004 pl.connatix.com — Cisco Umbrella Rank: 9287 img.connatix.com — Cisco Umbrella Rank: 5377	643 KB
30	baltimoresun.com www.baltimoresun.com — Cisco Umbrella Rank: 168334 d250.baltimoresun.com — Cisco Umbrella Rank: 266578 loader-config.baltimoresun.com — Cisco Umbrella Rank: 519439 session.baltimoresun.com — Cisco Umbrella Rank: 634869	508 KB
19	cloudfront.net d1y4ng3lozj2yp.cloudfront.net d29xw9s9x32j3w.cloudfront.net d15kdpgjg3unno.cloudfront.net	2 MB
15	sendtonews.com 1 redirects embed.sendtonews.com — Cisco Umbrella Rank: 15657 embedcdn.sendtonews.com — Cisco Umbrella Rank: 17464 s2l.sendtonews.com — Cisco Umbrella Rank: 15667 player.sendtonews.com — Cisco Umbrella Rank: 18953	472 KB
14	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70 ajax.googleapis.com — Cisco Umbrella Rank: 461 imasdk.googleapis.com — Cisco Umbrella Rank: 534	174 KB
13	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 905 trc.taboola.com am-trc-events.taboola.com	446 KB
9	gstatic.com fonts.gstatic.com	395 KB
6	remixd.com tags.remixd.com — Cisco Umbrella Rank: 28983 pubcast-files.remixd.com — Cisco Umbrella Rank: 31075 player-files.remixd.com — Cisco Umbrella Rank: 29062	74 KB
5	theoaklandpress.com fp.theoaklandpress.com — Cisco Umbrella Rank: 55400 g2i.theoaklandpress.com — Cisco Umbrella Rank: 55637 engage.theoaklandpress.com — Cisco Umbrella Rank: 47369	552 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5963	90 KB
4	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 49868	2 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	14 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 356 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 731 aax.amazon-adsystem.com — Cisco Umbrella Rank: 487	80 KB
4	w.org s.w.org — Cisco Umbrella Rank: 3996	4 KB
3	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 11089 paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 42276	1 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236 pubads.g.doubleclick.net — Cisco Umbrella Rank: 453	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	369 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 591	293 B
2	pranmcpkx.com cdn.pranmcpkx.com — Cisco Umbrella Rank: 33352	3 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3850 p1.parsely.com — Cisco Umbrella Rank: 2743	25 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 260	25 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 194	525 B
2	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2987	22 KB
2	wp.com i0.wp.com — Cisco Umbrella Rank: 4308 stats.wp.com — Cisco Umbrella Rank: 3242	32 KB
2	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 7125 mng-prod.auth0.com — Cisco Umbrella Rank: 58021	38 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 354	98 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 9246	156 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 355	17 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 25820	770 B
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 3311	41 KB
1	stnvideo.com playlist.stnvideo.com — Cisco Umbrella Rank: 24151	6 KB
1	resonate.com cdn.resonate.com — Cisco Umbrella Rank: 15192	96 B
1	mmvideocdn.com mp.mmvideocdn.com — Cisco Umbrella Rank: 13221	22 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1689	381 B
1	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4860	57 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 4331	181 KB
1	google.com accounts.google.com — Cisco Umbrella Rank: 40	83 KB
1	search.app 1 redirects search.app — Cisco Umbrella Rank: 80525	1 KB
218	38

	Domain	Requested by
26	www.baltimoresun.com	www.baltimoresun.com cmp.osano.com
17	d29xw9s9x32j3w.cloudfront.net	www.baltimoresun.com embed.sendtonews.com az416426.vo.msecnd.net
13	cds.connatix.com	cd.connatix.com cds.connatix.com cmp.osano.com
11	capi.connatix.com	1 redirects www.baltimoresun.com cds.connatix.com
9	am-trc-events.taboola.com	cdn.taboola.com
9	fonts.gstatic.com	fonts.googleapis.com
8	s2l.sendtonews.com	embed.sendtonews.com
7	img.connatix.com
7	imasdk.googleapis.com	cmp.osano.com cds.connatix.com imasdk.googleapis.com
6	fonts.googleapis.com	www.baltimoresun.com embed.sendtonews.com
5	embed.sendtonews.com	1 redirects www.baltimoresun.com embed.sendtonews.com
5	cmp.osano.com	www.baltimoresun.com cmp.osano.com
4	prod-dfm-proxy-connext.azurewebsites.net	engage.theoaklandpress.com
4	pagead2.googlesyndication.com	imasdk.googleapis.com
4	pl.connatix.com	cds.connatix.com
4	s.w.org	www.baltimoresun.com
3	player-files.remixd.com	www.baltimoresun.com
3	engage.theoaklandpress.com	cmp.osano.com engage.theoaklandpress.com
3	www.googletagmanager.com	cmp.osano.com
3	cdn.taboola.com	cmp.osano.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	paywall-ad-bucket.s3.amazonaws.com
2	cdn.pranmcpkx.com	cmp.osano.com
2	ins.connatix.com	cds.connatix.com
2	securepubads.g.doubleclick.net	imasdk.googleapis.com
2	session.baltimoresun.com	www.baltimoresun.com
2	c.amazon-adsystem.com	embed.sendtonews.com c.amazon-adsystem.com
2	cdnjs.cloudflare.com	cmp.osano.com embed.sendtonews.com
2	sb.scorecardresearch.com	www.baltimoresun.com
2	az416426.vo.msecnd.net	cmp.osano.com
2	cd.connatix.com	www.baltimoresun.com
2	tags.remixd.com	www.baltimoresun.com tags.remixd.com
2	cdn.jsdelivr.net	www.baltimoresun.com cdn.jsdelivr.net
2	htlbid.com	www.baltimoresun.com
1	trc.taboola.com	az416426.vo.msecnd.net
1	ams-pageview-public.s3.amazonaws.com
1	d15kdpgjg3unno.cloudfront.net	cmp.osano.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	s0.2mdn.net	imasdk.googleapis.com
1	vid.connatix.com	cds.connatix.com
1	pubads.g.doubleclick.net	embed.sendtonews.com
1	player.sendtonews.com	embed.sendtonews.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	lit.connatix.com	cds.connatix.com
1	api-mg2.db-ip.com	fp.theoaklandpress.com
1	p1.parsely.com	www.baltimoresun.com
1	cdn.jwplayer.com	tags.remixd.com
1	playlist.stnvideo.com	embed.sendtonews.com
1	cdn.resonate.com	embed.sendtonews.com
1	cdn.parsely.com	cmp.osano.com
1	g2i.theoaklandpress.com	cmp.osano.com
1	fp.theoaklandpress.com	cmp.osano.com
1	mp.mmvideocdn.com	embed.sendtonews.com
1	d1y4ng3lozj2yp.cloudfront.net	cmp.osano.com
1	loader-config.baltimoresun.com	www.baltimoresun.com
1	mng-prod.auth0.com	cmp.osano.com
1	pubcast-files.remixd.com	tags.remixd.com
1	polyfill.io	cmp.osano.com
1	cdn.p-n.io	www.baltimoresun.com
1	stats.wp.com	www.baltimoresun.com
1	embedcdn.sendtonews.com	www.baltimoresun.com
1	s.ntv.io	www.baltimoresun.com
1	i0.wp.com	www.baltimoresun.com
1	d250.baltimoresun.com	www.baltimoresun.com
1	accounts.google.com	www.baltimoresun.com
1	cdn.auth0.com	www.baltimoresun.com
1	ajax.googleapis.com	www.baltimoresun.com
1	search.app	1 redirects
218	68

This site contains links to these domains. Also see Links.

Domain
mktops.baltimoresun.com
www.accuweather.com
digitaledition.baltimoresun.com
myaccount.baltimoresun.com
digitaledition.carrollcounty.baltimoresun.com
digitaledition.capitalgazette.com
enewspaper.theaegis.com
enewspaper.howardcountytimes.com
placeanad.baltimoresun.com
classifieds.baltimoresun.com
jobs.baltimoresun.com
www.baltimoresunspecialsections.com
www.legacy.com
fun.baltimoresun.com
checkout.baltimoresun.com
www.tribpub.com
www.capitalgazette.com
www.studio1847.io
store.baltimoresun.com
www.tkqlhce.com
mddcnews.com
my.datasubject.com

Subject Issuer	Validity	Valid
baltimoresun.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
r610.chicagotribune.com Amazon RSA 2048 M03	`2023-12-26` - `2025-01-24`	a year	crt.sh
*.remixd.com Amazon RSA 2048 M03	`2024-01-10` - `2025-02-07`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
pushlycdn.com Amazon RSA 2048 M03	`2023-12-16` - `2025-01-12`	a year	crt.sh
connatix.com GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
*.polyfill.io Sectigo RSA Domain Validation Secure Server CA	`2024-02-20` - `2025-02-19`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
sendtonews.com Amazon RSA 2048 M02	`2023-10-22` - `2024-11-19`	a year	crt.sh
pubcast-files.remixd.com GTS CA 1D4	`2024-05-07` - `2024-08-06`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
auth0.com E1	`2024-05-28` - `2024-08-26`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
sni32033gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-10-16`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.sendtonews.com Amazon RSA 2048 M02	`2024-03-18` - `2025-04-15`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
mp.mmvideocdn.com Amazon RSA 2048 M02	`2024-03-27` - `2025-04-25`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.baltimoresun.com Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
sni32107gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-19` - `2024-10-18`	a year	crt.sh
sni32105gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-19` - `2024-10-18`	a year	crt.sh
sni32106gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-19` - `2024-10-18`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
cdn.resonate.com GTS CA 1P5	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.stnvideo.com Amazon RSA 2048 M02	`2024-01-30` - `2025-02-26`	a year	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
player-files.remixd.com GTS CA 1D4	`2024-05-12` - `2024-08-10`	3 months	crt.sh
db-ip.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
ins.connatix.com GTS CA 1P5	`2024-04-18` - `2024-07-17`	3 months	crt.sh
lit.connatix.com WE1	`2024-06-09` - `2024-09-07`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
vid.connatix.com GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
pl.connatix.com GTS CA 1P5	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
capi.connatix.com GTS CA 1P5	`2024-05-13` - `2024-08-11`	3 months	crt.sh
sni2bf2agl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-03` - `2024-10-03`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03	`2024-04-10` - `2025-04-05`	a year	crt.sh
*.azurewebsites.net Microsoft Azure RSA TLS Issuing CA 07	`2024-03-13` - `2025-03-08`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Frame ID: 5FCACD222C22CE7A33377038DBB6AEA5
Requests: 152 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js
Frame ID: 94B131AB5CA59772D32A9D01E26910F3
Requests: 30 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js
Frame ID: 954A72907AF817C8BF46E99B7AB83007
Requests: 3 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 8723FC5CA076B5646473D28C59EBDECE
Requests: 1 HTTP requests in this frame

Frame: https://mng-prod.auth0.com/authorize?client_id=6Yc39HQJPnNPUnV9LWmdmxQeQPCR3NPS&audience=access-extension&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=SXQ1bG9BUFlaWC1ySGdxaVZOTVBUN1FkRW5ESHNEcFE0emxjYVlTTWduMQ%3D%3D&nonce=eTZIQmNvdFpwS25rfi5hc2F0OFFOY3hIZmc5T2k3WjhadG5mbFBNMH5aYw%3D%3D&redirect_uri=https%3A%2F%2Fwww.baltimoresun.com&code_challenge=qN7zMpsA8qPqgytJZGiekaP1_kJp5suhB-j8QnJ_FUc&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTMuNiJ9
Frame ID: 2CC7BD108092FA4664CAF744C8EC5B87
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: E7D866D51DC560AB8D7B1241E23F4A95
Requests: 11 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: 8D7BA038271092235EA4C2B4C72DE09C
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html
Frame ID: F5996C6C06A84E0B0BECE01E6BF07B88
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html
Frame ID: 7A130872E38DB8C67B5415BF45824D65
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html
Frame ID: FEC3BD8C37657F64CF3BCD6A11638099
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html
Frame ID: B25F7F0A7929171D70E17EDA66B8667F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html
Frame ID: A7AE9596E394F3ECB9DDACF2ADB6FD46
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 66A5968EB2F09C65D138D3AB8CD68139
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: ABFFCBD4C6E7DAFCDDC71285B1925E79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5B69444A229C1EFDED5D14B2CDB2DCF9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5A23881A68DD2F9CADE59905FD1F1E37
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sophi Wrisk helps Tampa to Division II lacrosse national title

Page URL History Show full URLs

https://search.app/bioKm4HjSML22MDb7 HTTP 302
https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

218
Requests

95 %
HTTPS

30 %
IPv6

38
Domains

68
Subdomains

63
IPs

6
Countries

6453 kB
Transfer

18857 kB
Size

8
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://mktops.baltimoresun.com/subscriptions/land-memorial-day-24/?market=bs&source=indexD&g2i_source=SB&g2i_medium=sub-nav&g2i_campaign=MD24&returnUrl=https%253A%252F%252Fwww.baltimoresun.com%252F2024%252F06%252F05%252Fsophi-wrisk-lacrosse-tampa-national-championship%252F
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/baltimore-md/21202/current-weather/8844_pc?lang=en-us
Title: 64°F

Search URL Search Domain Scan URL

URL: https://digitaledition.baltimoresun.com/
Title: Baltimore Sun eNewspaper

Search URL Search Domain Scan URL

URL: https://myaccount.baltimoresun.com/
Title: Subscriber Services

Search URL Search Domain Scan URL

URL: https://myaccount.baltimoresun.com/200/home
Title: Manage Subscription

Search URL Search Domain Scan URL

URL: https://myaccount.baltimoresun.com/200/autopay/signup/
Title: EZ Pay

Search URL Search Domain Scan URL

URL: https://myaccount.baltimoresun.com/200/verifyaccount
Title: Vacation Stop

Search URL Search Domain Scan URL

URL: https://digitaledition.baltimoresun.com/html5/desktop/production/default.aspx?edid=b36c7fa6-0605-48b1-8121-b8fac5f93ec7
Title: eNewspaper

Search URL Search Domain Scan URL

URL: https://digitaledition.baltimoresun.com/eveningedition
Title: Evening Edition

Search URL Search Domain Scan URL

URL: https://digitaledition.carrollcounty.baltimoresun.com/
Title: Carroll County Times

Search URL Search Domain Scan URL

URL: https://digitaledition.capitalgazette.com/
Title: Capital Gazette

Search URL Search Domain Scan URL

URL: https://enewspaper.theaegis.com/
Title: The Aegis

Search URL Search Domain Scan URL

URL: https://enewspaper.howardcountytimes.com/
Title: Howard County Times

Search URL Search Domain Scan URL

URL: https://placeanad.baltimoresun.com/#nt=primarynavbar
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://classifieds.baltimoresun.com/#nt=secondarynavbar
Title: Classified

Search URL Search Domain Scan URL

URL: https://jobs.baltimoresun.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.baltimoresunspecialsections.com/
Title: Special Sections

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/carrollcountytimes/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/baltimoresun/today#nt=secondarynavbar
Title: Death Notices

Search URL Search Domain Scan URL

URL: https://placeanad.baltimoresun.com/death-notices/
Title: How to submit a death notice

Search URL Search Domain Scan URL

URL: https://fun.baltimoresun.com/
Title: Fun and Games

Search URL Search Domain Scan URL

URL: https://checkout.baltimoresun.com/
Title: Subscribe now!

Search URL Search Domain Scan URL

URL: https://mktops.baltimoresun.com/subscriptions/land-memorial-day-24/?market=bs&source=indexD&g2i_source=SB&g2i_medium=nav2&g2i_campaign=MD24&returnUrl=https%253A%252F%252Fwww.baltimoresun.com%252F2024%252F06%252F05%252Fsophi-wrisk-lacrosse-tampa-national-championship%252F%253FnewUser%253Dtrue
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/
Title: Tribune Publishing

Search URL Search Domain Scan URL

URL: https://www.capitalgazette.com/
Title: Capital Gazette

Search URL Search Domain Scan URL

URL: https://www.studio1847.io/
Title: Studio 1847

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/#who-we-are
Title: Company Info

Search URL Search Domain Scan URL

URL: https://store.baltimoresun.com/
Title: Photo Reprints

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/click-8479697-11570746?url=https%3A%2F%2Fbaltimoresun.newspapers.com%2F%3Fxid%3D2338%26utm_campaign%3Devergreen%26utm_medium%3Dreferral%26utm_source%3Dnavigation%26utm_content%3D%26utm_term%3DBaltimore
Title: Archives

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://placeanad.baltimoresun.com/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://classifieds.baltimoresun.com/
Title: Classified

Search URL Search Domain Scan URL

URL: https://mddcnews.com/public-notices/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://mktops.baltimoresun.com/subscriptions/land-memorial-day-24/?market=bs&source=indexD&g2i_source=SB&g2i_medium=sub-nav&g2i_campaign=MD24
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/subscriber-terms-and-conditions/
Title: Subscriber Terms and Conditions

Search URL Search Domain Scan URL

URL: http://www.tribpub.com/central-terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/#California_Notice_at_Collection
Title: California Notice at Collection

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/#Notice_of_Financial_Incentive
Title: CA Notice of Financial Incentive

Search URL Search Domain Scan URL

URL: https://my.datasubject.com/16A1AnRt2Fn8i1unj/23233
Title: Do Not Sell/Share My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://search.app/bioKm4HjSML22MDb7 HTTP 302
https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://embed.sendtonews.com/player3/embedcode.js?fk=NCG8U5Yj&cid=4643&offsetx=0&offsety=112&floatwidth=400&floatposition=bottom-right&ver=1.0.0 HTTP 302
https://embedcdn.sendtonews.com/easy-stn-player/7.32.19-A/embed.js

Request Chain 115

https://capi.connatix.com/core/sync HTTP 302
https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&ImplementationType=0&ClientAb2=10

218 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Redirect Chain

https://search.app/bioKm4HjSML22MDb7
https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

155 KB
33 KB

134ms
39ms

Document
text/html

192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

75ceed48d895a0bc43a3674b7ab454b87603e07b19b0c39ccaf6bda50a66b78d

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: private, no-store
content-encoding: br
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 12:23:41 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.baltimoresun.com/wp-json/>; rel="https://api.w.org/" <https://www.baltimoresun.com/wp-json/wp/v2/posts/10077106>; rel="alternate"; type="application/json" <https://wp.me/pe83oR-GhvY>; rel=shortlink
server: nginx
x-cache: HIT
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: ams8 111 253 443

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-IpC4O5b84o2OD71fBeV99Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Tue, 11 Jun 2024 12:23:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220058-FRA
x-timer: S1718108622.666962,VS0,VE53

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 151ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;400;700&family=Noto+Sans:wght@300;400&display=swap

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ffdbde5525c0f91c0b7a999645cf1c30811576d7ce82699d7fdafaa06c1487f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:23:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 12:23:42 GMT

GET
H2 200 /
www.baltimoresun.com/_static/ 908 B
585 B 47ms
42ms Stylesheet
text/css 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/_static/??-eJyNzEEKgCAQQNELpYNB5SY6i8oQAzmKM9L1c9siaPn48OGuJhVWZIV69ZNYQEjRvBDDpZRLQ+kMokEpQZIRU0Nkm4nt4AS/Ztoodsbvz5F3t7nFu3Xz8wOWQzvm
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a9fea256a303496c4f60a68be48c3f4334097a11350e2a187859ea621bcd5c1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Wed, 15 May 2024 23:46:22 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 htlbid.css
htlbid.com/v3/baltimoresun.com/ 1 KB
576 B 593ms
445ms Stylesheet
text/css 18.239.36.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/baltimoresun.com/htlbid.css?ver=6.5.4
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-96.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 794d444f814675361a19cff0e4169285c1c2ef8d1a3125718e584ce05d8f584f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
via: 1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
last-modified: Thu, 16 May 2024 12:35:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
etag: W/"67012a504121d11a41d8929b8092809c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: S7lWjxDdwwAEXpQALONtBLctEIcsTjInada-LjIcHPhuF72g_dp7JA==

GET
H2 200 style.css
www.baltimoresun.com/wp-content/client-mu-plugins/src/Sitemap/includes/ 880 B
508 B 47ms
42ms Stylesheet
text/css 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1670354581g
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Tue, 06 Dec 2022 19:23:01 GMT
server: nginx
etag: W/"638f9695-370"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 mng-digisubs.styles.css
www.baltimoresun.com/wp-content/plugins/mng-digisubs/static/ 16 KB
5 KB 47ms
42ms Stylesheet
text/css 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/plugins/mng-digisubs/static/mng-digisubs.styles.css?ver=1718055578
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f1be20933a0c951dd3888ee8a23b5f93aec5bca3bc8dfa6107bdcc6170c4163d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Mon, 10 Jun 2024 21:39:38 GMT
server: nginx
etag: W/"6667729a-3f5f"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 mobile-adhesion-style.css
www.baltimoresun.com/wp-content/client-mu-plugins/src/Ads/assets/css/ 1 KB
601 B 47ms
43ms Stylesheet
text/css 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/client-mu-plugins/src/Ads/assets/css/mobile-adhesion-style.css?m=1670354581g
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Tue, 06 Dec 2022 19:23:01 GMT
server: nginx
etag: W/"638f9695-441"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 192ms
44ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 12:23:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5658087
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8819
x-served-by: cache-fra-eddf8230021-FRA, cache-cph2320025-CPH
x-jsd-version-type: version
etag: W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 4 KB
594 B 111ms
50ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.5.4

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d7dc41759aab2379209357a1c1afd9607a7278357e914d3b9125f0a79b399c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:23:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 12:23:42 GMT

GET
H2 200 /
www.baltimoresun.com/_static/ 119 KB
28 KB 47ms
43ms Stylesheet
text/css 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/_static/??-eJyNjMEKAjEMRH/INLYqiwfxU2TphhJNm0JSFv/e9eDB295mhjcP1w5Zm1NzrAO6jMLN8Ene5/yCeApnrLoMIcOVl0Ju6Nqhq23J/C0UstkBd3ge3DKaZp4FRIvaXwmV227Vxv2G7+deb3GK0yWlY7p+ACJFS4A=
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ad11f393f35f2ce5d047daa24ecc412e3d860ea1187cfd2502eed0f77a62e07a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Tue, 04 Jun 2024 17:27:09 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ 223 KB
56 KB 248ms
103ms Script
application/javascript 2600:9000:2449:e600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:e600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0694ab212a520188abc110c40e119f22a0dc2df6d2553be3d7fa64f3fa924aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:31:32 GMT
content-encoding: br
via: 1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
age: 67930
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56290
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jun 2024 16:39:39 GMT
server: CloudFront
etag: "bf2fd66100d02d059b5895afc6dbf27e"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: LZhgrHZlvZ82nFpwb4BuSStTOrmB39qAOEqzEHFb6vuVvEdWW6WkEA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 190ms
46ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:32:39 GMT

GET
H2 200 htlbid.js Show response
htlbid.com/v3/baltimoresun.com/ 606 KB
155 KB 471ms
471ms Script
application/javascript 18.239.36.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/baltimoresun.com/htlbid.js?ver=6.5.4
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-96.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8358841054400d1493d779f1737e6cf49917080c1b5ebfe9d1f28ddba6d7e37

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
via: 1.1 0df834b214e5d5be3767a579b1941edc.cloudfront.net (CloudFront)
last-modified: Thu, 16 May 2024 12:35:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
etag: W/"5a0e08052f33d67b3a69d37a83417c16"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: gnUNE2PjwtSmEjQfnuRNgcz6-ElNeorTIUlTRBvQo4XH9XHi1Lkvfw==

GET
H2 200 sso-tools.min.js Show response
www.baltimoresun.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 10 KB
2 KB 71ms
68ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1718041400g
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5000f0e689a7c0c1670c8e994cfba91b190d0f125e895696cccddcf4cf3d04ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Mon, 10 Jun 2024 17:43:20 GMT
server: nginx
etag: W/"66673b38-2990"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 loader.min.js Show response
www.baltimoresun.com/wp-content/plugins/loader-wp/static/ 40 KB
12 KB 71ms
69ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.6.1
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c37392e76245ae7a40fccced49d896542d759decd42d5929b3f6d0c0976f2afd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Wed, 15 May 2024 23:46:22 GMT
server: nginx
etag: W/"6645494e-a0c9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 engageLibrary.min.js Show response
www.baltimoresun.com/wp-content/plugins/loader-wp/static/ 43 KB
11 KB 71ms
69ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/plugins/loader-wp/static/engageLibrary.min.js?m=1718055577g
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 81ebc88cc433939f2d4045564c665395907f769368558787d8800bd8d64104f8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Mon, 10 Jun 2024 21:39:37 GMT
server: nginx
etag: W/"66677299-aa3d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/1.13/ 105 KB
38 KB 195ms
50ms Script
application/javascript 2600:9000:2449:1e00:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=6.5.4

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:1e00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding: gzip
via: 1.1 6f348d610065e2c8eb4f3a0d2f7caa8e.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 10:25:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: AMS58-P6
age: 7120
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Thu, 07 Jan 2021 14:32:49 GMT
server: AmazonS3
etag: W/"8bea9e0d733d097381a1b5eb8c40983d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800,public
x-robots-tag: noindex
x-amz-cf-id: 8ruYW5qDl2kgzFrKXAoOP5prsJ3WF6hKsa8PbsDqT9Zcv_Iufa6xuA==

GET
H2 200 client Show response
accounts.google.com/gsi/ 218 KB
83 KB 209ms
63ms Script
application/javascript 2a00:1450:400c:c02::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?ver=6.5.4

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a22611aa1355580255bfd25f7434cd43c484f543ef5b58816a8be806d8fa3c5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FPlf4W8kohe2ndT2blI8Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-FPlf4W8kohe2ndT2blI8Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 11 Jun 2024 12:23:42 GMT

GET
H2 200 / Show response
www.baltimoresun.com/_static/ 361 KB
50 KB 70ms
69ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/_static/??-eJylzLEKgDAMBNAfso0ORRdx9TeqlpLSRjEp+vnWSVx1OjjuHhybmlcSRwJbzB6JIZFXC3rkPDGwWMH51elkkfSUaYlOB67gi1EO5E75y5QxSnSpJP+1Mo72BvYHGlLftE1XG2PaLly/ZXEf
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9714a6422df1f8c010ac42ede3110338591abc5e38adac6d27d575b6cdc71d0b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Mon, 10 Jun 2024 21:39:38 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 script.js Show response
d250.baltimoresun.com/ 137 KB
42 KB 196ms
51ms Script
text/javascript 18.239.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d250.baltimoresun.com/script.js

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.36.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-36-104.ams58.r.cloudfront.net

Software

- /

Resource Hash

6e925704d54cb828c7052b70b5ada8f2ceb9c8e2302ee5b49cc6714ac816bfcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: AMS58-P2
age: 53
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 42037
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jun 2024 12:22:28 GMT
server: -
etag: c73d007b86a2f8b80615a95992b91504
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: RTlxtzRFHOOiWnQQ2k4ZvYyy1R34wovQqHjrBCtLGNXSSqZyndHl3g==
expires: Tue, 11 Jun 2024 12:32:49 GMT

GET
H2 200 mng-digisubs.articleShare.bundle.js Show response
www.baltimoresun.com/wp-content/plugins/mng-digisubs/static/ 70 KB
24 KB 70ms
69ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/plugins/mng-digisubs/static/mng-digisubs.articleShare.bundle.js?m=1718055578g
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e7a7dc31eaffbfdcab529b3004396ef65fac0aefbb0069c12b473c550b18294e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Mon, 10 Jun 2024 21:39:38 GMT
server: nginx
etag: W/"6667729a-11785"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 baltimoresun.svg
www.baltimoresun.com/wp-content/uploads/2023/10/ 19 KB
19 KB 99ms
98ms Image
image/svg+xml 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baltimoresun.com/wp-content/uploads/2023/10/baltimoresun.svg
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0556f5a404d504337b76c849445e879f661497c025ba829a3b343a7ba2e29220

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:41 GMT
x-rq: ams8 109 198 443
last-modified: Fri, 01 Dec 2023 00:45:44 GMT
server: nginx
etag: "df6d8e0d1397b999"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 19348

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 34 KB
10 KB 141ms
42ms Script
text/javascript 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:34 GMT
content-encoding: gzip
via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 10
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10041
last-modified: Tue, 31 Oct 2023 15:34:26 GMT
server: AmazonS3
etag: "57b6f8ad4125903b7e06bb427c232d10"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=1800
accept-ranges: bytes
x-amz-cf-id: O_I-z3vm_4KJGjjBVE0u_6zKNM3vCf000g79lwDfLRbgbNiWs1d96g==

GET
H2 200 Wrisk-40-B.jpg
i0.wp.com/www.baltimoresun.com/wp-content/uploads/2024/06/ 28 KB
29 KB 185ms
43ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.baltimoresun.com/wp-content/uploads/2024/06/Wrisk-40-B.jpg?fit=620%2C9999px&ssl=1

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

957c1f3ccd9bd185e387ffd33a42d2046cfac1410a80253c95eec2a4a5101f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 29126
x-nc: HIT ams 4
last-modified: Tue, 11 Jun 2024 02:07:43 GMT
server: nginx
etag: "834568d6f4f8b511"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.baltimoresun.com/wp-content/uploads/2024/06/Wrisk-40-B.jpg>; rel="canonical"
expires: Thu, 11 Jun 2026 14:07:43 GMT

GET
H2 200 / Show response
www.baltimoresun.com/_static/ 18 KB
8 KB 44ms
44ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/_static/??-eJyVjUEKwjAQRS9kOgkUdCOeJaZjOyGZhMzEYk8vLrooiODyP3jvw1pNKKzICjX1mVhASNEchja6d0YQ9UoB4hEPmXiIcoIvrcyzWTSBF0EVmEh0ZyaXSX65dSla+EEpwRN5Kg0qBe0NP+g/MfntJbTh/nfLV3d2Fzu60dr4Bu+cYgI=
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 120bad7da1aca0e414e69e43d041c5e603a94f1bfd063cc039b194bbedb14fbd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Mon, 10 Jun 2024 17:43:20 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 ads.js Show response
www.baltimoresun.com/wp-content/themes/wp-mason/static/js/ 87 B
287 B 44ms
43ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
x-rq: ams8 111 253 443
last-modified: Tue, 06 Dec 2022 19:23:02 GMT
server: nginx
etag: "638f9696-57"
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes
content-length: 87

GET
H2 200 / Show response
www.baltimoresun.com/_static/ 109 KB
30 KB 40ms
39ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/_static/??-eJyVy0sKhDAMANALjY0uim7Es9RMxdZ8hGQQb6+LOYBuHzw49gZVPIuDr5mzQTLLbmCevCBUA1RmlYDrT7bARUK1Dzx4u9K5FCJ7k2alL2q6gf5t4rHru6GNMfZDvQBQtUFd
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a39298b5f75dfc152365fde7db5b734117a19034f337a0892f542e06762fc96e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Mon, 10 Jun 2024 21:39:38 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 575 KB
181 KB 161ms
52ms Script
application/x-javascript 23.212.213.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.213.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-213-167.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 03cf6736d92a0fba41f8971f44a76568795a136d6b86726af0a2d1adc136d91f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 12:23:42 GMT
Content-Encoding: gzip
x-amz-request-id: F9TW8AQ584V11F0T
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: uB642v672rZu734BWZm15IGgbP4hPTPJPLL9/CrPtBfqgasumaNH1e+mzD4xXzncAE47Pmev1VY=
Last-Modified: Mon, 10 Jun 2024 22:30:35 GMT
Server: AmazonS3
ETag: "a62c7f0b7244235b27f43ad651c76939"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 logo-img-attr.min.js Show response
www.baltimoresun.com/wp-content/themes/wp-mason/static/js/ 178 B
379 B 39ms
39ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/themes/wp-mason/static/js/logo-img-attr.min.js?m=1715816782g
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a5967883c65d3ba40dad64176a4c6abbb541ae08e20b34f01190468199e1ccff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
x-rq: ams8 111 253 443
last-modified: Wed, 15 May 2024 23:46:22 GMT
server: nginx
etag: "6645494e-b2"
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes
content-length: 178

GET
H2

200

embed.js Show response
embedcdn.sendtonews.com/easy-stn-player/7.32.19-A/
Redirect Chain

https://embed.sendtonews.com/player3/embedcode.js?fk=NCG8U5Yj&cid=4643&offsetx=0&offsety=112&floatwidth=400&floatposition=bottom-right&ver=1.0.0
https://embedcdn.sendtonews.com/easy-stn-player/7.32.19-A/embed.js

7 KB
3 KB

137ms
40ms

Script
application/javascript

108.156.60.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedcdn.sendtonews.com/easy-stn-player/7.32.19-A/embed.js
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Server: 108.156.60.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-6.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc75f888c8dd9244600010595756d04ce4531e328d7167eb02992e644d62de7e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baltimoresun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 12:22:51 GMT
x-amz-version-id: repHn7hTIKlPevdi40D_sqfas8PoBiaO
content-encoding: br
last-modified: Mon, 27 May 2024 20:21:55 GMT
server: AmazonS3
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
etag: W/"19d2c5ab2a08e9ed4ea0528e4bac4766"
age: 52
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QkoSJo3T_HNwLHIPyRQJW8nzXD5Ju4o2R_LnTtbXAKrCR7-EV4c86Q==

Redirect headers

date: Tue, 11 Jun 2024 12:23:42 GMT
via: 1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P12
x-cache: FunctionGeneratedResponse from cloudfront
location: https://embedcdn.sendtonews.com/easy-stn-player/7.32.19-A/embed.js
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 5PQkEl9PonC1JySLi6VjPOjXPwue5vYEkPAwBXyJlThGRmSJvN090Q==

GET
H2 200 e-202424.js Show response
stats.wp.com/ 7 KB
3 KB 126ms
37ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202424.js
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113627.1218
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sun, 08 Jun 2025 23:05:10 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 273 KB
57 KB 146ms
48ms Script
application/javascript 18.66.112.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=qvafiWEMPCh8IoPeDXjiO7iGSktQ4yIaTHfS&ver=6.5.4
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46593633bf055c5b86dee0978c9a58bd038fa0d51360bd1c7b58201968fc5109

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:20:18 GMT
content-encoding: gzip
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Sat, 08 Jun 2024 02:50:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 225
x-amz-server-side-encryption: AES256
etag: W/"48748b32775dee651388f73bd186ddb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 2nDcIOaGNEHJ3qBxZ7mqmohWNPWmYiXTIR8DgHxjt4iDrX1KmW9Jkw==

GET
H2 200 sharing.min.js Show response
www.baltimoresun.com/wp-content/mu-plugins/jetpack-13.4/_inc/build/sharedaddy/ 9 KB
3 KB 39ms
39ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/mu-plugins/jetpack-13.4/_inc/build/sharedaddy/sharing.min.js?ver=13.4.3
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Tue, 04 Jun 2024 17:27:09 GMT
server: nginx
etag: W/"665f4e6d-2259"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 boldcoastal.css
www.baltimoresun.com/wp-content/themes/assets/static/css/ 767 KB
148 KB 42ms
42ms Stylesheet
text/css 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/themes/assets/static/css/boldcoastal.css?ver=1717773420
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b64ec986c5640bc35c15c347fbad72cb38d2d53c95cb05432eab5ca32e89fe4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Mon, 10 Jun 2024 21:39:38 GMT
server: nginx
etag: W/"6667729a-bfb52"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
812 B 54ms
53ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Serif+4:ital,opsz,wght@0,8..60,200;0,8..60,400;1,8..60,200;1,8..60,400&display=swap

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/_static/??-eJyNzEEKgCAQQNELpYNB5SY6i8oQAzmKM9L1c9siaPn48OGuJhVWZIV69ZNYQEjRvBDDpZRLQ+kMokEpQZIRU0Nkm4nt4AS/Ztoodsbvz5F3t7nFu3Xz8wOWQzvm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbd0b61ef8dbd7ea6a3d4b74f472a559abb7f18dd0ebdccf2a3aebc8070fa45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:23:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 12:23:42 GMT

GET
BLOB 200
OK 78059a11-c5af-4447-b8bb-c2d5fc749f99
https://www.baltimoresun.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.baltimoresun.com/78059a11-c5af-4447-b8bb-c2d5fc749f99
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 connatix.playspace.js Show response
cd.connatix.com/ Frame 94B1 2 KB
981 B 167ms
78ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.playspace.js
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53102017f735a43ba0757d0c93c3238292670bdd63c87571f1c064a2dd214f87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 892192eb8a23b627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
381 B 171ms
73ms Script
text/javascript 2606:4700:3110::6812:3303
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3303 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 05:43:40 GMT
server: cloudflare
age: 4344002
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 892192ec1ccc5311-LHR
expires: Tue, 11 Jun 2024 13:23:42 GMT

GET
H3 200 connatix.player.js Show response
cd.connatix.com/ Frame 954A 1 KB
999 B 83ms
72ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.player.js
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cebd7d47c48f71bfd0912b3aa32d5acf124691a2a201adab41569b1ca24711d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 892192eb8a1fb627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tribunedigital-network/ 1016 KB
229 KB 132ms
41ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50c424f3d98ef952223b48b4e982231d264ae0b7415a56445cbcd5ea9c9edcdd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uPXZIWOU9fZwA_b3pqp19LacCnGMitVg
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jun 2024 12:23:42 GMT
x-amz-request-id: JTQQ31SDPABDW8PJ
age: 28
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 234139
x-amz-id-2: D3XrjD2/fCqsSc7/v6N9hGWAyYgwhnrg7ksJ+UfsIc//z/HeRnG5G1fmkxvjuj4+ZGM2qdYTKaE=
x-served-by: cache-fra-etou8220116-FRA
last-modified: Tue, 04 Jun 2024 09:15:22 GMT
server: AmazonS3
x-timer: S1718108623.724475,VS0,VE2
etag: "d45dabdb7f3c0a6675f25f78d6e0369d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 653 KB
156 KB 151ms
63ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

130595b5e486155e030d83f552b41a8b2cdad662c2a2777fb0f95715c6e2672a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 159259
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 12:23:42 GMT

GET
BLOB 200
OK d90759a5-3b62-49b4-aa49-891ec69e24b5
https://www.baltimoresun.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.baltimoresun.com/d90759a5-3b62-49b4-aa49-891ec69e24b5
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 139ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.5.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:32:58 GMT
x-content-type-options: nosniff
age: 3044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:32:58 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 92ms
45ms Font
font/woff2 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 12:23:42 GMT
x-content-type-options: nosniff
age: 1847817
x-jsd-version: 1.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90528
x-served-by: cache-fra-etou8220112-FRA
x-jsd-version-type: version
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 178ms
81ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.5.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:24:27 GMT
x-content-type-options: nosniff
age: 3555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:24:27 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 238ms
142ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.5.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:09:29 GMT
x-content-type-options: nosniff
age: 4453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:09:29 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 22 KB
22 KB 222ms
125ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.5.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:26:35 GMT
x-content-type-options: nosniff
age: 3427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22476
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:26:35 GMT

GET
H2 200 vEFI2_tTDB4M7-auWDN0ahZJW1gb8tc.woff2
fonts.gstatic.com/s/sourceserif4/v8/ 119 KB
120 KB 194ms
98ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserif4/v8/vEFI2_tTDB4M7-auWDN0ahZJW1gb8tc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Serif+4:ital,opsz,wght@0,8..60,200;0,8..60,400;1,8..60,200;1,8..60,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

117a41aea81886b9a09b1e5a356cf2f9da046673aa723365dee6c2255d9fc192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 00:14:47 GMT
x-content-type-options: nosniff
age: 43735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122200
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:37:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 00:14:47 GMT

GET
H2 200 Sophi-Celeb-e1717555662796.jpg
www.baltimoresun.com/wp-content/uploads/2024/06/ 59 KB
59 KB 46ms
41ms Image
image/webp 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baltimoresun.com/wp-content/uploads/2024/06/Sophi-Celeb-e1717555662796.jpg?w=1020
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 752d5894ea972b91227ae1fc84e3b11f91bf36d036e0aaf719355f4cb97ccfd0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
x-rq: ams8 109 88 443
last-modified: Tue, 11 Jun 2024 02:07:44 GMT
server: nginx
etag: "85e3f81d9eee50b7"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 60378

GET
H2 200 CraigClary.jpeg
www.baltimoresun.com/wp-content/uploads/2023/11/ 1 KB
1 KB 46ms
41ms Image
image/webp 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baltimoresun.com/wp-content/uploads/2023/11/CraigClary.jpeg?w=85
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 874878c782a3f569ffc46afe8fac801cfa483605f1988866fe68253905e75a20

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
x-rq: ams8 109 195 443
last-modified: Tue, 11 Jun 2024 12:00:07 GMT
server: nginx
etag: "dc3d54aa0beb03d0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 1028

GET
H2 200 common.chunk.min.js Show response
www.baltimoresun.com/wp-content/themes/assets/static/js/ 42 KB
11 KB 45ms
44ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/themes/assets/static/js/common.chunk.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Mon, 10 Jun 2024 21:39:38 GMT
server: nginx
etag: W/"6667729a-a619"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 common-async.chunk.min.js Show response
www.baltimoresun.com/wp-content/themes/assets/static/js/ 60 KB
8 KB 46ms
45ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/themes/assets/static/js/common-async.chunk.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fdf47058216a097eff037ab2fc360420ea4ac953f516ea21bf9d0ab1238e4bfe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Mon, 10 Jun 2024 21:39:38 GMT
server: nginx
etag: W/"6667729a-f163"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H2 200 boldcoastal-async.chunk.min.js Show response
www.baltimoresun.com/wp-content/themes/assets/static/js/ 3 KB
2 KB 45ms
45ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/themes/assets/static/js/boldcoastal-async.chunk.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d04e98fa76e2cdba4b0b45b0b206b13de39ff72f6371b7d97ed515e21646722

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-rq: ams8 111 253 443
last-modified: Mon, 10 Jun 2024 21:39:38 GMT
server: nginx
etag: W/"6667729a-c75"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
H3 200 easy-stn-player.js Show response
embed.sendtonews.com/easy-stn-player/7.32.19-A/ 688 KB
192 KB 97ms
43ms Script
application/javascript 18.173.205.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.205.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9d13201956b77ef26a3adf536a7bddd55287042c2240583d630df95f3799164

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:02 GMT
x-amz-version-id: LmJYjGodgzBDVE91KVx0ILx171OxCKkQ
content-encoding: br
last-modified: Mon, 27 May 2024 20:21:56 GMT
server: AmazonS3
age: 41
x-amz-cf-pop: FRA56-P12
etag: W/"fa9e91127b045bd51c4c1158097eb53a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: m3NW6ZfzHYZRN4SThoe7WoguUOa7ExJERD81yszvGo8eEdTgZkiHmQ==

GET
H2 200 /
cmp.osano.com/ Frame 8723 0
0 120ms
40ms Document
text/html 2600:9000:2449:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baltimoresun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 23162
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Tue, 11 Jun 2024 05:57:41 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 c88ca2a75ca16a71cee4beefb2f6e6b8.cloudfront.net (CloudFront)
x-amz-cf-id: 66k2Fn3IZ8km_yuZ0RVHKs66r7Gqpnn0FShGXLydCvWpncYsknYVKA==
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 de.json
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ Frame 0
0 466ms
420ms Preflight 18.245.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-78.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.baltimoresun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 11 Jun 2024 12:23:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 af3799c72ed879abb7633a4c3e57502e.cloudfront.net (CloudFront)
x-amz-cf-id: NwVZEzEDs1QmBegyNoFNr4-b7JAxL4SUZMK4fmzBUH0IMh8tpaIrYg==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ 98 KB
24 KB 44ms
44ms Script
application/javascript 2600:9000:2449:e600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:e600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b9490529c389089d86b18d70449243a8aebc8957cd2913d4cac6be0c9e38bca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 16:40:08 GMT
x-amz-version-id: Q.7YtenzQCRjMXQU2JRcef9_rs0Ubmga
content-encoding: br
x-content-type-options: nosniff
via: 1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
age: 71015
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jun 2024 16:39:35 GMT
server: AmazonS3
etag: W/"c8d520dc68cf9f472d21e789202a0ec9"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: CaMFbVBSYTQe24ch7QYFdEITABcmKWbEostcIboWMDHgttc2CjvPFA==

GET
H3 200 de.json Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ 31 KB
10 KB 44ms
44ms XHR
application/json 18.245.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-78.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6d47257f80cc386e36a87a5b97d50dc0345ddc665975518641837630ff09a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.baltimoresun.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Mon, 10 Jun 2024 16:41:06 GMT
x-content-type-options: nosniff
x-amz-version-id: FAZKVJGQDG.PkTO7zfvFr4c_aZXhwgBb
content-encoding: br
via: 1.1 af3799c72ed879abb7633a4c3e57502e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
age: 70958
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jun 2024 16:39:35 GMT
server: AmazonS3
etag: W/"0b118666666bf0cde1ad74cc430e0b50"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: 1Czl-oLq6vFH7PaK6tIYewGNp37nEukq3VPXefNsEI75WxR8hzUMXw==

GET
H2 200 wp-emoji-release.min.js Show response
www.baltimoresun.com/wp-includes/js/ 18 KB
5 KB 39ms
39ms Script
application/javascript 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-rq: ams8 111 254 443
last-modified: Wed, 05 Jun 2024 16:31:55 GMT
server: nginx
etag: W/"666092fb-4926"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: stale-while-revalidate=43200
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 29 KB
29 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2ad103f45a8d1684a0be752a18c156ec4555b9cbd0893cfffddc800c3753eac

Request headers

Referer
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 baltimoresun.com Show response
pubcast-files.remixd.com/player-configs/ 33 KB
33 KB 161ms
38ms Fetch
application/json 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/baltimoresun.com
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5970ffac3566ed4999bb38ea75fa5aac38cea3e2e2db693f5d71332ebbade514

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:45:56 GMT
age: 2266
x-guploader-uploadid: ABPtcPpn2DtRWzrzNQxVdEdYVrDrwN6jpuiUDpJyWC0O7JR6zud8-uSTQUabLzl1AHwLOlmRlEE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33528
last-modified: Thu, 21 Mar 2024 19:10:01 GMT
server: UploadServer
etag: "d074cb3bdd42c7a176c9108adbda33a1"
x-goog-generation: 1711048201836713
x-goog-hash: crc32c=c8p0jA==, md5=0HTLO91Cx6F2yRCK29ozoQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-meta-cache-control: public, no-cache, must-revalidate
x-goog-stored-content-length: 33528
accept-ranges: bytes
content-type: application/json
expires: Tue, 11 Jun 2024 12:45:56 GMT

GET
H3 200 elLoader.js Show response
cds.connatix.com/p/498029/ Frame 954A 3 KB
2 KB 98ms
71ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498029/elLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aac0bc8b2f0c6beb5c144730b8f705d8ea571fb2c5e59b04b20b8c431ef77f1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-amz-version-id: 1_V5NrL2XCIsAxw2m5h2JY93yRL7D8UV
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1208
last-modified: Tue, 11 Jun 2024 10:17:31 GMT
server: cloudflare
etag: "4bf97a5714f28cb9cabc2f9084ac6fb4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192ecac23b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:42 GMT

GET
H3 200 psLoader.js Show response
cds.connatix.com/p/498070/ Frame 94B1 7 KB
3 KB 107ms
80ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/psLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37b532c6737ea2312b5a2b90b4476428a552552f559ee2def8dd6064b81ff754

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-amz-version-id: 9iCmVWFjHpFCi4eJlCbdJuvhzSryPmzv
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 2307
last-modified: Tue, 11 Jun 2024 10:31:28 GMT
server: cloudflare
etag: "e05d9cb707c158ca91b0c99520d786f8"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192ecac24b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:42 GMT

GET
H2 200 1f3c6.svg
s.w.org/images/core/emoji/15.0.3/svg/ 1 KB
974 B 125ms
37ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f3c6.svg

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

7510cc92013c2cd6c8271e3435539d9870044945e4a50151a50b18e61ee4ba83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 2
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:15:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f6a8.svg
s.w.org/images/core/emoji/15.0.3/svg/ 1 KB
914 B 125ms
38ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f6a8.svg

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5ed681717a4679f291aa6076a88951cc5dea77f2e85ad52009f35c9eca5662e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 2
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:18:13 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f415.svg
s.w.org/images/core/emoji/15.0.3/svg/ 2 KB
1 KB 125ms
37ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f415.svg

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

632fc09dba15d0701ede125193205b9f0968ba54927166e851a20c6f431965e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 2
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:21:10 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f68c.svg
s.w.org/images/core/emoji/15.0.3/svg/ 1 KB
863 B 125ms
38ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f68c.svg

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

7fce1e44dba22837c7c5a0f4c62ed4c01b79def2d3b962f6361c4169358c21cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 2
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:15:39 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 authorize
mng-prod.auth0.com/ Frame 2CC7 0
0 395ms
289ms Document
text/html 2606:4700::6811:ffb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mng-prod.auth0.com/authorize?client_id=6Yc39HQJPnNPUnV9LWmdmxQeQPCR3NPS&audience=access-extension&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=SXQ1bG9BUFlaWC1ySGdxaVZOTVBUN1FkRW5ESHNEcFE0emxjYVlTTWduMQ%3D%3D&nonce=eTZIQmNvdFpwS25rfi5hc2F0OFFOY3hIZmc5T2k3WjhadG5mbFBNMH5aYw%3D%3D&redirect_uri=https%3A%2F%2Fwww.baltimoresun.com&code_challenge=qN7zMpsA8qPqgytJZGiekaP1_kJp5suhB-j8QnJ_FUc&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTMuNiJ9

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ffb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baltimoresun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 892192ed6f9e35e6-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 11 Jun 2024 12:23:43 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: dbe6427ea55948903db2
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1718108624

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 175ms
46ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1259
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4eb17760-601e-0096-44f7-bb2484000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Tue, 11 Jun 2024 12:53:42 GMT

GET
H2 200 loader-config.json Show response
loader-config.baltimoresun.com/prod/dfm/ 21 KB
3 KB 272ms
41ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-config.baltimoresun.com/prod/dfm/loader-config.json
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB2) /
Resource Hash: 05708eefbd8ed203ccd6b7bd60b96384a1c1100365e1ad6de9b2df4d8e490bed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
content-md5: WphyGitINlfDwtGbIr9d+g==
age: 359371
x-cache: HIT
content-length: 3000
x-ms-lease-status: unlocked
last-modified: Fri, 10 May 2024 06:24:40 GMT
server: ECAcc (frc/4CB2)
etag: 0x8DC70B9DFC85076
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ae173442-b01e-0079-19b5-b80b9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H3 200 connatix.player.dc.js Show response
cds.connatix.com/p/498029/ Frame 954A 498 KB
115 KB 117ms
116ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498029/connatix.player.dc.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498029/elLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad31efc921ae06fc3b78512f982d8211031cd2f3546323d8831e130f1ab5b6ea

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: OzgCrgIaOMHKClgmUkPTL2heB.uQSZxG
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 117772
last-modified: Tue, 11 Jun 2024 10:17:31 GMT
server: cloudflare
etag: "e6b250fc6a1725acb87ae44220565289"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192edddc6b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 connatix.playspace.dc.js Show response
cds.connatix.com/p/498070/ Frame 94B1 449 KB
105 KB 64ms
64ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/psLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef6cc7672765cfd2cf44745afb8f14ddb89e9b749d0d4ec65bd4804328d83bb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: BUpGlvcR4m0eRDOPhRsKyz28FHWu6hyi
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 106915
last-modified: Tue, 11 Jun 2024 10:31:27 GMT
server: cloudflare
etag: "cef9546ba42ca3dd523331c2d934f539"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192edddc8b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H/1.1 200
OK sign_me_up.js Show response
d1y4ng3lozj2yp.cloudfront.net/automatic_signups/v1/ 154 KB
154 KB 155ms
47ms Script
application/javascript 18.173.206.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1y4ng3lozj2yp.cloudfront.net/automatic_signups/v1/sign_me_up.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.206.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-206-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd411901dd57257a53928db21bd5656edef5d9849dba59317af45c4344362df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 03:59:53 GMT
Via: 1.1 1270eda8f49e8826b43258fcc9ef44d2.cloudfront.net (CloudFront)
Last-Modified: Thu, 17 Dec 2020 00:27:29 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P12
Age: 30230
ETag: "ebb8b5b0714d9888b59f1ca5023a8901"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
x-amz-storage-class: INTELLIGENT_TIERING
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157532
X-Amz-Cf-Id: RoQXn0yPIRfJPXvVkEwb0sfoXIZx8fc0wF6FYkPCL7_fycACEuoBDg==

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 240ms
131ms Image
text/plain 18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1718108623011&ns_c=UTF-8&c8=Sophi%20Wrisk%20helps%20Tampa%20to%20Division%20II%20lacrosse%20national%20title&c7=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&c9=
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: f_37SqcEbhEFEDYBHYkyKCOq_lQ7DgABsJqhss--hFCe9RwV2HKBdA==
x-cache: Miss from cloudfront

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 370ms
120ms Ping
image/gif 3.230.91.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=XpOTkUKgy5vATbd1&instance=147132&version=7.32.19-A&age=240611&cmd=PRE_INIT&key=NCG8U5Yj&seq=1&order=1&vIndex=0&absoluteTime=1561.4&relativeTime=0.2&type=stnplayer&canonical=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&EXTREF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&REF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-157.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 css
fonts.googleapis.com/ 6 KB
1 KB 51ms
50ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 11:00:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 12:23:43 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
366 B 51ms
51ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:23:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 12:23:43 GMT

GET
H3 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
5 KB 200ms
151ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 410418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4023
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-4e34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VFemVHW%2BKRn5XdZUgwoNAs6L3UCGftaL7TjhfnjJx3uEw6VI4nNUa%2B%2BgU36vgLH5e%2FwkZe67LcccqnVnNa2m9v%2FXZnjYYAuZsF5O7hd9XqWcU8ODr07QPOTDLpUBdbx0CZqLJwB%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 892192ef983a18d4-FRA
expires: Sun, 01 Jun 2025 12:23:43 GMT

GET
H3 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame E7D8 53 KB
21 KB 109ms
65ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1529646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20502
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7T6eOAzLjMmPxh%2FVqxo6pvU0ESVop%2FL3kq3Xy%2Bd%2FhG5q%2BEaP5%2BBoSBuN53LdD8sb0vwMFkDfQzijIJaYhnzuIdi0Z3nIBvaRUMYcWxxQJDIz%2FSwtSk%2F13gwWOr4%2BxfQbbpHxOBb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 892192ef0f5618d4-FRA
expires: Sun, 01 Jun 2025 12:23:43 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 400 KB
138 KB 192ms
99ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8ec0c1125303f14cb314046c17c44f93570c31c302b5ea0cc09e2311eb5122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140422
x-xss-protection: 0
expires: Tue, 11 Jun 2024 12:23:43 GMT

GET
H3 200 prebid.js Show response
embed.sendtonews.com/library/prebid/8.30.0_inline_mm/ Frame E7D8 672 KB
212 KB 97ms
96ms Script
application/javascript 18.173.205.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/prebid/8.30.0_inline_mm/prebid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.205.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38decf7df40e0a2697b2927061b78a370efee2059686085c39a16e146aaf5a9f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: OP7BCyIJnYO8CnRqE68D04QaNM6AyJRt
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
date: Mon, 10 Jun 2024 16:53:28 GMT
last-modified: Wed, 20 Mar 2024 18:41:02 GMT
server: AmazonS3
age: 70217
x-amz-cf-pop: FRA56-P12
etag: W/"fead0eb3720e3154635b447c5433485b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: T3YCWKf8FTfbqBu0zAFTZuYuXx-X7SZFnzNgxzfV3lwpEsXqbQVYww==

GET
H2 200 IIQUniversalID.js Show response
mp.mmvideocdn.com/mini-player/ Frame E7D8 95 KB
22 KB 158ms
49ms Script
application/javascript 2600:9000:2251:800:e:8add:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/mini-player/IIQUniversalID.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:800:e:8add:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ccbcfe685f4f66143fb324f2d6cea6d2baf0ff52a8afc5ed8d48b73af008add6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 05 Mar 2024 14:39:49 GMT
x-amz-version-id: 0nXcCK5qjvqTItgKck8QiVa7Hp18P0cZ
content-encoding: br
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 8459035
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Jan 2024 15:00:45 GMT
server: CloudFront
etag: W/"e30204734fdbefbad4bf9494c129f740"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, no-store
x-amz-cf-id: Bmvon-CHkHiz6D0TvzLVIxaxGwHfCMLhxsCT8HiUFm6kUjGsGTxVUg==

GET
H3 200 comScore.gt.min.js Show response
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame E7D8 335 KB
59 KB 41ms
41ms Script
application/javascript 18.173.205.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.205.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
date: Mon, 10 Jun 2024 16:53:27 GMT
last-modified: Thu, 13 Apr 2023 16:36:13 GMT
server: AmazonS3
age: 70217
x-amz-cf-pop: FRA56-P12
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GxY1d-2IPEb3Li0ZhW4EHKSY1VgVHyEdS6Ts84WQyngR4-uBU0UWEQ==

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 136ms
38ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 05:16:44 GMT
via: 1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 63191
etag: "cb93bb50e5d021cc38de445a672c18a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: IqfXTm0P_7WspSrR-6N1J1UJuQDGF49hNjmxYruZnsvjxtuYhamCVw==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
655 B 137ms
38ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 05:16:44 GMT
via: 1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 58648
etag: "311cf2edc46e82f2a6911332b7db54e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 322
x-amz-cf-id: 9NWKIoxuvrdB_r7uNqPKUfFZsEvCFfO-qWpystRP1jv0bAcwj1YT4A==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 143ms
45ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 01:36:13 GMT
via: 1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 63191
etag: "8be584e844dabfe22970a0cb943c047e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 832
x-amz-cf-id: OaNzSteoyJmaqhnn_NPXH96xk5s_3nzD0h2fPpZqWef-OuE_Qh9_qQ==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 138ms
40ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 05:16:44 GMT
via: 1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 63190
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 773
x-amz-cf-id: 47QwVWxmw0MF53ijUvmY0GS8fme2--sL0prtTMzWOxzGGfpF8QXLXg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame E7D8 305 KB
76 KB 151ms
45ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:16:01 GMT
content-encoding: gzip
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
last-modified: Tue, 28 May 2024 21:30:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 464
x-amz-server-side-encryption: AES256
etag: W/"7e37c61c24c4f874b286570f1eebc0ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: HSF2zWFc9CxA3IlWOQ-3GWC9FvqX_EVMjObFxr26pCgsQCz3xC8wHw==

GET
H3 200 data_read.php Show response
embed.sendtonews.com/player4/ 4 KB
2 KB 148ms
148ms Fetch
text/html 18.173.205.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=XpOTkUKgy5vATbd1&instance=147132&version=7.32.19-A&age=240611&ESG_key=NCG8U5Yj&type=FULL&EXTREF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&REF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.205.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-108.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b8881ab2bfa3fd0633bf3c86a77233196f3e5e9947d8ac6660a263ab28112195

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P12
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
alt-svc: h3=":443"; ma=86400
content-length: 1516
x-amz-cf-id: -KGx1rM7V3etvnF8rrqqxn0nxyR65J8SmT9nXxJlVKSjSFKmIWu0uA==
expires: Tue, 11 Jun 2024 12:23:44 GMT

GET
H2 200 standard-player.html Show response
tags.remixd.com/player/v5/players/ 130 KB
30 KB 140ms
53ms Fetch
text/html 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/players/standard-player.html
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 818b515528e75d20a6c1714a3b808a2877a724d51c984a0bd9e8c244ce9ce3d8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 17
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29827
last-modified: Tue, 31 Oct 2023 15:34:26 GMT
server: AmazonS3
etag: "1a9dd5e9554676ab1900727441a87258"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
cache-control: public,max-age=1800
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: jZAMLdK923iVnFq_TeHW_3szzFzMLSko3raOyKVp4yW6Qj8eBTeHtg==

GET
BLOB 200
OK d1e31327-20a4-4ea9-aee7-2e5500817584
https://www.baltimoresun.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.baltimoresun.com/d1e31327-20a4-4ea9-aee7-2e5500817584
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 60dbec53-4475-457d-8188-10e6647e56bd
https://www.baltimoresun.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.baltimoresun.com/60dbec53-4475-457d-8188-10e6647e56bd
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f748f8d2-3854-4ae7-8802-2a78d6d7aae3
https://www.baltimoresun.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.baltimoresun.com/f748f8d2-3854-4ae7-8802-2a78d6d7aae3
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 session Show response
session.baltimoresun.com/api/ 112 B
277 B 683ms
209ms XHR
application/json 35.162.0.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.baltimoresun.com/api/session
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/_static/??-eJylzLEKgDAMBNAfso0ORRdx9TeqlpLSRjEp+vnWSVx1OjjuHhybmlcSRwJbzB6JIZFXC3rkPDGwWMH51elkkfSUaYlOB67gi1EO5E75y5QxSnSpJP+1Mo72BvYHGlLftE1XG2PaLly/ZXEf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.0.228 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-0-228.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:43 GMT
access-control-allow-credentials: true
content-length: 112
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 fp.min.js Show response
fp.theoaklandpress.com/prod/dfm/ 66 KB
23 KB 171ms
43ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.theoaklandpress.com/prod/dfm/fp.min.js?2024511
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CEC) /
Resource Hash: eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
content-md5: uNbNlIeYZ9WdMaBieS7wbw==
age: 14281
x-cache: HIT
content-length: 23529
x-ms-lease-status: unlocked
last-modified: Mon, 04 Dec 2023 04:53:57 GMT
server: ECAcc (frc/4CEC)
etag: 0x8DBF4850646CDD0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1fec982a-e01e-004b-23d8-bb0bed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2i.theoaklandpress.com/prod/dfm/ 220 KB
48 KB 201ms
41ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2i.theoaklandpress.com/prod/dfm/g2i.min.js?2024511
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE7) /
Resource Hash: 89ca862aa5275d09c035a7888cdee5ee1d029263ec02227bc8e50b9b70e841cc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
content-md5: qlr3V07fWAqLVbYksQmbhg==
age: 15904
x-cache: HIT
content-length: 49043
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 04:37:16 GMT
server: ECAcc (frc/4CE7)
etag: 0x8DC4960964E6EDF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dd2fcac0-101e-0002-50d5-bb4906000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
engage.theoaklandpress.com/prod/dfm/ 1 MB
398 KB 209ms
44ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.theoaklandpress.com/prod/dfm/t8y9347t.min.js?2024511
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: d29ddbf7b5cd889ac6f147f31ace40430208e0a7222a1eaf965826d0ae978020

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
content-md5: khnsb1Lsu/vw40ORJRo+gw==
age: 15994
x-cache: HIT
content-length: 407380
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 04:36:56 GMT
server: ECAcc (frc/4CC2)
etag: 0x8DC49608A4048B6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eec77bc0-601e-009e-55d4-bbe460000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.css
engage.theoaklandpress.com/prod/dfm/ 398 KB
55 KB 201ms
39ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.theoaklandpress.com/prod/dfm/t8y9347t.min.css?2024511
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C87) /
Resource Hash: 7a471672f3f91ad82285192cae07b7e06f4b2baddec73d8e6898a1a445f5d0ea

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
content-md5: 9Bq5JG2fC2IMqhgJQ9d//Q==
age: 15985
x-cache: HIT
content-length: 56164
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 04:36:56 GMT
server: ECAcc (frc/4C87)
etag: 0x8DC49608A3EC24B
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 1dcc4ce1-b01e-00b2-42d4-bb08cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H3 200 playspace.renderer.js Show response
cds.connatix.com/p/498070/ Frame 94B1 275 KB
63 KB 128ms
128ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/playspace.renderer.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19834bbf3915deb1419f6135eed5a07c5195740af4b4a569da28506d6915d523

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: 7cU.e32A_Rc1yuSH6HJ6QEyE1U7TQ7Ph
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 63706
last-modified: Tue, 11 Jun 2024 10:31:28 GMT
server: cloudflare
etag: "85ce7b47ebffaaca1b48429130627ac9"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f01976b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 playspace.hls.js Show response
cds.connatix.com/p/498070/ Frame 94B1 289 KB
75 KB 77ms
77ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/playspace.hls.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dca59a7344d2ef98a0c5a2e54cd42f4fb3890d530853a2500f847d640278e5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: LEsr98U.aSZa5dei_Uew38ZRjFv3CEx2
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 76424
last-modified: Tue, 11 Jun 2024 10:31:28 GMT
server: cloudflare
etag: "b9bc08d0a5274dee0fbdcfce098fab9b"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f0197cb627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 cSyncRemoteEntry.js Show response
cds.connatix.com/p/498070/ Frame 94B1 3 KB
2 KB 64ms
64ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/cSyncRemoteEntry.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12284eee6b8ab7860b76e17ab31bbe85be1063e473b04ae17afec057ac7835b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: PK8gDl10kFzBt2b4gCCeX.hvVCJpK51w
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1389
last-modified: Tue, 11 Jun 2024 10:31:27 GMT
server: cloudflare
etag: "d71a18b04ab6c21eff263548857b2b3a"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f0197eb627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 connatix.playspace.css
cds.connatix.com/p/498070/ 117 KB
14 KB 129ms
128ms Stylesheet
text/css 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/connatix.playspace.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4aef8354ee5b81b1fab7d69f14bd265b2d8b62aa92b8b4807959835140acf1d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: rKIwQoz2HeOpmH1bWmObXzHLbiKG_vXA
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 14369
last-modified: Tue, 11 Jun 2024 10:31:27 GMT
server: cloudflare
etag: "48245a5aff3aecfadbea8d2eb241f8de"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f01980b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 playspace.ads.js Show response
cds.connatix.com/p/498070/ Frame 94B1 400 KB
88 KB 73ms
73ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/playspace.ads.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f47ddb5ae4db6b65d0f2d41d1b2ea1746a93efe62139714e08392709f08af33

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: DXyNRjeE8mKTlv5Im5a8peR6nCBqrCQd
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 89247
last-modified: Tue, 11 Jun 2024 10:31:28 GMT
server: cloudflare
etag: "b31527c8a6ba94ba28c9699ef714ec95"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f01981b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H2 404 undefined
www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ 0
0 436ms
436ms Script
text/html 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/undefined

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
date: Tue, 11 Jun 2024 12:23:43 GMT
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-encoding: br
x-rq: ams8 111 253 443
server: nginx
x-powered-by: WordPress VIP <https://wpvip.com>
x-cache: EXPIRED
content-type: text/html; charset=UTF-8
cache-control: private, no-store
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.baltimoresun.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 313 KB
103 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KBJZZBKXBS&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0667137d501396673ac4d183986501a49bf70ccae0254cce2d55a2217bfc9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 12:23:43 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/baltimoresun.com/ 67 KB
25 KB 144ms
46ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/baltimoresun.com/p.js?gtm_ver=3.1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f4a72ca1f84ee0e275242a6ee4565d944f8f04ba67a3dd9761db6bd4a3a63cdd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 11 Jun 2024 06:14:41 GMT
content-encoding: gzip
via: 1.1 8c2a58b44ec0f49caee32696bddc8526.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 16:58:32 GMT
server: nginx
x-amz-cf-pop: FRA56-P10
age: 22142
etag: W/"65c113b8-10a89"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: bkWla6KyUVGGaC85YdIf8vDeuUX0UWHEj18drZ0CZYpKMukdbEt2BQ==
expires: Wed, 12 Jun 2024 06:14:41 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 119ms
119ms Ping
image/gif 3.230.91.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=XpOTkUKgy5vATbd1&instance=298147132&version=7.32.19-A&age=240611&cmd=GET&key=NCG8U5Yj&c_id=4643&seq=1&order=2&vIndex=0&absoluteTime=1881.8&relativeTime=320.6&type=stnplayer&canonical=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&EXTREF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&REF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-157.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/200302733/ Frame E7D8 0
96 B 176ms
59ms Script
text/plain 104.18.13.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 892192f14eb38f3f-FRA
vary: Accept-Encoding

GET
H2 200 index.php Show response
playlist.stnvideo.com/player/data/ 31 KB
6 KB 506ms
258ms Fetch
text/html 3.90.194.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://playlist.stnvideo.com/player/data/index.php?cmd=loadInitial&session=XpOTkUKgy5vATbd1&instance=298147132&version=7.32.19-A&age=240611&ESG_key=NCG8U5Yj&type=FULL&EXTREF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&REF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.90.194.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-194-146.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e4785959b3f0732e9e76f1aa059dba6b0f08bb930d80d8e6ca2457e18087ee6e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
server: Apache
content-length: 5888
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 FUtg69tL.js Show response
cdn.jwplayer.com/libraries/ Frame 8D7B 110 KB
41 KB 138ms
46ms Script
text/javascript 2600:9000:225e:6800:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: f9f160d026deb716519bd0c42ae475e460fb18fade6c8494f6c24dcbe274466c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:22:49 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 54
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 41914
x-amz-cf-id: Je1RXyGPzF0owKkt_WM10XMmsT0o3tvhIoKCfqiWMmyehkePyBVdAQ==

GET
H3 200 295.js Show response
cds.connatix.com/p/498070/ Frame 94B1 66 KB
18 KB 64ms
63ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/295.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391e2e6afed795620cb639297047cbb5be8381c737879bf0fad3a9309c54d4a4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: WyN7Zomlp7.skPRgTPlMc7_GAqlc5a_F
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 17750
last-modified: Tue, 11 Jun 2024 10:31:27 GMT
server: cloudflare
etag: "3e8de6593393fc27a8851caad7d16d60"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f0baadb627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 229.js Show response
cds.connatix.com/p/498070/ Frame 94B1 10 KB
3 KB 67ms
66ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/229.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22909b9d90ba5d88eeb07db3bf5fc0f15d471ffa0a481039944003dea383811b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: zam1Cu6voeSk0Dqk4_KiZMkfsDaimj69
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3124
last-modified: Tue, 11 Jun 2024 10:31:27 GMT
server: cloudflare
etag: "6d5f19a3856f2cf95587e73322f6b3d2"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f0bab1b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 402.js Show response
cds.connatix.com/p/498070/ Frame 94B1 3 KB
1 KB 69ms
68ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/402.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 110b661dd0a63be072cbb6d5429c35b831706b3d6e615574ba5b85ad66b38e5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: Xv89DyWuj1KH_JsNPSS5EBUx9KLlzMK8
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1136
last-modified: Tue, 11 Jun 2024 10:31:27 GMT
server: cloudflare
etag: "21d1fbb372b67fb4b3d18c421b8a6f69"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f0bab6b627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 627 B
198 B 208ms
125ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a14013722b8f0fedd1f5b7737766e368738960df55a5d93ac261ce293bc6ee67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
expires: Tue, 11 Jun 2024 12:23:43 GMT

GET
H2 200 bridge3.644.0_en.html
imasdk.googleapis.com/js/core/ Frame F599 0
0 122ms
39ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baltimoresun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 4228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 254691
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 11:13:15 GMT
expires: Wed, 11 Jun 2025 11:13:15 GMT
last-modified: Wed, 05 Jun 2024 19:38:43 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E7D8 6 KB
3 KB 121ms
42ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 04:44:56 GMT
x-amz-cf-pop: FRA56-P6
age: 28347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: xW8Vo2c6tbnZ7tmovTi2xaOWGYZ_p5OohsxkRJkv_ofk8mOqcUG-CQ==

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame 94B1
Redirect Chain

https://capi.connatix.com/core/sync
https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&ImplementationType=0&ClientAb2=10

7 KB
3 KB

149ms
149ms

XHR
application/json

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&ImplementationType=0&ClientAb2=10
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H3
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34e8eda17fd1c37ab3f4da36c544edbacfa1155feaa2bb1525cbf3624ac10b6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 892192f30e76b627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 2738
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 11 Jun 2024 12:23:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?final=true&UseUserScore=Yes&ImplementationType=0&ClientAb2=10
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 892192f1fcb5b627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 27
alt-svc: h3=":443"; ma=86400

POST
H3 200 story Show response
capi.connatix.com/core/ Frame 94B1 31 KB
14 KB 188ms
178ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=498070
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b83a53b5c5f63a17b709a824dca9c3931fbdf4b91d4a60df9af4ea86a70b77

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 892192f1fcb6b627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H3 200 css2
fonts.googleapis.com/ Frame 8D7B 3 KB
528 B 58ms
58ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Requested by

Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

110fab73d60066f8ae480c2a8e5e7fa48543f79715bc063138f17919e8a0b5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:08:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 12:23:43 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame 8D7B 43 B
199 B 464ms
361ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&domain=baltimoresun.com&adDuration=&inViewDuration=&sessionDuration=0&sessionId=bd885f9b-9a76-42e5-8501-57eb343caba7&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
x-guploader-uploadid: ABPtcPpK-d9S1as66QtTyDqgBM-Uy2Td3IsW0hgSIotTKVciga43xjT_wttNNYiH0RdUXhCt8Ug
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 11 Jun 2025 12:23:44 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame 8D7B 43 B
571 B 247ms
144ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&domain=baltimoresun.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=bd885f9b-9a76-42e5-8501-57eb343caba7&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
x-guploader-uploadid: ABPtcPqXUcl7xhWwcQ4DfgPhAyvWU2lqLpHg80EcrRcDk9lJ5oPceKpeh45521wcpti2R3o3-9U-W6fmyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame 8D7B 43 B
183 B 351ms
248ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&domain=baltimoresun.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=bd885f9b-9a76-42e5-8501-57eb343caba7&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
x-guploader-uploadid: ABPtcPoz6_y-gWJj2GqvD3d3Yg55Uj8J09i38JY3WMYCGxuptQgH7xBKzLSEktH5inhs84EsbcQKXGLHSA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 230ms
55ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1718108623666&plid=830d35f2-1a24-493d-9090-d136103a0654&idsite=baltimoresun.com&url=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F%22%2C%22hash%22%3A-1019410812%7D%7D&sid=1&surl=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&sref=&sts=1718108623666&slts=0&title=Sophi+Wrisk+helps+Tampa+to+Division+II+lacrosse+national+title&date=Tue+Jun+11+2024+14%3A23%3A43+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&pvid=2f8f2b35-c222-44c9-84fb-2612f2b2ca98&u=pid%3D79669b8e-f131-44cf-8dbb-cf56e75cec57
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 12:23:43 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 11-Jun-2024 12:23:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 8D7B 20 KB
21 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 00:58:22 GMT
x-content-type-options: nosniff
age: 41121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 00:58:22 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 8D7B 21 KB
21 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:17:15 GMT
x-content-type-options: nosniff
age: 3988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:17:15 GMT

GET
H3 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 562 B
770 B 327ms
263ms XHR
application/json 104.26.4.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1718108623777
Requested by: Host: fp.theoaklandpress.com
URL: https://fp.theoaklandpress.com/prod/dfm/fp.min.js?2024511
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 963299fa5ebaf499d9d69b3f0ea5f52539551fa5ac2b2b0474df5cdc13277556

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2024 12:23:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OgyTnQo1%2FgznHUHn6YRuW9gRadIGS8FwLxzIRCtmVZPuRe97yeIBIXx%2Bsda49JYMHIu5WI6mJwI8ys050l29DIdvaDJ2b3TVbYTB5J%2BblwKJBImU5nfZfRwNaiMmaRskH1RA"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 892192f32b212c7a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 insights.bin Show response
ins.connatix.com/cd76cf86-c3b1-473b-bb47-577cfbe91db9/74bf3b55-e8ac-4237-988a-c2827ec2ff1a/ Frame 94B1 828 B
776 B 133ms
64ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/cd76cf86-c3b1-473b-bb47-577cfbe91db9/74bf3b55-e8ac-4237-988a-c2827ec2ff1a/insights.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c82da2a76911690bf38ab6e256d2a83bcc3c3159836f593ddec36823b124f3d7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jun 2024 00:26:00 GMT
server: cloudflare
etag: W/"bd56af6dae56ecf4b51b2af5d2bd7ab1"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 892192f38f785902-TXL
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 playspace.iframe.integration.destroy.js Show response
cds.connatix.com/p/498070/ Frame 94B1 737 B
744 B 84ms
83ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/498070/playspace.iframe.integration.destroy.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ed2d6930b5010994c63cd7908ab44a6cdded82008f41b82aa5f82278e8e89a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-amz-version-id: MAe87ShCkxB7WqaaRy_NugMq7EQ6iSik
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 375
last-modified: Tue, 11 Jun 2024 10:31:28 GMT
server: cloudflare
etag: "bf26437ee7e8af2159eb5bf33b50aef3"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f32ebcb627-WAW
access-control-allow-headers: range
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H3 200 blockedDomains_5.bin Show response
lit.connatix.com/7d423eb6-dd12-46dd-a98d-b521e68a5053/ Frame 94B1 54 B
405 B 168ms
76ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/7d423eb6-dd12-46dd-a98d-b521e68a5053/blockedDomains_5.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8326beb9639a522a44364f3635e2bafb7e5efba5bc67113b80a742d54346d4e6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:07:50 GMT
server: cloudflare
etag: W/"73dc23be34d84af1397ddc8ff368d301"
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 892192f3b92cbbc4-WAW
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jun 2025 12:23:43 GMT

GET
H2 200 baltimore-sun-favicon.png
www.baltimoresun.com/wp-content/uploads/2023/11/ 818 B
1 KB 40ms
39ms Other
image/webp 192.0.66.202
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baltimoresun.com/wp-content/uploads/2023/11/baltimore-sun-favicon.png?w=32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.202 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fd58f382f8129279371b4a9e15224e926d28dd0859a49de761688efb7c8f6104

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
x-rq: ams8 109 27 443
last-modified: Fri, 01 Dec 2023 05:35:27 GMT
server: nginx
etag: "5d3e60c59cdd6afe"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 818

GET
BLOB 200
OK 3985b034-6bc5-44d3-9f4a-39a62026d307
https://www.baltimoresun.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.baltimoresun.com/3985b034-6bc5-44d3-9f4a-39a62026d307
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 session Show response
session.baltimoresun.com/api/ 112 B
276 B 209ms
209ms XHR
application/json 35.162.0.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.baltimoresun.com/api/session
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/_static/??-eJylzLEKgDAMBNAfso0ORRdx9TeqlpLSRjEp+vnWSVx1OjjuHhybmlcSRwJbzB6JIZFXC3rkPDGwWMH51elkkfSUaYlOB67gi1EO5E75y5QxSnSpJP+1Mo72BvYHGlLftE1XG2PaLly/ZXEf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.0.228 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-0-228.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:44 GMT
access-control-allow-credentials: true
content-length: 112
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 6c3f03cd-6fa8-4477-ac05-2c0f4f8da092 Show response
config.aps.amazon-adsystem.com/configs/ Frame E7D8 563 B
830 B 144ms
40ms Script
application/javascript 18.245.31.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-65.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4866e8a065e67b39e434c0634bd78597919e714ef8de7321ffd70c5fd03cde01

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:54:57 GMT
via: 1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 1727
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: j3PWLR_8qTh7B4T5knpUSm4yzRwaCxiDlHD8bogPIBQPC0eLpOw0kA==

GET config
c.amazon-adsystem.com/cdn/prod/ Frame E7D8 0
0

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 42ms
42ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:43:42 GMT
x-content-type-options: nosniff
age: 2402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:43:42 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c95bbac8e167a1fd9297768d9c45d1f50db54733b750ae889b3a5efd2fae8fa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 45ms
45ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:22:43 GMT
x-content-type-options: nosniff
age: 3661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:22:43 GMT

GET
H2 200 4WWJ7kxr8Tmaxresdefault.webp
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 45 KB
46 KB 214ms
133ms Image
image/webp 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/4WWJ7kxr8Tmaxresdefault.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9f2b41864bfcb8887fd970039e8d6cabdef87d19eb8e244128b1142e1c75d95

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 46318
last-modified: Thu, 06 Jun 2024 22:18:21 GMT
server: AmazonS3
etag: "c37af2b724dc03a2a6be7593f98e59b5"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: lf41sOcLkwSxl4_BNrxyRib7ThXUbyzNx47Wne0IVBAg4AV8PFxQgA==

GET
H2 200 0_7.29.5D.js Show response
player.sendtonews.com/bidderFiles/ 4 KB
2 KB 163ms
47ms Script
application/javascript 108.138.192.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0_7.29.5D.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-67.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6c169dbf34be0654a382729b525a36d66d224d217b7304ee98f60b5e2855141

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://embed.sendtonews.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DG7VdSjLO9QYldP.wpgsjonv8VAEuGHw
content-encoding: gzip
via: 1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront), 1.1 65678b013de2c2e6c05b27f6ecb2d78a.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 01:25:42 GMT
x-amz-cf-pop: FRA56-P12, MXP64-P1
age: 39498
x-cache: Hit from cloudfront
last-modified: Tue, 09 Jan 2024 22:43:09 GMT
server: AmazonS3
etag: W/"0ed2a0e0564292e4148668aa0dd61b76"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id: l-CTJ-PpJONIJw6VxN-iQR89Azvi-Ohzk3Mo7hCh39ohOFPXW0UciA==

GET
H2 200 3599139191892429866623471dd9192.32312584playlist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 307 B
895 B 250ms
185ms XHR
application/x-mpegurl 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/3599139191892429866623471dd9192.32312584playlist.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b2944963396369c142b157d6f3700425936a7bcac540583e19441fbd829839c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 307
last-modified: Thu, 06 Jun 2024 22:18:18 GMT
server: AmazonS3
etag: "898a6520761f0975ca9286f8aa6c182f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: NSlpo2F93VV-NBT9eAAFrhKtDdHTMUhl6JLb00NFLQLfrl3PxMR9Tw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 127ms
126ms Ping
image/gif 3.230.91.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=XpOTkUKgy5vATbd1&instance=298147132&version=7.32.19-A&age=240611&cmd=RTP&key=NCG8U5Yj&c_id=4643&seq=1&order=3&vIndex=0&absoluteTime=2446&relativeTime=884.8&type=stnplayer&sC_ID=14539&sm_id=3666730&load=1&status=LVFPSNIN&ac_id=2008&EXTREF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&REF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&playerCfg=FL&playerType=FLOAT&smVersion=2&smPlaylist=smart&DS=NA&eg.enabled=true&eg.delay=5&eg.ctdwn=5&eg.vl=10&eg.mid=rm&eg.source=p7&eg.time=false
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-157.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 127ms
126ms Ping
image/gif 3.230.91.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=XpOTkUKgy5vATbd1&instance=298147132&version=7.32.19-A&age=240611&cmd=IMA&key=NCG8U5Yj&c_id=4643&seq=1&order=4&vIndex=0&absoluteTime=2446.6&relativeTime=885.4&type=stnplayer&EXTREF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&REF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&playerCfg=FL&recoveryMethod=NONE&imaVersion=3.644.0&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-157.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ 2 KB
982 B 160ms
73ms Fetch
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22960152043%2F54098486&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&hl=en&vpa=auto&vconp=2&cmsid=2631244&plcmt=1&vid=3666730&vpmute=1&us_privacy=1---&cust_params=sessionKey%3D298147132-XpOTkUKgy5vATbd1%26schain%3Dstnvideo.com%2CSTN_0002637%26content%3D14539%26placementType%3DPremium%26embed%3DNCG8U5Yj%26domain%3Dbaltimoresun.com%26player_size%3Dsmall%26player_width%3D711%26player_height%3D400%26player_type%3Dfloat%26smartmatch%3Dyes%26version%3D7.32.19-A%26player_status%3DLVFPSNIN%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00499%26rand%3D20%26uhr%3D14%26us_privacy%3D1---%26keywchk%3Dok%26plcmt%3D1%26placement%3D1%26level1%3Dsports%26level2%3Dsport%26owner%3Dbetter_collective%26tc_rand%3D81%26MMFKV%3D0

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

61b47b3e9c26f6d607fb9eb5e3cc8faccb583d5b4d6ff4de8fcd64b60042e1ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 955
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xalr3mgj8vxms34uw6qgq6qhrrqq7cgj.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 26 KB
26 KB 271ms
216ms Image
image/jpeg 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/xalr3mgj8vxms34uw6qgq6qhrrqq7cgj.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1bb84c38568dc54014cc09e30148f6b7439a2248c1b83244feb5b4a33d6f12b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:00:10 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26344
last-modified: Thu, 06 Jun 2024 02:35:25 GMT
server: AmazonS3
etag: "f38bc97e383dd03f818deaca70ae2d4e"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: kLhYXGmMB6n0mQ0YjK1vas9jD0wt-Se9dzWvCuggIJjKUAgG_AQY7w==

GET
H2 200 bsk5dhep15jlppx2rpd09wwkcu0ukfkg.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 247 KB
248 KB 345ms
290ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/bsk5dhep15jlppx2rpd09wwkcu0ukfkg.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98bdcebae080ee161ea5401346d2118be835f9b6a388ec0c497c8a371e357947

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:00:10 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 253204
last-modified: Sun, 09 Jun 2024 09:37:16 GMT
server: AmazonS3
etag: "f60f2975640c7e20ad7562da7f892652"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: VmJMHcZ5jdg9xb60pm3YIWqfzuNN_reT75-wynLq_KEk24sR9M2mZA==

GET
H2 200 d3i6z9uqrv8fvdigy6egoqtjnfifl2z0.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 26 KB
27 KB 258ms
203ms Image
image/jpeg 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/d3i6z9uqrv8fvdigy6egoqtjnfifl2z0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3a1b7d62f45477408d68dd41ddf4c7c99914e62704dd8ca16e02b4c3dd6beac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:00:10 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 26778
last-modified: Sat, 08 Jun 2024 02:37:32 GMT
server: AmazonS3
etag: "b340bf6b300ef56a701b8ae6533abc05"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: o4MPcnyfMoUdtzdckdTSI5uRSD715NdlF2HJZW-2Fh-CaMvnpByo_A==

GET
H2 200 dwpfmkwvik5dc7jcd12ar8slr54k1gly.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 246 KB
247 KB 274ms
220ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/dwpfmkwvik5dc7jcd12ar8slr54k1gly.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7e0cd953792584d83f362907c7000480a96e1ecaf795474eee57bda5cd0026b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:00:10 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 252338
last-modified: Thu, 06 Jun 2024 09:38:12 GMT
server: AmazonS3
etag: "3734f02df0e9ddec0e561dad4d625859"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: DvEI1KZSnxPvPut_cFstTQQraxG4XwuIBd1Eg5Rop7UuuFoPidkvgw==

GET
H2 200 ixos80bnj826ocpdiqb0kd92sp1hvobq.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 250 KB
251 KB 105ms
50ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ixos80bnj826ocpdiqb0kd92sp1hvobq.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b554b2ff87f79c6f80fa5e922ea38a05de0dd40662b860959ecc2fd8b8ad733

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:00:10 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 256399
last-modified: Fri, 07 Jun 2024 04:40:01 GMT
server: AmazonS3
etag: "d88214194c285c39c83b0cf4c045ea8d"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: PwRpRQfm1z46_b8zEX_zqJTblYbWqxeg_84V0Lzgbhso4W0oECpiBw==

GET
H2 200 9j7oru148hii9wis0pyr2kicimoqz72j.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 229 KB
230 KB 104ms
50ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/9j7oru148hii9wis0pyr2kicimoqz72j.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f046991ed636d342f4de5789d6bfc742ab8b112509ce4f020042a4919fd667b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:00:10 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 234469
last-modified: Sun, 09 Jun 2024 13:44:59 GMT
server: AmazonS3
etag: "e0d547bafefc0dc293d90f67425e466d"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: gNdhpUADS4DVwpRtCz7pl_UyiQ6W8u8ztNpoZRfkPk-qdhiL-YSEjQ==

GET
H2 200 9zupcf0y9xpnk03dsn9cxucl7pe13b6w.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 252 KB
252 KB 343ms
290ms Image
image/png 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/9zupcf0y9xpnk03dsn9cxucl7pe13b6w.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff292a14fa99ec6aebef4b01c3babc1ca4b13348ada9bc2a72c09574becc0806

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:00:10 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 257648
last-modified: Mon, 10 Jun 2024 03:36:40 GMT
server: AmazonS3
etag: "3eddc50bcd40b5e539ef8d317d3610f8"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: slom-ABV5eh8A3aAEuYkFQi3WcXXEwSivLvDGOSbQpgNvul_6_4oCA==

GET
H3 200 insights.bin Show response
ins.connatix.com/dc3d5b0cbda04eb0371afc0152462d4f/ Frame 94B1 432 B
538 B 54ms
54ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/dc3d5b0cbda04eb0371afc0152462d4f/insights.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 957c2f7ef1f2ac65b9ef4425976199b22163423b9782a0fc961c8b0e6f51f6b1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 10:11:40 GMT
server: cloudflare
etag: W/"d40f0bf2e199e4e79897784fd4aa07da"
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 892192f429025902-TXL
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jun 2025 12:23:44 GMT

GET
H2 200 3599139191892429866623471dd9192.32312584base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 8 KB
9 KB 71ms
50ms TextTrack
text/vtt 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/3599139191892429866623471dd9192.32312584base.en.vtt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d2b0e8556848162282ce9f067eaa426ae7c6a3659a1926de2fdac0aee1d6f3c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Origin: https://www.baltimoresun.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8322
last-modified: Thu, 06 Jun 2024 22:15:36 GMT
server: AmazonS3
etag: "c1d9908c99616ebf5bfc84c6215b7fb3"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: KrBAtzRvdk2F2R_f5VK5E86TACR_gkP4ga9DiKSU8Js1yANcX5Cviw==

GET
H3 200 74bf3b55-e8ac-4237-988a-c2827ec2ff1a.bin Show response
vid.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/ Frame 94B1 4 KB
2 KB 189ms
109ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/74bf3b55-e8ac-4237-988a-c2827ec2ff1a.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f28b1c761bb24927c4605cc72780c11cf5d92e2df8af388a8be0778859717fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: br
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 11 Jun 2024 00:25:07 GMT
server: cloudflare
etag: W/"4f129cc517c177e70bb8c54bcb2eeaa5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: *
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 892192f53fe0b5f1-WAW
access-control-allow-headers: range
xpid: ffd9f72b-5471-40c5-96db-6c23c6719c47
expires: Wed, 11 Jun 2025 12:23:44 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 94B1 400 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8ec0c1125303f14cb314046c17c44f93570c31c302b5ea0cc09e2311eb5122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140422
x-xss-protection: 0
expires: Tue, 11 Jun 2024 12:23:43 GMT

POST
H2 202 / Show response
pl.connatix.com/ Frame 94B1 2 B
59 B 386ms
238ms XHR
application/json 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.connatix.com/

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 892192f5caeab5fa-WAW
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H2 202 / Show response
pl.connatix.com/ Frame 94B1 2 B
279 B 339ms
191ms XHR
application/json 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.connatix.com/

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 892192f5cae8b5fa-WAW
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H2 202 / Show response
pl.connatix.com/ Frame 94B1 2 B
59 B 385ms
239ms XHR
application/json 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.connatix.com/

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 892192f5caebb5fa-WAW
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 94B1 627 B
0 0ms
0ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a14013722b8f0fedd1f5b7737766e368738960df55a5d93ac261ce293bc6ee67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
expires: Tue, 11 Jun 2024 12:23:43 GMT

GET
H2 200 bridge3.644.0_en.html
imasdk.googleapis.com/js/core/ Frame 7A13 0
0 0ms
0ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baltimoresun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 4228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 254691
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 11:13:15 GMT
expires: Wed, 11 Jun 2025 11:13:15 GMT
last-modified: Wed, 05 Jun 2024 19:38:43 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 94B1 44 KB
17 KB 142ms
47ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Jun 2024 12:23:44 GMT

GET
H2 200 bridge3.644.0_en.html
imasdk.googleapis.com/js/core/ Frame FEC3 0
0 0ms
0ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baltimoresun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 4228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 254691
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 11:13:15 GMT
expires: Wed, 11 Jun 2025 11:13:15 GMT
last-modified: Wed, 05 Jun 2024 19:38:43 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bridge3.644.0_en.html
imasdk.googleapis.com/js/core/ Frame B25F 0
0 0ms
0ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baltimoresun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 4228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 254691
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 11:13:15 GMT
expires: Wed, 11 Jun 2025 11:13:15 GMT
last-modified: Wed, 05 Jun 2024 19:38:43 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bridge3.644.0_en.html
imasdk.googleapis.com/js/core/ Frame A7AE 0
0 0ms
0ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.644.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baltimoresun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 4228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 254691
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 11:13:15 GMT
expires: Wed, 11 Jun 2025 11:13:15 GMT
last-modified: Wed, 05 Jun 2024 19:38:43 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 66A5 40 KB
14 KB 126ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 11 Jun 2024 13:22:25 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame ABFF 40 KB
0 127ms
127ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 11 Jun 2024 13:22:25 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5B69 40 KB
0 128ms
128ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 11 Jun 2024 13:22:25 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5A23 40 KB
0 129ms
129ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 11 Jun 2024 13:22:25 GMT

GET
H2 200 3599139191892429866623471dd9192.32312584.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 2 KB
858 B 77ms
77ms XHR
application/x-mpegurl 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/3599139191892429866623471dd9192.32312584.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cfba52773f58094a70e4714d55148bded411040c5e0dc079c5dd709ffa74665b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 1415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
last-modified: Thu, 06 Jun 2024 22:18:18 GMT
server: AmazonS3
etag: W/"bf3f4ea2c211682b0aca78fcd4e29d0b"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-id: at0HxW0c4bsHzWUGyBKpNHLYAoquAha50Hy-6H-KqTnHtOrHb2dAZg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame E7D8 23 B
361 B 462ms
78ms XHR
text/javascript 18.239.68.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&pid=1Wataj8OpeN9m&cb=0&ws=1600x1200&v=24.521.1732&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1%21stnvideo.com%2CSTN_0002637%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.68.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-68-199.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
via: 1.1 391671221007e4a70643cc0de549779c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.baltimoresun.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: a8MJDVyOZhKtUaZZngGf26r7uj8KFgjwYkMlxo4TlZbKn13SG58BOg==

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 113 KB
25 KB 418ms
47ms Script
application/javascript 2600:9000:2490:3000:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cbb37d9602261007a8f507a6d22f3feb0c677b7d55c01106b3087160fec04ce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: p67atOUVEwmwpzTK7rcSS5T358IOFhRa
content-encoding: gzip
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 01:30:41 GMT
x-amz-cf-pop: FRA56-P6
age: 39185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25573
x-amz-meta-etag: 7vgHxAFWbeAgqHML8q+FZg==
last-modified: Wed, 05 Jun 2024 04:30:34 GMT
server: AmazonS3
etag: "eef807c401566de020a8730bf2af8566"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=84600
accept-ranges: bytes
x-amz-cf-id: xWetW2h65W08afMr-Xxpoauu-VwJ9D-h6tvdvVETjQ03h5hnTCXBwg==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 506ms
126ms Image
image/png 16.182.108.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=c48ac298618c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.108.201 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 12:23:45 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: F5XW4F72WR60TM7V
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: vAUoMCrDZLf48MbEC2REh/WjK4/F2tIcEIcCi3DlvVrcVRDeg7fc1dHqgmujL91NDPojDWq2HQg=

POST
H3 200 ao Show response
capi.connatix.com/tr/ Frame 94B1 0
315 B 119ms
118ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=498070&tier=1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 892192f64be8b627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 20
alt-svc: h3=":443"; ma=86400

POST
H3 200 ps Show response
capi.connatix.com/tr/ Frame 94B1 0
315 B 125ms
125ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=498070&tier=1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 892192f65c04b627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 20
alt-svc: h3=":443"; ma=86400

GET
H3 200 1.png
img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/ffd9f72b-5471-40c5-96db-6c23c6719c47/ 9 KB
10 KB 88ms
69ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/ffd9f72b-5471-40c5-96db-6c23c6719c47/1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03fa35f39c0110cddddebd962d7d01d74cebd691d439ced85c89ca3d44687e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9382
cf-resized: internal=ok/h q=0 n=29+0 c=0+23 v=2024.3.2 l=9382
last-modified: Tue, 17 May 2022 17:52:45 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfCHpazz1usnDWNmQlkow4qnBfsZ7-Tzt04sSdBa-5DQ:cd9bde0ed91658bbe1201a7189581313"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f67c30b627-WAW
access-control-allow-headers: range
xpid: ffd9f72b-5471-40c5-96db-6c23c6719c47

GET
H3 200 f779b761-e1f5-4d79-952c-3d2f5ed2d1ea.jpg
img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/ 24 KB
24 KB 90ms
72ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/f779b761-e1f5-4d79-952c-3d2f5ed2d1ea.jpg?crop=711:472,smart&width=711&height=472&quality=60&fit=crop

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0299bd9025e5654cc52082640c5b1cc02d958c773f3fe3d81e5b1e915bee36

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 24260
cf-resized: internal=ok/h q=0 n=21+0 c=5+60 v=2024.6.0 l=24260
last-modified: Tue, 11 Jun 2024 00:25:06 GMT
cf-bgj: imgq:61,h2pri
server: cloudflare
etag: "cfjHbmdV2W_3BZO9_BaOlDcuTRGEB2rhpxXz_sJ71aDQ:1e8bbd19430f8d8aa22f553c022b35ef"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f67c2db627-WAW
access-control-allow-headers: range
xpid: ffd9f72b-5471-40c5-96db-6c23c6719c47

POST
H3 200 sr Show response
capi.connatix.com/tr/ Frame 94B1 0
315 B 121ms
120ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=498070&tier=1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 892192f65c12b627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 20
alt-svc: h3=":443"; ma=86400

GET
H3 200 f779b761-e1f5-4d79-952c-3d2f5ed2d1ea.jpg
img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/ 20 KB
20 KB 118ms
114ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

902ca28cb295f9a503634557ecb7148269d6eeffeb8bd3d4ce375e66435138d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 20470
cf-resized: internal=ok/h q=0 n=22+0 c=6+54 v=2024.6.0 l=20470
last-modified: Tue, 11 Jun 2024 00:25:06 GMT
cf-bgj: imgq:61,h2pri
server: cloudflare
etag: "cfjHbmdV2W_3BZO9_BaOlDcuTRrYwVhglBS1ZcR4K9DQ:1e8bbd19430f8d8aa22f553c022b35ef"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f67c32b627-WAW
access-control-allow-headers: range
xpid: ffd9f72b-5471-40c5-96db-6c23c6719c47

GET
H3 200 75a00142-4587-49cd-b050-a09fba1fbe07.jpg
img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/ 25 KB
25 KB 73ms
73ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/75a00142-4587-49cd-b050-a09fba1fbe07.jpg?crop=711:400,smart&width=711&height=400&quality=60&fit=crop

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de969d201fbf9be47f3a36e17e742a0591aae4f74e9413290dcbc513e40dcc18

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 25380
cf-resized: internal=ok/h q=0 n=44+0 c=6+61 v=2024.6.0 l=25380
last-modified: Tue, 11 Jun 2024 00:25:06 GMT
cf-bgj: imgq:61,h2pri
server: cloudflare
etag: "cfd5aYpCwK46Dh3kHTKqM46fd0rYwVhglBS1ZcR4K9DQ:d3f2e5e9297595ab1f4213692d04a63f"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f68c57b627-WAW
access-control-allow-headers: range
xpid: ffd9f72b-5471-40c5-96db-6c23c6719c47

GET
H3 200 17207e08-0006-4df1-9a63-8ad10771d104.jpg
img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/ 17 KB
18 KB 92ms
92ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/17207e08-0006-4df1-9a63-8ad10771d104.jpg?crop=711:400,smart&width=711&height=400&quality=60&fit=crop

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9f9e5f21b0953412bfc935d3ffdc0f59daafe8589973c07621e82af48c21645

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 17794
cf-resized: internal=ok/h q=0 n=24+0 c=6+57 v=2024.6.0 l=17794
last-modified: Tue, 11 Jun 2024 00:25:06 GMT
cf-bgj: imgq:61,h2pri
server: cloudflare
etag: "cf918m4Bg6iRY8lcNSE6M0K-IWrYwVhglBS1ZcR4K9DQ:756316e58380fc51ee49829f286fd672"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f6ac95b627-WAW
access-control-allow-headers: range
xpid: ffd9f72b-5471-40c5-96db-6c23c6719c47

GET
H3 200 1a701395-56c5-44d9-8835-657dab5a9188.jpg
img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/ 20 KB
20 KB 80ms
80ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/1a701395-56c5-44d9-8835-657dab5a9188.jpg?crop=711:400,smart&width=711&height=400&quality=60&fit=crop

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2aeaafe1df000272cff7bf33fdc0bb1886a6b3a2a714da7c1da6902b6e9e58

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 20094
cf-resized: internal=ok/h q=0 n=28+0 c=12+55 v=2024.6.0 l=20094
last-modified: Tue, 11 Jun 2024 00:25:06 GMT
cf-bgj: imgq:61,h2pri
server: cloudflare
etag: "cfzqH6cFsUIS2FfCFvR1DaIB-irYwVhglBS1ZcR4K9DQ:5f9d4d933496d978d6cadca6fbd23757"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f6ac98b627-WAW
access-control-allow-headers: range
xpid: ffd9f72b-5471-40c5-96db-6c23c6719c47

GET
H3 200 76894c66-ecc4-4af9-99f2-8e70d6134e56.jpg
img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/ 12 KB
12 KB 89ms
89ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/pid-ffd9f72b-5471-40c5-96db-6c23c6719c47/cd76cf86-c3b1-473b-bb47-577cfbe91db9/76894c66-ecc4-4af9-99f2-8e70d6134e56.jpg?crop=711:400,smart&width=711&height=400&quality=60&fit=crop

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

173832386ba66a697a84e068deb21134eba17acfb6700ab595b0fa87c717e917

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 11996
cf-resized: internal=ok/h q=0 n=32+0 c=5+57 v=2024.6.0 l=11996
last-modified: Tue, 11 Jun 2024 00:25:06 GMT
cf-bgj: imgq:61,h2pri
server: cloudflare
etag: "cfFWZRfG5g8VhMxnDT0KjqUTa6rYwVhglBS1ZcR4K9DQ:225499a3918d1046ea74d4cb91f160f4"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 892192f6ed0cb627-WAW
access-control-allow-headers: range
xpid: ffd9f72b-5471-40c5-96db-6c23c6719c47

GET
H2 200 3599139191892429866623471dd9192.32312584-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 266 KB
267 KB 488ms
487ms XHR
video/mp2t 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/3599139191892429866623471dd9192.32312584-00001.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e09e9c3abd67f6b0163a6b2de92a7936c7cc9422f3e4499cf94b36e8c33211b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:45 GMT
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 272224
last-modified: Thu, 06 Jun 2024 22:15:15 GMT
server: AmazonS3
etag: "f25ae7afbb2faaa7efca1f8421622b75"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 7Cbhb9urLzPELwPdM3kO8eTmd0gSe6Oa6ROCkdNZ3oAHcxURIyrX2Q==

POST
H3 200 g Show response
capi.connatix.com/rtb/ Frame 94B1 0
315 B 119ms
119ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=498070&tier=1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Sec-CH-UA-Full-Version-List: "Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
X-Sec-CH-UA-Bitness: 64
X-Sec-CH-UA-Arch: x86
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data
Referer
X-Sec-CH-UA-Platform-Version: 10.0.0
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 892192f91cdeb620-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 20
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 g
capi.connatix.com/rtb/ Frame 0
0 418ms
110ms Preflight 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=498070&tier=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sec-ch-ua-arch,x-sec-ch-ua-bitness,x-sec-ch-ua-full-version-list,x-sec-ch-ua-platform-version
Access-Control-Request-Method: POST
Origin: https://www.baltimoresun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
access-control-allow-origin: https://www.baltimoresun.com
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 892192f86ba2b620-WAW
content-length: 0
date: Tue, 11 Jun 2024 12:23:44 GMT
server: cloudflare

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
0 0ms
0ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1259
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4eb17760-601e-0096-44f7-bb2484000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Tue, 11 Jun 2024 12:53:42 GMT

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
3 KB 252ms
49ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 204955
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 327f926d-d01e-008b-0c1d-baf3d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 TRIBUNE__200CONFIGTRIB__200.json Show response
engage.theoaklandpress.com/prod/data/dfm/ 384 KB
26 KB 429ms
429ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.theoaklandpress.com/prod/data/dfm/TRIBUNE__200CONFIGTRIB__200.json?_=1718108624475
Requested by: Host: engage.theoaklandpress.com
URL: https://engage.theoaklandpress.com/prod/dfm/t8y9347t.min.js?2024511
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 800270ee0c484cc3c2900792c7b1ac5c0334eb8833ffd1860788700960da21bc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: AppendBlob
date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 15:25:18 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count: 1
etag: 0x8DC83E16040A6E2
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: efd59bec-601e-009e-15fa-bbe460000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
content-length: 26730

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 387ms
141ms Image
image/jpeg 3.5.11.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.11.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 12:23:45 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: F5XNMZNM2Q03VATK
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: PRQXifMuW+yZ0qJo5wlw4sp7uAt1l1VIbCooKSsF4MDcOtk0KpRxwS9i51G0WBJlwbC4+3V8ACJnCBVfCGoG7w==
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
BLOB 200
OK 87ef6d9e-e087-4577-acc8-41e1496c758f
https://www.baltimoresun.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.baltimoresun.com/87ef6d9e-e087-4577-acc8-41e1496c758f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 366 KB
111 KB 81ms
81ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9c6aa4fc5ed4a4f13344ded9f198525252c0c282915d8b94727d16dfb9470276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113238
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 12:23:44 GMT

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 189 B
293 B 45ms
44ms XHR
application/json 20.50.88.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0b5013409a4dd0a10edb90daa4c92c08dd5277ece8ef414ea7288352bad7bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.baltimoresun.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 12:23:45 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

GET
H2 200 3599139191892429866623471dd9192.32312584.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 2 KB
856 B 466ms
466ms XHR
application/x-mpegurl 18.239.50.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/3599139191892429866623471dd9192.32312584.m3u8
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-24.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6bdf056e317b089306b1ac9780007705d9b444dacf2a08c8a0d52b891d09a78

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:46 GMT
content-encoding: gzip
via: 1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
last-modified: Thu, 06 Jun 2024 22:18:18 GMT
server: AmazonS3
etag: W/"fae91bbdfebbab11f73797688ab97d37"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-id: tOwQvEM8Gm3OZ0rPNDtWpC8oYaLMUAo4RpRiYyghtnEYjcAi253i7A==

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 372ms
86ms Preflight 20.50.88.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.baltimoresun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Tue, 11 Jun 2024 12:23:44 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 202 / Show response
pl.connatix.com/ Frame 94B1 2 B
82 B 180ms
180ms XHR
application/json 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.connatix.com/

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Jun 2024 12:23:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 892192fbbcc4b5fa-WAW
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 90 B
1 KB 212ms
212ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=41be531f60c8aa36ebde32b0873277a7&ConfigCode=200CONFIGTRIB&SiteCode=TRIBUNE&SettingsKey=200
Requested by: Host: engage.theoaklandpress.com
URL: https://engage.theoaklandpress.com/prod/dfm/t8y9347t.min.js?2024511
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
source-system: Plugin
site-code: TRIBUNE
autoqa: false
Accept-Language: de-DE,de;q=0.9;q=0.9
settingskey: 200
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3OTAxMDg2MjR9.CVs_glxfv4NMzrYlJVKO0NcR3YSTY9mP73icwWeE7bk
ssid: 3d4f45bc06814353c23f0ce62a9e9754
environment: prod
config-code: 200CONFIGTRIB
sec-ch-ua-platform: "Win32"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json
access-control-allow-origin: *
accept: application/json
attr: 200
location: System
Referer: https://www.baltimoresun.com/
version: Version: 2.8.7.0

Response headers

Expires: -1
Pragma: no-cache
Date: Tue, 11 Jun 2024 12:23:46 GMT
Content-Encoding: gzip
X-Server-Time: 6/11/2024 12:23:47 PM
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 193
Request-Context: appId=cid-v1:e25a1423-7dd5-4148-86bb-c585794477bc

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 699ms
161ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=41be531f60c8aa36ebde32b0873277a7&ConfigCode=200CONFIGTRIB&SiteCode=TRIBUNE&SettingsKey=200
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.baltimoresun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 11 Jun 2024 12:23:46 GMT
X-Powered-By: ASP.NET

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
0 0ms
0ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 11 Jun 2024 12:23:44 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 204955
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 327f926d-d01e-008b-0c1d-baf3d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
0 0ms
0ms Image
image/jpeg 3.5.11.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.11.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 12:23:45 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: F5XNMZNM2Q03VATK
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: PRQXifMuW+yZ0qJo5wlw4sp7uAt1l1VIbCooKSsF4MDcOtk0KpRxwS9i51G0WBJlwbC4+3V8ACJnCBVfCGoG7w==
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 impl.20240604-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 896 KB
182 KB 41ms
40ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b206e457a3afb3c34f989018276af92d522aad5e46e445dcea675fbfe2ce042e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: v22jn3tKXWJ8OUG8MefqtxgJM_OmKEUn
content-encoding: br
via: 1.1 varnish
date: Tue, 11 Jun 2024 12:23:47 GMT
x-amz-request-id: DSWGXVYG3M93AS3G
age: 12740
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185947
x-amz-id-2: zGRIm/JZx0fcs2pCTj0lsdqQS13ITosBNmBZEAadqDP7w7k4vDhz2lB/AOa26J0lskMP7DNMsic=
x-served-by: cache-fra-etou8220116-FRA
last-modified: Tue, 04 Jun 2024 08:51:24 GMT
server: AmazonS3-br
x-timer: S1718108628.935398,VS0,VE0
etag: "4c698741f9f32e52fe747d15882bf0e5"
vary: Accept-Encoding
content-type: application/javascript
abp: 86
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 33181

POST
H2 200 json Show response
trc.taboola.com/tribunedigital-baltimoresun/trc/3/ 110 KB
31 KB 961ms
950ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tribunedigital-baltimoresun/trc/3/json?llvl=2&tim=14%3A23%3A47.916&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CQAC8MAQAC8MAEXjCADEArEwAAAAAEPgAAYgAAALzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAA%22%2C%22gwto%22%3Atrue%2C%22id%22%3A%2214199%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1718108627916%2C%22cv%22%3A%2220240604-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22ccpa_ps%22%3A%221---%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F%22%2C%22vpi%22%3A%22%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A4000%2C%22dh%22%3A7438%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cd%22%3A5629.58%2C%22mw%22%3A954.88%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cd%22%3A823.27%2C%22mw%22%3A304.95%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%7D%2C%22cacheKey%22%3A%22text%3D%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Dtribunedigital-network%3Aabp%3D0%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1717492514864%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Atrue%2C%22su%22%3Atrue%7D%7D
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4eeeac1f16656aacd503adf64f2f367fc6ff13ebb198bc3cef8e620c87d6a321

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 911
date: Tue, 11 Jun 2024 12:23:48 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.7072916666666668
x-fastly-to-nlb-rtt: 7574
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220116-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1718108628.950546,VS0,VE911
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.baltimoresun.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 card-interference-detector.20240604-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 39ms
39ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20240604-4-RELEASE.es6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45004dad80fd9df9d6a76a76aee81f2780e53cb8e612718b5f5031bdafc4d2c9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Cyoc_GUeFQQzYbdT4eSmf0SO93wK7eGh
content-encoding: gzip
via: 1.1 varnish
date: Tue, 11 Jun 2024 12:23:48 GMT
x-amz-request-id: AJA3H43022RFHD9X
age: 12039
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2180
x-amz-id-2: +TpcHndVNyxltqfUyyOslt4PiF2Utm+g7WZxPKot4WLaPWSGC7CFQWnDX3nxubc2YYLEt9QJT2c=
x-served-by: cache-fra-etou8220116-FRA
last-modified: Tue, 11 Jun 2024 09:03:09 GMT
server: AmazonS3
x-timer: S1718108628.053920,VS0,VE0
etag: "2cc6b5107ca7251654d68c4908735175"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4669

OPTIONS
H/1.1 200
OK delete
prod-dfm-proxy-connext.azurewebsites.net/api/views/user/ Frame 0
0 223ms
223ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views/user/delete?UserId=41be531f60c8aa36ebde32b0873277a7&ConfigCode=200CONFIGTRIB&SiteCode=TRIBUNE&SettingsKey=200&conversationId=104470
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.baltimoresun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 11 Jun 2024 12:23:47 GMT
X-Powered-By: ASP.NET

GET
H/1.1 200
OK delete Show response
prod-dfm-proxy-connext.azurewebsites.net/api/views/user/ 0
806 B 258ms
258ms Fetch 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views/user/delete?UserId=41be531f60c8aa36ebde32b0873277a7&ConfigCode=200CONFIGTRIB&SiteCode=TRIBUNE&SettingsKey=200&conversationId=104470
Requested by: Host: engage.theoaklandpress.com
URL: https://engage.theoaklandpress.com/prod/dfm/t8y9347t.min.js?2024511
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
source-system: Plugin
site-code: TRIBUNE
autoqa: false
Accept-Language: de-DE,de;q=0.9;q=0.9
settingskey: 200
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3OTAxMDg2MjR9.CVs_glxfv4NMzrYlJVKO0NcR3YSTY9mP73icwWeE7bk
ssid: 3d4f45bc06814353c23f0ce62a9e9754
environment: prod
config-code: 200CONFIGTRIB
sec-ch-ua-platform: "Win32"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json
access-control-allow-origin: *
accept: application/json
attr: 200
location: System
Referer: https://www.baltimoresun.com/
version: Version: 2.8.7.0

Response headers

Expires: -1
Pragma: no-cache
Date: Tue, 11 Jun 2024 12:23:47 GMT
X-Server-Time: 6/11/2024 12:23:48 PM
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 0
Request-Context: appId=cid-v1:e25a1423-7dd5-4148-86bb-c585794477bc

POST
H2 204 debug
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/ 0
132 B 188ms
43ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/debug?type=info&msg=page%2C%20info%2C%20injected%20RTUS%20service&lt=trecs&tvi2=15278&tvi50=9864&tvi61=17311&tvi62=15708&tim=14%3A23%3A48.893&id=72697&cv=20240604-4-RELEASE&llvl=2&pct=0.05
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41416

POST
H2 204 debug
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/ 0
132 B 188ms
43ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi2=15278&tvi50=9864&tvi61=17311&tvi62=15708&tim=14%3A23%3A48.894&id=1559&cv=20240604-4-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41416

POST
H2 204 debug
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/ 0
133 B 186ms
41ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20above-the-feed-premium-card-yh-delta&lt=trecs&tvi2=15278&tvi50=9864&tvi61=17311&tvi62=15708&tim=14%3A23%3A48.894&id=68241&cv=20240604-4-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41416

POST
H2 204 debug
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/ 0
132 B 186ms
42ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/debug?type=warn&msg=Placements%20With%20no%20Content%3A%20Below%20Article%20Thumbnails%20%7C%20Injected%201&lt=trecs&tvi2=15278&tvi50=9864&tvi61=17311&tvi62=15708&tim=14%3A23%3A48.894&id=96888&cv=20240604-4-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41416

POST
H2 204 debug
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/ 0
132 B 187ms
42ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi2=15278&tvi50=9864&tvi61=17311&tvi62=15708&tim=14%3A23%3A48.894&id=18650&cv=20240604-4-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41416

POST
H2 204 debug
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/ 0
132 B 187ms
42ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20above-the-feed-premium-card-yh-delta&lt=trecs&tvi2=15278&tvi50=9864&tvi61=17311&tvi62=15708&tim=14%3A23%3A48.894&id=68798&cv=20240604-4-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41416

POST
H2 204 debug
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/ 0
132 B 43ms
42ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/2/debug?type=warn&msg=Placements%20With%20no%20Content%3A%20Below%20Article%20Thumbnails%20%7C%20Injected%201&lt=trecs&tvi2=15278&tvi50=9864&tvi61=17311&tvi62=15708&tim=14%3A23%3A48.894&id=13432&cv=20240604-4-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
date: Tue, 11 Jun 2024 12:23:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41779

POST
H2 204 metrics
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/3/ 0
250 B 43ms
43ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/3/metrics?route=AM%3AAM%3AV&lti=trecs
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
pragma: no-cache
date: Tue, 11 Jun 2024 12:23:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 abtests
am-trc-events.taboola.com/tribunedigital-baltimoresun/log/3/ 0
250 B 43ms
42ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/tribunedigital-baltimoresun/log/3/abtests?route=AM%3AAM%3AV&lti=trecs&tvi2=15278&tvi50=9864&tvi61=17311&tvi62=15708&ri=c95b201b7975599b4af62086d418ce07&sd=v2_108e2118eee7f1d33056862c058c5e3f_86cf6e57-ff11-4d84-a68d-0646e5d794ae-tuctd61c753_1718108627_1718108627_CNawjgYQrso9GMzHhLqAMiABKAEwODib4wlAgYoQSKq22QNQ____________AVgBYABoppvJ7d37u7UDcAA&ui=86cf6e57-ff11-4d84-a68d-0646e5d794ae-tuctd61c753&pi=%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship&wi=403206137477725952&pt=text&vi=1718108627916&tim=14%3A23%3A48.896&id=53394&llvl=2&cv=20240604-4-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1718108628896%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.baltimoresun.com
pragma: no-cache
date: Tue, 11 Jun 2024 12:23:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 200 abt Show response
capi.connatix.com/tr/ Frame 94B1 9 B
319 B 138ms
138ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=498070&tier=1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef7656f16576cbf8d452c43e88920d693458739219fc003f448406fcb6e7ffe3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 11 Jun 2024 12:23:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8921931468f8b627-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 24
alt-svc: h3=":443"; ma=86400

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 118ms
118ms Ping
image/gif 3.230.91.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=XpOTkUKgy5vATbd1&instance=298147132&version=7.32.19-A&age=240611&ldt=BIDS&key=NCG8U5Yj&c_id=4643&seq=1&order=5&vIndex=0&absoluteTime=7737.9&relativeTime=6176.7&type=stnplayer&sm_id=3666730&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=14539&load=1&status=LVFPLNIN&ac_id=2008&bidIndex=1&prebid.cid=0&adIndex=-1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-157.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:49 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 118ms
118ms Ping
image/gif 3.230.91.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=XpOTkUKgy5vATbd1&instance=298147132&version=7.32.19-A&age=240611&ldt=NO_IMP&key=NCG8U5Yj&c_id=4643&seq=1&order=6&vIndex=0&absoluteTime=8315.7&relativeTime=6754.5&type=stnplayer&sm_id=3666730&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=14539&load=1&status=LVFPLNIN&ac_id=2008&adIndex=-1&DS=NA&plcmt=1&placement=1&eg.enabled=true&eg.delay=5&eg.ctdwn=5&eg.vl=10&eg.mid=rm&eg.source=p7&eg.time=false
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-157.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:49 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ Frame E7D8 43 B
299 B 43ms
42ms Image
image/gif 18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1718108623980&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=284989&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3666730&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1718108629863&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5883&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Better%20Collective&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F&c8=&c9=https%3A%2F%2Fwww.baltimoresun.com%2F2024%2F06%2F05%2Fsophi-wrisk-lacrosse-tampa-national-championship%2F
Requested by: Host: www.baltimoresun.com
URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:49 GMT
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: Wmsev-pRMIGLLf-5SdfQcOMxASDajM2zxA8vpUun1ODv9dSeMY00sw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 119ms
119ms Ping
image/gif 3.230.91.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=XpOTkUKgy5vATbd1&instance=298147132&version=7.32.19-A&age=240611&cmd=INV&key=NCG8U5Yj&c_id=4643&seq=1&order=7&vIndex=0&absoluteTime=8319.4&relativeTime=6758.2&type=stnplayer&alt=0&sC_ID=14539&sm_id=3666730&load=1&status=LVFPLNIN&ac_id=2008&EXTREF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&REF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&playerCfg=FL&playerType=FLOAT
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-157.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:49 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 120ms
120ms Ping
image/gif 3.230.91.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=XpOTkUKgy5vATbd1&instance=298147132&version=7.32.19-A&age=240611&cmd=PLAY&key=NCG8U5Yj&c_id=4643&seq=1&order=8&vIndex=0&absoluteTime=8319.6&relativeTime=6758.4&type=stnplayer&alt=0&sC_ID=14539&sm_id=3666730&load=1&status=LVFPLNIN&ac_id=2008&EXTREF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&REF=https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/&playerCfg=FL&playerType=FLOAT&pposition=float&floattype=s&smVersion=2&smPlaylist=smart
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.32.19-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-157.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.baltimoresun.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:49 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H3 200 g Show response
capi.connatix.com/rtb/ Frame 94B1 0
315 B 114ms
114ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=498070&tier=1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/498070/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Sec-CH-UA-Full-Version-List: "Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
X-Sec-CH-UA-Bitness: 64
X-Sec-CH-UA-Arch: x86
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data
Referer
X-Sec-CH-UA-Platform-Version: 10.0.0
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 12:23:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.baltimoresun.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8921931c7858b620-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 20
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 g
capi.connatix.com/rtb/ Frame 0
0 115ms
114ms Preflight 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=498070&tier=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sec-ch-ua-arch,x-sec-ch-ua-bitness,x-sec-ch-ua-full-version-list,x-sec-ch-ua-platform-version
Access-Control-Request-Method: POST
Origin: https://www.baltimoresun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
access-control-allow-origin: https://www.baltimoresun.com
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8921931bbefeb620-WAW
content-length: 0
date: Tue, 11 Jun 2024 12:23:50 GMT
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.baltimoresun.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092

Verdicts & Comments Add Verdict or Comment

314 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.baltimoresun.com/	1970-01-21 01:34:20	Name: _pnss_4yIaTHfS Value: none
mng-prod.auth0.com/	1970-01-21 06:01:06	Name: did Value: s%3Av0%3A71257f70-27ed-11ef-a657-33be179d3b9a.GFTbMajSvE7TV9%2BTqs9crPqdQWshRtUAggeecvY8fJw
.connatix.com/	1970-01-20 21:35:18	Name: cnx_userId Value: 4ffb4188ec694b7196a462d986d915f5
.baltimoresun.com/	1970-01-21 06:00:44	Name: slo_flag Value: true
.baltimoresun.com/	1970-01-21 06:00:44	Name: anonDeviceId Value: 41be531f60c8aa36ebde32b0873277a7
.baltimoresun.com/	1970-01-21 06:00:44	Name: nxt_last_visit Value: 1718108624472
.baltimoresun.com/	1970-01-21 06:00:44	Name: nxt_upd_ac_TRIBUNE_200CONFIGTRIB_PROD Value: 1
.baltimoresun.com/	1970-01-21 06:00:44	Name: nxt_TRIBUNE_200CONFIGTRIB_PROD Value: {%222%22:{%22104160%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:1718108628130%2C%22far%22:0%2C%22frp%22:[]}%2C%22104470%22:{%22ac%22:0%2C%22ac_d%22:0%2C%22s%22:1718108628106%2C%22far%22:0%2C%22frp%22:[]}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:%22104160%22}}

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js Message: Unrecognized feature: 'browsing-topics'.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/undefined Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.baltimoresun.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092' from origin 'https://www.baltimoresun.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.baltimoresun.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: about:blank Message: The resource https://cds.connatix.com/p/498070/playspace.hls.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other	warning	URL: https://www.baltimoresun.com/2024/06/05/sophi-wrisk-lacrosse-tampa-national-championship/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
accounts.google.com
ajax.googleapis.com
am-trc-events.taboola.com
ams-pageview-public.s3.amazonaws.com
api-mg2.db-ip.com
az416426.vo.msecnd.net
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cdn.auth0.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.p-n.io
cdn.parsely.com
cdn.pranmcpkx.com
cdn.resonate.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.connatix.com
cmp.osano.com
config.aps.amazon-adsystem.com
d15kdpgjg3unno.cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
d250.baltimoresun.com
d29xw9s9x32j3w.cloudfront.net
dc.services.visualstudio.com
embed.sendtonews.com
embedcdn.sendtonews.com
engage.theoaklandpress.com
fonts.googleapis.com
fonts.gstatic.com
fp.theoaklandpress.com
g2i.theoaklandpress.com
htlbid.com
i0.wp.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
lit.connatix.com
loader-config.baltimoresun.com
mng-prod.auth0.com
mp.mmvideocdn.com
p1.parsely.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pl.connatix.com
player-files.remixd.com
player.sendtonews.com
playlist.stnvideo.com
polyfill.io
prod-dfm-proxy-connext.azurewebsites.net
pubads.g.doubleclick.net
pubcast-files.remixd.com
s.ntv.io
s.w.org
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.app
securepubads.g.doubleclick.net
session.baltimoresun.com
stats.wp.com
tags.remixd.com
trc.taboola.com
vid.connatix.com
www.baltimoresun.com
www.googletagmanager.com
c.amazon-adsystem.com
104.17.24.14
104.18.13.242
104.18.41.104
104.26.4.15
108.138.192.67
108.138.6.136
108.156.60.6
13.85.16.224
141.226.228.48
142.250.184.226
142.250.185.72
142.250.185.98
142.250.74.202
151.101.1.44
151.101.65.229
16.182.108.201
172.217.16.194
172.217.18.3
172.64.146.152
18.173.205.108
18.173.206.9
18.239.36.104
18.239.36.96
18.239.50.24
18.239.68.199
18.244.18.27
18.245.31.65
18.245.31.78
18.66.112.102
18.66.122.53
192.0.66.202
192.0.76.3
192.0.77.2
192.0.77.48
199.36.158.100
20.50.88.241
23.212.213.167
2600:9000:2251:800:e:8add:c340:93a1
2600:9000:225e:6800:1:a3fa:7cc0:93a1
2600:9000:2449:1e00:10:474e:104a:2961
2600:9000:2449:3800:3:b7e:8940:93a1
2600:9000:2449:e600:3:b7e:8940:93a1
2600:9000:2490:3000:11:b309:9100:21
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3110::6812:3303
2606:4700::6811:ffb6
2a00:1450:4001:801::200a
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2006
2a00:1450:4001:829::200a
2a00:1450:400c:c02::54
2a04:4e42:200::485
3.161.77.50
3.230.91.157
3.5.11.17
3.90.194.146
35.162.0.228
35.190.38.143
52.17.99.225
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
03cf6736d92a0fba41f8971f44a76568795a136d6b86726af0a2d1adc136d91f
0556f5a404d504337b76c849445e879f661497c025ba829a3b343a7ba2e29220
05708eefbd8ed203ccd6b7bd60b96384a1c1100365e1ad6de9b2df4d8e490bed
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
0694ab212a520188abc110c40e119f22a0dc2df6d2553be3d7fa64f3fa924aef
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
110b661dd0a63be072cbb6d5429c35b831706b3d6e615574ba5b85ad66b38e5a
110fab73d60066f8ae480c2a8e5e7fa48543f79715bc063138f17919e8a0b5b3
117a41aea81886b9a09b1e5a356cf2f9da046673aa723365dee6c2255d9fc192
120bad7da1aca0e414e69e43d041c5e603a94f1bfd063cc039b194bbedb14fbd
12284eee6b8ab7860b76e17ab31bbe85be1063e473b04ae17afec057ac7835b7
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
130595b5e486155e030d83f552b41a8b2cdad662c2a2777fb0f95715c6e2672a
173832386ba66a697a84e068deb21134eba17acfb6700ab595b0fa87c717e917
19834bbf3915deb1419f6135eed5a07c5195740af4b4a569da28506d6915d523
1a9fea256a303496c4f60a68be48c3f4334097a11350e2a187859ea621bcd5c1
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
1f47ddb5ae4db6b65d0f2d41d1b2ea1746a93efe62139714e08392709f08af33
22909b9d90ba5d88eeb07db3bf5fc0f15d471ffa0a481039944003dea383811b
2aac0bc8b2f0c6beb5c144730b8f705d8ea571fb2c5e59b04b20b8c431ef77f1
2b554b2ff87f79c6f80fa5e922ea38a05de0dd40662b860959ecc2fd8b8ad733
2c95bbac8e167a1fd9297768d9c45d1f50db54733b750ae889b3a5efd2fae8fa
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
37b532c6737ea2312b5a2b90b4476428a552552f559ee2def8dd6064b81ff754
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c
38decf7df40e0a2697b2927061b78a370efee2059686085c39a16e146aaf5a9f
391e2e6afed795620cb639297047cbb5be8381c737879bf0fad3a9309c54d4a4
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3cbb37d9602261007a8f507a6d22f3feb0c677b7d55c01106b3087160fec04ce
3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45004dad80fd9df9d6a76a76aee81f2780e53cb8e612718b5f5031bdafc4d2c9
46593633bf055c5b86dee0978c9a58bd038fa0d51360bd1c7b58201968fc5109
4866e8a065e67b39e434c0634bd78597919e714ef8de7321ffd70c5fd03cde01
4b2944963396369c142b157d6f3700425936a7bcac540583e19441fbd829839c
4b64ec986c5640bc35c15c347fbad72cb38d2d53c95cb05432eab5ca32e89fe4
4d04e98fa76e2cdba4b0b45b0b206b13de39ff72f6371b7d97ed515e21646722
4d2b0e8556848162282ce9f067eaa426ae7c6a3659a1926de2fdac0aee1d6f3c
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4eeeac1f16656aacd503adf64f2f367fc6ff13ebb198bc3cef8e620c87d6a321
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
5000f0e689a7c0c1670c8e994cfba91b190d0f125e895696cccddcf4cf3d04ef
50c424f3d98ef952223b48b4e982231d264ae0b7415a56445cbcd5ea9c9edcdd
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53102017f735a43ba0757d0c93c3238292670bdd63c87571f1c064a2dd214f87
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5970ffac3566ed4999bb38ea75fa5aac38cea3e2e2db693f5d71332ebbade514
5a0299bd9025e5654cc52082640c5b1cc02d958c773f3fe3d81e5b1e915bee36
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387
5ed681717a4679f291aa6076a88951cc5dea77f2e85ad52009f35c9eca5662e0
5fd411901dd57257a53928db21bd5656edef5d9849dba59317af45c4344362df
61b47b3e9c26f6d607fb9eb5e3cc8faccb583d5b4d6ff4de8fcd64b60042e1ed
632fc09dba15d0701ede125193205b9f0968ba54927166e851a20c6f431965e2
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6b2aeaafe1df000272cff7bf33fdc0bb1886a6b3a2a714da7c1da6902b6e9e58
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6e925704d54cb828c7052b70b5ada8f2ceb9c8e2302ee5b49cc6714ac816bfcf
6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31
6f28b1c761bb24927c4605cc72780c11cf5d92e2df8af388a8be0778859717fb
6ffdbde5525c0f91c0b7a999645cf1c30811576d7ce82699d7fdafaa06c1487f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7510cc92013c2cd6c8271e3435539d9870044945e4a50151a50b18e61ee4ba83
752d5894ea972b91227ae1fc84e3b11f91bf36d036e0aaf719355f4cb97ccfd0
75ceed48d895a0bc43a3674b7ab454b87603e07b19b0c39ccaf6bda50a66b78d
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
794d444f814675361a19cff0e4169285c1c2ef8d1a3125718e584ce05d8f584f
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7a471672f3f91ad82285192cae07b7e06f4b2baddec73d8e6898a1a445f5d0ea
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
7fce1e44dba22837c7c5a0f4c62ed4c01b79def2d3b962f6361c4169358c21cc
800270ee0c484cc3c2900792c7b1ac5c0334eb8833ffd1860788700960da21bc
818b515528e75d20a6c1714a3b808a2877a724d51c984a0bd9e8c244ce9ce3d8
81b83a53b5c5f63a17b709a824dca9c3931fbdf4b91d4a60df9af4ea86a70b77
81ebc88cc433939f2d4045564c665395907f769368558787d8800bd8d64104f8
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8326beb9639a522a44364f3635e2bafb7e5efba5bc67113b80a742d54346d4e6
874878c782a3f569ffc46afe8fac801cfa483605f1988866fe68253905e75a20
87ed2d6930b5010994c63cd7908ab44a6cdded82008f41b82aa5f82278e8e89a
89ca862aa5275d09c035a7888cdee5ee1d029263ec02227bc8e50b9b70e841cc
902ca28cb295f9a503634557ecb7148269d6eeffeb8bd3d4ce375e66435138d6
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
957c1f3ccd9bd185e387ffd33a42d2046cfac1410a80253c95eec2a4a5101f7a
957c2f7ef1f2ac65b9ef4425976199b22163423b9782a0fc961c8b0e6f51f6b1
963299fa5ebaf499d9d69b3f0ea5f52539551fa5ac2b2b0474df5cdc13277556
9714a6422df1f8c010ac42ede3110338591abc5e38adac6d27d575b6cdc71d0b
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98bdcebae080ee161ea5401346d2118be835f9b6a388ec0c497c8a371e357947
9c6aa4fc5ed4a4f13344ded9f198525252c0c282915d8b94727d16dfb9470276
9cebd7d47c48f71bfd0912b3aa32d5acf124691a2a201adab41569b1ca24711d
9d7dc41759aab2379209357a1c1afd9607a7278357e914d3b9125f0a79b399c7
9dca59a7344d2ef98a0c5a2e54cd42f4fb3890d530853a2500f847d640278e5a
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
a0b5013409a4dd0a10edb90daa4c92c08dd5277ece8ef414ea7288352bad7bd2
a14013722b8f0fedd1f5b7737766e368738960df55a5d93ac261ce293bc6ee67
a22611aa1355580255bfd25f7434cd43c484f543ef5b58816a8be806d8fa3c5e
a39298b5f75dfc152365fde7db5b734117a19034f337a0892f542e06762fc96e
a5967883c65d3ba40dad64176a4c6abbb541ae08e20b34f01190468199e1ccff
a6c169dbf34be0654a382729b525a36d66d224d217b7304ee98f60b5e2855141
ad11f393f35f2ce5d047daa24ecc412e3d860ea1187cfd2502eed0f77a62e07a
ad31efc921ae06fc3b78512f982d8211031cd2f3546323d8831e130f1ab5b6ea
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
aef6cc7672765cfd2cf44745afb8f14ddb89e9b749d0d4ec65bd4804328d83bb
b0667137d501396673ac4d183986501a49bf70ccae0254cce2d55a2217bfc9df
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b206e457a3afb3c34f989018276af92d522aad5e46e445dcea675fbfe2ce042e
b34e8eda17fd1c37ab3f4da36c544edbacfa1155feaa2bb1525cbf3624ac10b6
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e
b8881ab2bfa3fd0633bf3c86a77233196f3e5e9947d8ac6660a263ab28112195
b9490529c389089d86b18d70449243a8aebc8957cd2913d4cac6be0c9e38bca8
b9f2b41864bfcb8887fd970039e8d6cabdef87d19eb8e244128b1142e1c75d95
ba8ec0c1125303f14cb314046c17c44f93570c31c302b5ea0cc09e2311eb5122
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9
c1bb84c38568dc54014cc09e30148f6b7439a2248c1b83244feb5b4a33d6f12b
c2ad103f45a8d1684a0be752a18c156ec4555b9cbd0893cfffddc800c3753eac
c37392e76245ae7a40fccced49d896542d759decd42d5929b3f6d0c0976f2afd
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
c82da2a76911690bf38ab6e256d2a83bcc3c3159836f593ddec36823b124f3d7
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
cbd0b61ef8dbd7ea6a3d4b74f472a559abb7f18dd0ebdccf2a3aebc8070fa45a
ccbcfe685f4f66143fb324f2d6cea6d2baf0ff52a8afc5ed8d48b73af008add6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfba52773f58094a70e4714d55148bded411040c5e0dc079c5dd709ffa74665b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d29ddbf7b5cd889ac6f147f31ace40430208e0a7222a1eaf965826d0ae978020
d6bdf056e317b089306b1ac9780007705d9b444dacf2a08c8a0d52b891d09a78
d6d47257f80cc386e36a87a5b97d50dc0345ddc665975518641837630ff09a6b
d7e0cd953792584d83f362907c7000480a96e1ecaf795474eee57bda5cd0026b
d8358841054400d1493d779f1737e6cf49917080c1b5ebfe9d1f28ddba6d7e37
de969d201fbf9be47f3a36e17e742a0591aae4f74e9413290dcbc513e40dcc18
e03fa35f39c0110cddddebd962d7d01d74cebd691d439ced85c89ca3d44687e7
e09e9c3abd67f6b0163a6b2de92a7936c7cc9422f3e4499cf94b36e8c33211b6
e3a1b7d62f45477408d68dd41ddf4c7c99914e62704dd8ca16e02b4c3dd6beac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4785959b3f0732e9e76f1aa059dba6b0f08bb930d80d8e6ca2457e18087ee6e
e4aef8354ee5b81b1fab7d69f14bd265b2d8b62aa92b8b4807959835140acf1d
e7a7dc31eaffbfdcab529b3004396ef65fac0aefbb0069c12b473c550b18294e
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e9f9e5f21b0953412bfc935d3ffdc0f59daafe8589973c07621e82af48c21645
eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef7656f16576cbf8d452c43e88920d693458739219fc003f448406fcb6e7ffe3
f046991ed636d342f4de5789d6bfc742ab8b112509ce4f020042a4919fd667b6
f1be20933a0c951dd3888ee8a23b5f93aec5bca3bc8dfa6107bdcc6170c4163d
f4a72ca1f84ee0e275242a6ee4565d944f8f04ba67a3dd9761db6bd4a3a63cdd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9d13201956b77ef26a3adf536a7bddd55287042c2240583d630df95f3799164
f9f160d026deb716519bd0c42ae475e460fb18fade6c8494f6c24dcbe274466c
fc75f888c8dd9244600010595756d04ce4531e328d7167eb02992e644d62de7e
fd58f382f8129279371b4a9e15224e926d28dd0859a49de761688efb7c8f6104
fdf47058216a097eff037ab2fc360420ea4ac953f516ea21bf9d0ab1238e4bfe
ff292a14fa99ec6aebef4b01c3babc1ca4b13348ada9bc2a72c09574becc0806

www.baltimoresun.com Open in urlscan Pro 192.0.66.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

218 Requests

95 %HTTPS

30 %IPv6

38 Domains

68 Subdomains

63 IPs

6 Countries

6453 kBTransfer

18857 kBSize

8 Cookies

40 Outgoing links

Page URL History

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.baltimoresun.com Open in urlscan Pro
192.0.66.202 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

95 %
HTTPS

30 %
IPv6

38
Domains

68
Subdomains

63
IPs

6
Countries

6453 kB
Transfer

18857 kB
Size

8
Cookies

218 HTTP transactions
2 data transactions