urlscan.io logo urlscan.io
SecurityTrails logo

chicago.suntimes.com Open in urlscan Pro
143.204.98.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chicago.suntimes.com/
Effective URL: https://chicago.suntimes.com/
Submission: On March 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 6 countries across 28 domains to perform 119 HTTP transactions. The main IP is 143.204.98.23, located in United States and belongs to AMAZON-02, US. The main domain is chicago.suntimes.com. The Cisco Umbrella rank of the primary domain is 83802.
TLS certificate: Issued by Amazon on February 15th 2022. Valid for: a year.
This is the only time chicago.suntimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 143.204.98.23 16509 (AMAZON-02)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
13 18.64.115.119 16509 (AMAZON-02)
2 143.204.98.73 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a03:2880:f02... 32934 (FACEBOOK)
5 142.250.181.226 15169 (GOOGLE)
4 143.204.95.188 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.130.132 54113 (FASTLY)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1f14:600... 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
3 147.75.83.64 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 46.105.202.126 16276 (OVH)
1 51.89.20.87 16276 (OVH)
1 2600:9000:21f... 16509 (AMAZON-02)
1 18.66.248.21 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.98 15169 (GOOGLE)
2 4 104.85.0.246 16625 (AKAMAI-AS)
2 3 185.33.221.90 29990 (ASN-APPNEX)
1 2 54.76.61.188 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
2 142.250.186.162 15169 (GOOGLE)
1 2001:4de0:ac1... ()
119 38
3    143.204.98.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-23.fra50.r.cloudfront.net
chicago.suntimes.com
6    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
13    18.64.115.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-119.txl50.r.cloudfront.net
cst.brightspotcdn.com
2    143.204.98.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-73.fra50.r.cloudfront.net
htlbid.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2606:4700:3032::ac43:bf95 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
4    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
1    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
4    2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
6    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
api-esp.piano.io
1    2600:1f14:600:6e02:8fca:8862:887a:8d4f (Boardman, United States)

ASN16509 (AMAZON-02, US)
aamapi.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    51.89.20.87 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p19.id5-sync.com
id5-sync.com
1    2600:9000:21f3:5c00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
1    18.66.248.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-21.dus51.r.cloudfront.net
ads.undertone.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
4    104.85.0.246 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-0-246.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    54.76.61.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-61-188.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
17    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2600:9000:2156:8800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2001:4de0:ac18::1:a:3a (None, )

ASN- ()
code.jquery.com
Apex Domain
Subdomains		 Transfer
17 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
246 KB
13 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
197 KB
13 brightspotcdn.com
cst.brightspotcdn.com — Cisco Umbrella Rank: 218311
222 KB
12 googlesyndication.com
d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
64 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4226
p1cluster.cxense.com — Cisco Umbrella Rank: 6281
comcluster.cxense.com — Cisco Umbrella Rank: 3989
id.cxense.com — Cisco Umbrella Rank: 7754
52 KB
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 427
p.typekit.net — Cisco Umbrella Rank: 527
183 KB
6 piano.io
c2.piano.io — Cisco Umbrella Rank: 3563
api-esp.piano.io
18 KB
5 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 660
static.adsafeprotected.com — Cisco Umbrella Rank: 500
dt.adsafeprotected.com Failed
95 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
4 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
40 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
196 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
3 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 6242
cdn.tinypass.com — Cisco Umbrella Rank: 4116
buy.tinypass.com — Cisco Umbrella Rank: 3573
82 KB
3 suntimes.com
chicago.suntimes.com — Cisco Umbrella Rank: 83802
43 KB
2 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 5900
ads.undertone.com — Cisco Umbrella Rank: 5449
4 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1490
id5-sync.com — Cisco Umbrella Rank: 488
12 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
549 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
388 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
63 KB
2 htlbid.com
htlbid.com — Cisco Umbrella Rank: 15244
95 KB
1 jquery.com
code.jquery.com
29 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
792 B
1 aamapi.com
aamapi.com — Cisco Umbrella Rank: 10561
180 B
1 ex.co
player.ex.co — Cisco Umbrella Rank: 10479
prd-collector-anon.ex.co Failed
263 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
42 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 3944
3 KB
0 amazonaws.com Failed
ams-pageview-public.s3.amazonaws.com Failed
0 googleapis.com Failed
fonts.googleapis.com Failed
119 28
Domain Requested by
17 s0.2mdn.net chicago.suntimes.com
s0.2mdn.net
d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
13 cst.brightspotcdn.com chicago.suntimes.com
6 pagead2.googlesyndication.com d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 use.typekit.net chicago.suntimes.com
use.typekit.net
5 api-esp.piano.io cdn.tinypass.com
code.jquery.com
5 securepubads.g.doubleclick.net htlbid.com
www.googletagservices.com
securepubads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 tpc.googlesyndication.com d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 c.amazon-adsystem.com htlbid.com
c.amazon-adsystem.com
4 connect.facebook.net chicago.suntimes.com
connect.facebook.net
3 static.adsafeprotected.com fw.adsafeprotected.com
d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 chicago.suntimes.com 1 redirects cst.brightspotcdn.com
2 googleads4.g.doubleclick.net chicago.suntimes.com
2 fw.adsafeprotected.com 1 redirects chicago.suntimes.com
2 googleads.g.doubleclick.net d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
chicago.suntimes.com
2 d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.facebook.com chicago.suntimes.com
2 www.googletagservices.com chicago.suntimes.com
d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
2 htlbid.com chicago.suntimes.com
1 code.jquery.com api-esp.piano.io
1 www.google.com d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
1 ads.undertone.com cdn.undertone.com
1 cdn.undertone.com securepubads.g.doubleclick.net
1 id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com chicago.suntimes.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 aamapi.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 buy.tinypass.com cdn.tinypass.com
1 cdn.tinypass.com experience.tinypass.com
1 player.ex.co cst.brightspotcdn.com
1 experience.tinypass.com chicago.suntimes.com
1 www.googletagmanager.com chicago.suntimes.com
1 www.npttech.com chicago.suntimes.com
1 p.typekit.net use.typekit.net
0 dt.adsafeprotected.com Failed d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
0 ams-pageview-public.s3.amazonaws.com Failed chicago.suntimes.com
0 prd-collector-anon.ex.co Failed player.ex.co
0 fonts.googleapis.com Failed chicago.suntimes.com
119 46
Subject Issuer Validity Valid
origin.cst-web.production.chorus.brightspot.cloud
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
htlbid.com
Amazon		 2021-11-21 -
2022-12-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-23 -
2022-03-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2021-05-21 -
2022-05-26		 a year crt.sh
aamapi.com
Amazon		 2021-04-23 -
2022-05-22		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.undertone.com
Amazon		 2021-11-11 -
2022-12-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh

This page contains 9 frames:

Primary Page: https://chicago.suntimes.com/
Frame ID: BF557FDA55623071319041F73D3F6DB6
Requests: 65 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: FBC5A724C5A5FE003DA37782AA802381
Requests: 4 HTTP requests in this frame

Frame: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D5377840D331B1F6695A697A3CBA83BA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/ajs.js
Frame ID: 9822159E847BE32B2EB4A295CA905974
Requests: 3 HTTP requests in this frame

Frame: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84FBD962618F14993CE4A1C646AB34FC
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjOjfLEATAB&v=APEucNV9dYRVyihPnfyWDC6Wg8uFmZE9fzAtJSMfbPTNnNlk5RUqOVZ3oeW4aqvLPZbSVQ-h_4qNy8Ei8p3IQsVwvK0zlq4z9qqdeLgP2suDk-hHfD-3HmJ8BDuVu1PIDWUmpQ_Ec_CTsloE8SWoVH4wQCVdeIjqJWDmXHEHM0wnxJ7Y0L9mE2I
Frame ID: 4446E884C4951461FCFA4955CB54EA2C
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
Frame ID: 10E75BE4DF5ABEC9BDA0789D698B3E1C
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FAEF186318E58DB81C6A3C70D2B2D0AA
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 807132709B96CE61972F077F414EFE37
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chicago Sun-Times: Chicago news, sports, politics, entertainmentclockCST_

Page URL History Show full URLs

  1. http://chicago.suntimes.com/ HTTP 301
    https://chicago.suntimes.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

119
Requests

88 %
HTTPS

59 %
IPv6

28
Domains

46
Subdomains

38
IPs

6
Countries

1954 kB
Transfer

5629 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chicago.suntimes.com/ HTTP 301
    https://chicago.suntimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM53z7jLySdsWbmZVzjPcA&google_cver=1
Request Chain 76
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjIldPJ6gzosjuCPrZXN3gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDICnhz9_HvVIK4uWOBHtRE&google_cver=1
Request Chain 77
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFVFUn8d8cyEBCd5aKoHnB0&google_cver=1
Request Chain 78
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3OTk5MTA1MzkzNTk4OTIyNQ%3D%3D
Request Chain 90
  • https://fw.adsafeprotected.com/rfw/st/985734/61500580/skeleton.js?adsafe_url=https%3A%2F%2Fchicago.suntimes.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8d60bab4-a2d5-721a-9114-3dde1a8ecbc9,c:734BFp,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67cb66fbd5-fxck9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:104,fm:t0gHepz+11%7C12%7C13%7C14*.985734-61500580%7C141%7C142%7C143,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:123,oid:cbdc33de-a552-11ec-bdee-f6519feb6c35,v:19.8.299,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

119 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
chicago.suntimes.com/
Redirect Chain
  • http://chicago.suntimes.com/
  • https://chicago.suntimes.com/
327 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-23.fra50.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
35bd5708253765f93f424b57b7ad6052174530eeb3c0a72a014be4d2187c419c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=UTF-8
content-length
43395
date
Wed, 16 Mar 2022 17:58:18 GMT
server
N/A
strict-transport-security
max-age=31536000; includeSubdomains;
x-powered-by
Brightspot
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
c0J7PVGCJ9UUHvM4WREeCwU-nIfS5xzfqgYWUYXNJikG4CXmAxJzdA==
age
56

Redirect headers

Server
CloudFront
Date
Wed, 16 Mar 2022 17:59:14 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://chicago.suntimes.com/
X-Cache
Redirect from cloudfront
Via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
YbNwX_mkBPx9agEBa52V-Qqg0mP30CCegBnQJzMG3u4BGaIgbWF6sg==
qzq4qkv.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qzq4qkv.css
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 16 Mar 2022 17:59:14 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
890
All.min.8ee89212feaed98f32b26aaa3d73c16c.gz.css
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 		324 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.8ee89212feaed98f32b26aaa3d73c16c.gz.css?v=1212
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aa8835d7dbb6bc26b744619c80256c405b9682772cb4441c32ff2b989515014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:34:57 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 20:34:41 GMT
server
AmazonS3
age
768258
etag
"6cf51d71d06ba94a1cccdc03aef69315"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P4
accept-ranges
bytes
content-length
38734
x-amz-cf-id
oVeTGrb8fLxhkJG8lt3Q5XQZqoVCthGBmGCHiJM_v_qHaaDmgIcecQ==
webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 16:28:09 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 15:26:22 GMT
server
AmazonS3
age
1301466
etag
"15a442be7d06ec40170c3c91ac824065"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P4
accept-ranges
bytes
content-length
999
x-amz-cf-id
nrFjGYONg-crgZNUJPdQu2dAtp02j2MrUKk5vmgjyJcobHI5QwsEGQ==
All.min.1d4b6df07954d8543615000849bce609.gz.js
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 		240 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.1d4b6df07954d8543615000849bce609.gz.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a5c59439b66b4090331c78d18ef79a014e6e6a5a9d89a3d638d623f7e3b9d7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 18:51:41 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 18:51:32 GMT
server
AmazonS3
age
1120054
etag
"05025e8b171c420cd728413216f94254"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P4
accept-ranges
bytes
content-length
74062
x-amz-cf-id
Iw_Ctcbt9oi097hs_2RMI9tx41KexsWhRhr7Ftfxio2RmyxTPMYGMQ==
htlbid.css
htlbid.com/v3/chicago.suntimes.com/ 		6 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/chicago.suntimes.com/htlbid.css
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-73.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d338d02da554c917c631d4bc41b3fcb618d33e6a0eabb1b97f3db77a065afea3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
br
last-modified
Thu, 10 Mar 2022 16:32:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"3b538e8b2d7f285acafd128377128346"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-id
as_5GICLWCQugHuXopnhNLoI6GB_OV7QJxM_nhpcEvDeM86H5GN9YQ==
htlbid.js
htlbid.com/v3/chicago.suntimes.com/ 		426 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-73.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d42b2635c8ea32c1ea6213fe44a810f21d96e8f5c4fe8b0d539a88c0c0b2319

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
br
last-modified
Thu, 10 Mar 2022 16:32:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"eccf89a25fb56f2f1abc6f0bd88bda91"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-id
J2OHQQF4_bZ5xMb4hsCAE8awn_84vJXFMg4N44xBzcspYykwVb846g==
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d383aab75333c3b4d9e639f8a4d75152350175d910c5021ba5223dd326b92f3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27846
x-xss-protection
0
server
sffe
etag
"1160 / 122 of 1000 / last-modified: 1647448831"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Mar 2022 17:59:15 GMT
ctimes-logo.svg
cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ctimes-logo.svg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 16:28:10 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 13:50:22 GMT
server
AmazonS3
age
1301465
etag
"e87f670b52b097530289da1acb82568e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P4
accept-ranges
bytes
content-length
2576
x-amz-cf-id
j3Azh5Fo8W2sisXq5OzL2lfnfrZhp5YeNx-HhB2A4PwQPNiNTldCrA==
logo-mobile-cst.svg
cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/logo-mobile-cst.svg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 16:28:10 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 13:52:10 GMT
server
AmazonS3
age
1301465
etag
"872e5a087c60467941e5d72da5703323"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P4
accept-ranges
bytes
content-length
1182
x-amz-cf-id
1CDIaE4Uysb-FdyekCzGILocYGyudqaReFoI_WDdOdZ-ymM70sH_wA==
ctimes-logo-inverse.svg
cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ctimes-logo-inverse.svg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 16:28:11 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 13:51:15 GMT
server
AmazonS3
age
1301464
etag
"adb236ef72a30b7d3eefd7c947693d02"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P4
accept-ranges
bytes
content-length
2862
x-amz-cf-id
-dXfZ10pfeHKKtBBS7Fn9V5q3NnVfiiFrWfDiGe3veDO1bd-hiYlrg==
bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 16:28:09 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 19:08:47 GMT
server
AmazonS3
age
1301466
etag
"c066757a8992615b576ac565d39d182d"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P4
accept-ranges
bytes
content-length
3003
x-amz-cf-id
do2zBSCElNdJtOa614k4xFYnq4JLK67Bmos-DwAji99dZhQp1g7-3Q==
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:14 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1004
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Z7BSW91J8VZCVEJ7
x-amz-id-2
bsy6dGyK4/+DbSH9qm6UIKDQW6cQkuIMMGaAr78AaM97NpGkDzSiiZ7cAITOZ8A39iTGPGG7Hno=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IghDafxuy0JNA0hODQjpixEh9ktgh96%2BXmkdLHIKCzlpWdRF6gVUjUVF0gvN8UiPt0c07n3EVBN%2BjVZdKEIMaeVdGjWxvXPqSPwQDiTIyKzsdngZ%2BAk%2F3sgAOvGzecfR12pYDDe6%2FZKQQ3UHVps%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6ecf61b04c799220-FRA
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1fbaa660c226489dd2ffbf307483873305d78bd80d1a60d7ce71d2d2495038a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bptRXdQiHHxnys2tmTQvaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 16 Mar 2022 18:14:42 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
lxom4/nrpoBMujiqKmwmUzxLkNM2JvMBXKmxFkao8kaU3b6RyCXbdAfbldPp+x8K6x7y0DtU7m+G13Z8eAfjKA==
x-fb-trip-id
917726464
x-fb-content-md5
ee19e55f95611b6b648b3914dc507bd2
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 16 Mar 2022 17:59:15 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"f283db9564964e8c527b24d2537f5e7d"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d0759f440f1cb96273ca51f2de7a2a8158835673ec9d09e1193a4d22babd3dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27850
x-xss-protection
0
server
sffe
etag
"1160 / 592 of 1000 / last-modified: 1647448831"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Mar 2022 17:59:15 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
.7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding
gzip
etag
4e3fad24a118a07cea7ce88b2721a583
age
483
x-cache
Hit from cloudfront
server
Server
x-amz-rid
06C2Z29RSE9TD133KEQR
date
Wed, 16 Mar 2022 17:51:15 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
l02j41AetJuxUgvQ2UvXe6AbMEsUvXyTWk9lqEO2_QMlFP_Xy1f6zg==
gtm.js
www.googletagmanager.com/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47dbc5d3ff2ea188807916df8ebfc97492cd6c5366075b0c3ad1ccc17e1214db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42665
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 15:59:20 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Mar 2022 17:59:15 GMT
css
fonts.googleapis.com/ 		0
0
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e1526da8f25d1beb20238eb04e99aaf13e4a77c2b534d246229fb7eceadaeda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6638a839866eeeba0f2fcf5dd964f3dec6a7b54be76052bf240ba3ef2b835895
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
3217
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cetku8rmB9y
wn
prod-exp-10-0-86-105
last-modified
Wed, 16 Mar 2022 17:05:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
6ecf61b04ea5693d-FRA
expires
Wed, 16 Mar 2022 18:29:15 GMT
l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:14 GMT
server
nginx
etag
"aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39712
l
use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:14 GMT
server
nginx
etag
"9a0ddb2a9b3aa5e4eb0cc25f50e612d5ae59958a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39344
l
use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:14 GMT
server
nginx
etag
"788f540305918e8b77e6fded33fe357dbe2b001f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39616
l
use.typekit.net/af/e4c172/00000000000000003b9ae796/27/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e4c172/00000000000000003b9ae796/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
13ede502e0cbc1bc012baecd396efd9fff1f1c4ba00956cd33a3f93880515c89

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:14 GMT
server
nginx
etag
"d08cad0b472793519d07d009e36d665f81045768"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28448
l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer
https://use.typekit.net/qzq4qkv.css
Origin
https://chicago.suntimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:14 GMT
server
nginx
etag
"cea691f813baff9c459e093daf1ff69d154fedc0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37980
_track
chicago.suntimes.com/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chicago.suntimes.com/_track
Requested by
Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-23.fra50.r.cloudfront.net
Software
N/A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://chicago.suntimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
server
N/A
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GJFX_EmVtTAeCVF9GuaJogz3ix-0Un9Jf1DSXuZTD0G5fiutu0eqdQ==
strict-transport-security
max-age=31536000; includeSubdomains;
x-cache
Miss from cloudfront
592cbffd-a1d0-4eb8-a31c-5b1269e51126
player.ex.co/player/ 		853 KB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/592cbffd-a1d0-4eb8-a31c-5b1269e51126
Requested by
Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.1d4b6df07954d8543615000849bce609.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dbc14c37249a9e5bbaf3da49b0392d4cceda2ab1d891833d8052443f9ce8d803

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
gzip
age
2317
x-cache
MISS, HIT
access-control-max-age
600
content-length
268110
x-served-by
cache-iad-kiad7000074-IAD, cache-hhn4046-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1647453555.291919,VS0,VE2
etag
W/"d535a-JxjGTl+th+JIirxngOeGhLaZegs"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
/
cst.brightspotcdn.com/dims4/default/f89918f/2147483647/strip/true/crop/1280x846+0+0/resize/840x555!/format/webp/quality/90/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/dims4/default/f89918f/2147483647/strip/true/crop/1280x846+0+0/resize/840x555!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FyFCFLwdEbohVdACyRe3os1mbn_M%3D%2F0x0%3A1280x960%2F1280x960%2Ffilters%3Afocal%28598x385%3A599x386%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F23320238%2Fmerlin_44762565.jpg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
Apache /
Resource Hash
bc5e8e9c0c52fc61d4a76c79b25f44d565a897d5622303bef6a2a14c8c23014b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 14:23:25 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Apache
age
12949
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
TXL50-P4
content-length
45436
x-amz-cf-id
RcE6E2XMTzsfL49Ab6MHblJSCmPDFJ6R0i9bTvmTmhx5VPgtrMjYVQ==
expires
Thu, 16 Mar 2023 14:23:25 GMT
/
cst.brightspotcdn.com/dims4/default/91c721e/2147483647/strip/true/crop/3000x1684+0+158/resize/490x275!/format/webp/quality/90/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/dims4/default/91c721e/2147483647/strip/true/crop/3000x1684+0+158/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FKLMtrkVxi5x5lguLS-aav7UykCM%3D%2F0x0%3A3000x2000%2F3000x2000%2Ffilters%3Afocal%281500x1000%3A1501x1001%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F23320671%2F1385220340.jpg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
Apache /
Resource Hash
b4038b69bf76c3b8e9a1775ba4d94b668b26faa3f9fd7cfa337cb811d9a313b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:27:12 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Apache
age
5523
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
TXL50-P4
content-length
29854
x-amz-cf-id
hzqI1jS9vyrKvKiHZs2ArLWF-mfgyUPW4uaIdIVC7nPef0--ksgJaA==
expires
Thu, 16 Mar 2023 16:27:12 GMT
/
cst.brightspotcdn.com/dims4/default/b0b278c/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/dims4/default/b0b278c/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2Ffx6ffxsqRKCr9WVk5SEiuN_CW1Q%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F192540%2FNeil_Steinberg.0.jpg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
Apache /
Resource Hash
86fde260a0f61a358a031ad9dc81608230df4842cfb4364d9645febfbbc15e3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 22:16:26 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Apache
age
589369
x-cache
Hit from cloudfront
content-type
image/jpeg
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
TXL50-P4
content-length
7539
x-amz-cf-id
tOcrzftkc8wn6ZdmpiV4tOIefvb3oBNO--DNfle2RM3DYFcC8kWvmw==
expires
Thu, 09 Mar 2023 22:16:26 GMT
/
cst.brightspotcdn.com/dims4/default/0d65c5f/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/dims4/default/0d65c5f/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FVkmZ6trl2bM7BC_tPEIWoEnWQOc%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F193033%2FEditorial_Board.0.jpg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
Apache /
Resource Hash
69b10a19f0621a275fe4c7bec45f0b4d78bd465792d05eee54780443a620c78b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 15:49:17 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Apache
age
1130998
x-cache
Hit from cloudfront
content-type
image/jpeg
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
TXL50-P4
content-length
1936
x-amz-cf-id
RXJ8FnAlGMFh32ZnZRu3VcFLRr2Iv_ijwOZWe2YmEdR9F9A5hzw7Iw==
expires
Fri, 03 Mar 2023 15:49:17 GMT
/
cst.brightspotcdn.com/dims4/default/195b084/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/dims4/default/195b084/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FIc_feCBFplcfDe_-j1rj12cCVcw%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F192580%2FLynn_Sweet_wback_2.0.jpeg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
Apache /
Resource Hash
36c0ba860513696078194b77e49dababf8c139deba55473af4450511de26c157

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 04:38:33 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Apache
age
1257642
x-cache
Hit from cloudfront
content-type
image/jpeg
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
TXL50-P4
content-length
7887
x-amz-cf-id
EkW1ZtLSxK-_zWzQetEIVD7zLZXZZXF8H99wXSVSZC6nvkyzphoV2A==
expires
Thu, 02 Mar 2023 04:38:33 GMT
/
cst.brightspotcdn.com/dims4/default/21b33aa/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cst.brightspotcdn.com/dims4/default/21b33aa/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FHxDSjXywJasVyM10cfNcq13DPzo%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F192541%2FMark_Brown.0.jpg
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.115.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-115-119.txl50.r.cloudfront.net
Software
Apache /
Resource Hash
58437dbb3b5fcc8128879b1c8c37ed2152615e5b7799466516d3d1e44a2afd54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 15:49:17 GMT
via
1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
server
Apache
age
1130997
x-cache
Hit from cloudfront
content-type
image/jpeg
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
TXL50-P4
content-length
6905
x-amz-cf-id
1-pj0HE1qQwbOavi0t1bfZylCGIxJMHoeA8vC2P3jpEA-T2JGD5lZg==
expires
Fri, 03 Mar 2023 15:49:17 GMT
sdk.js
connect.facebook.net/en_US/ 		280 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=84a7f30f31720116539dd42214e510c2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3cc937136514561933a2389bdcbc278886c5e5dcc10f0b2c8ace2ff65cf7f8c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://chicago.suntimes.com/
Origin
https://chicago.suntimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
s8FF6l1EmxT/iYfiuulbEQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 16 Mar 2023 16:15:46 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
81465
x-fb-rlafr
0
x-fb-debug
H7NILVx07uTdGwJskvdQDoafj/GFbTPgnIwV4DBpEjuSQIPUjgYF5cgmjnQSsmq8LeKMcXZwhz60B7L4Zwz0qg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c63b4377b2bcd87ecf5ffb47945b018f
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 17:59:15 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"aac90f59f35da3105144569e9ffb57c1"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
54522
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 02:09:50 GMT
server
AmazonS3
date
Wed, 16 Mar 2022 02:50:34 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YGs7D9XVROCvi3sU62zNZrJGVRhGsXAEcozfYGEa6jy_Q8MaKbdJ9w==
tinypass.min.js
cdn.tinypass.com/api/ 		275 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
39879
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
76JSTV7GTZ24YYH0
x-amz-id-2
EA6aANI1/vNET/xla8cu11o7Xs3nSMOUja8KpKK3HuTteYAt/H7E2qAbiMmEAywpRdYtIVfG0Ws=
last-modified
Mon, 28 Feb 2022 15:07:54 GMT
server
cloudflare
etag
W/"d766e4371da10c3c8ec5fecc88497ef7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6ecf61b09f1f693d-FRA
expires
Wed, 16 Mar 2022 21:59:15 GMT
pubads_impl_2022030201.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 09:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29985
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124504
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 09:35:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Mar 2023 09:39:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		205 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=chicago.suntimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a5eba0a4d924d8a92d34cea38b54eed5e3c4c607cbe83486320e4723865fb1b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Mar 2022 17:59:15 GMT
events
prd-collector-anon.ex.co/main/ 		0
0
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=FV0czWAOfe
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e8296280987572750afb49753383ceec2e011edbaca13533ae0248aa8b6865
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
88
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cb8nu8r7xUP
pragma
wn
prod-dash-10-0-131-101
last-modified
Wed, 16 Mar 2022 17:57:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.005
cache-control
public, max-age=1200
cf-ray
6ecf61b15854693d-FRA
expires
Wed, 16 Mar 2022 18:19:15 GMT
cx.cce.js
cdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 17:59:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 15:01:18 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5939
Expires
Wed, 16 Mar 2022 18:59:15 GMT
execute
c2.piano.io/xbuilder/experience/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=FV0czWAOfe
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49a9f5266265f8a116d4b20901bb04768842f07344a300340412a68e55e26b5e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://chicago.suntimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
swfrnhu46y
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
6ecf61b1aec19193-FRA
fbevents.js
connect.facebook.net/en_US/ 		103 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50a1bb47e69abfdb4e2dab5b00b435045a1e13a961564226881b7b3a313cd666
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26797
x-xss-protection
0
pragma
public
x-fb-debug
I2xbQJrnhMogXiQi3gfO229wBxP2bnIzT1UKb0zasjVtn/SdwPTlsbErnL+RnJjoVKkVLp7psAoMUpq8ccyhTA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Mar 2022 17:59:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
init-5464ro4xhfzswgo4m2d.js
aamapi.com/api/ 		1 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aamapi.com/api/init-5464ro4xhfzswgo4m2d.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:600:6e02:8fca:8862:887a:8d4f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
server
openresty
content-encoding
gzip
expires
-1
cx.js
cdn.cxense.com/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 17:59:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 13:47:07 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21887
Expires
Wed, 16 Mar 2022 18:59:15 GMT
146698685967099
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/146698685967099?v=next&r=canary
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a435bc01903b6a6649423da8535249a56d628101b58de7ea8edfbc45fa0bdc8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Tv4riocnoSsHMV+4xILsrLZ22lf01kFyZdctPldsQ32XtTsaur0lEiqrHfYJ3HikbN04fXDHlfMx5ffVV0FIGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Mar 2022 17:59:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=146698685967099&ev=PageView&dl=https%3A%2F%2Fchicago.suntimes.com%2F&rl=&if=false&ts=1647453555606&sw=1600&sh=1200&v=next&r=canary&a=tmgoogletagmanager&ec=0&o=30&ttf=1348.7999992370605&tts=1214.6000003814697&ttse=1345.7999992370605&fbp=fb.1.1647453555605.1538615710&it=1647453555473&coo=false&exp=p0&rqm=GET
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 16 Mar 2022 17:59:15 GMT
sp1.html
cdn.cxense.com/ Frame FBC5 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/

Response headers

Accept-Ranges
bytes
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Content-Length
379
Cache-Control
max-age=864000
Expires
Sat, 26 Mar 2022 17:59:15 GMT
Date
Wed, 16 Mar 2022 17:59:15 GMT
Connection
keep-alive
Content-Type
text/html
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
cx.js
cdn.cxense.com/ Frame FBC5 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 17:59:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 13:47:07 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21887
Expires
Wed, 16 Mar 2022 18:59:15 GMT
p1.js
p1cluster.cxense.com/ Frame FBC5 		46 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
e0ee31b4a18cb4dae77c355ae6d58f8d34adb1d311217a6b46ffc4ac767d7f20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
last-modified
Thu, 16 Sep 2021 17:59:15 GMT
server
Jetty(9.4.28.v20200408)
etag
mwi19qp63eht1gqkcsjdpqk7a
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
private, proxy-revalidate
content-type
text/javascript;charset=utf-8
content-length
46
expires
Thu, 16 Mar 2023 17:59:15 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame FBC5 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.3.1&typ=pgv&rnd=l0tvb6x5wmjwzrg9&sid=1148697685424599205&loc=https%3A%2F%2Fchicago.suntimes.com%2F&new=1&arf=0&ltm=1647453555479&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l0tvb742bxa3mgc8&ckp=l0tvb6x1nboafvz8&glb=&cp_userState=anon&cst=mwi19qp63eht1gqkcsjdpqk7a
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		118 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l0tvb6x1nboafvz8%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22mwi19qp63eht1gqkcsjdpqk7a%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22mwi19qp63eht1gqkcsjdpqk7a%22%7D%5D%2C%22siteId%22%3A%221148697685424599205%22%2C%22location%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2F%22%7D&callback=cXJsonpCBl0tvb77dns9rqekn
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
f1b333a87873ffe712378a1ce8c9f7f94a62ba33a499a44d4c2bc38f0e7fdd65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:15 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
118
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=chicago.suntimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=chicago.suntimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 17:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2404274554934287&correlator=4000641559349778&output=ldjh&impl=fifs&eid=31065486%2C31065568&vrg=2022030201&ptt=17&sc=1&iu_parts=61924087%2Csuntimes%2Cchicago.suntimes.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C2x2&ifi=1&adks=2911765573%2C618710011&sfv=1-0-38&ecs=20220316&ists=2&prev_scp=position%3Dout-of-page%7Cposition%3Dreskin&eri=1&cust_params=htlbidid%3D8620%26is_testing%3Dno%26is_home%3Dyes%26category%3DHome%26post_id%3D0000017e-e975-d1e5-a1fe-ed756f1d0000&cookie_enabled=1&abxe=1&dt=1647453555887&lmt=1647453555&dlt=1647453554292&idt=1230&biw=1600&bih=1200&oid=2&adxs=0%2C799&adys=465%2C465&ucis=1%7C2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fchicago.suntimes.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1600x0&msz=1600x0%7C1600x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=544988910.1647453556&ga_sid=1647453556&ga_hid=1217630811&ga_fc=false&btvi=0%7C0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f16409a5a85d650a9e27df200a226a1606cf72803fd1dc088991c3c43af8f466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2509
x-xss-protection
0
google-lineitem-id
5655680133,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138344730014,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D537 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 16 Mar 2022 17:59:16 GMT
expires
Thu, 16 Mar 2023 17:59:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
config
c.amazon-adsystem.com/cdn/prod/ 		385 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fchicago.suntimes.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 15:18:57 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server
Server
age
9618
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
385
x-amz-cf-id
xRXdwW95xrnC4i-eYc7DI_iDIquCEVWHOuPZxsf824OCIvmVn4BBnQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fchicago.suntimes.com%2F&pid=nsVmTJsl2q86m&cb=0&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F61924087%2Fsuntimes%2Fchicago.suntimes.com%2Ffront_page%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1000000560%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:15 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
XZ9XNPR96Y9FTFHDKVK2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
8nXYJUn6wh8d5FEO-dL-5sxdj4f682WBQRDaOMCE5bzGkF3TG5Qy7g==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Wed, 16 Mar 2022 17:19:47 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
150963671
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2404274554934287&correlator=3390473624981255&output=ldjh&impl=fifs&eid=31065486%2C31065568&vrg=2022030201&ptt=17&sc=1&iu_parts=61924087%2Csuntimes%2Cchicago.suntimes.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C1020x90%7C970x250&ifi=3&adks=1766363990&sfv=1-0-38&ecs=20220316&prev_scp=position%3Ddesktop_leaderboard_variable%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=htlbidid%3D8620%26is_testing%3Dno%26is_home%3Dyes%26category%3DHome%26post_id%3D0000017e-e975-d1e5-a1fe-ed756f1d0000&cookie_enabled=1&abxe=1&dt=1647453555978&lmt=1647453555&dlt=1647453554292&idt=1230&biw=1600&bih=1200&oid=2&adxs=436&adys=340&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fchicago.suntimes.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=4&ohw=1600&ga_vid=544988910.1647453556&ga_sid=1647453556&ga_hid=1217630811&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e56572427aa68f68e2e5274468f2d9716b1f879d50e33a24a8fff86d2e98d0ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8101
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://chicago.suntimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
517.json
id5-sync.com/g/v2/ 		213 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/517.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p19.id5-sync.com
Software
/
Resource Hash
3bcade7d93f7cd574060f72824432df48837f0bebd7fe857f900e93ccee12af3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://chicago.suntimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://chicago.suntimes.com
Date
Wed, 16 Mar 2022 17:59:15 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
ajs.js
cdn.undertone.com/js/ Frame 9822 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/ajs.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5c00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
099cab8513e9629e5817e2c50f9aacd16eaed375b0b25dd832ca1ac1c5fd9ea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
a1iLWR3KFpn27jbYe0sEZAMU9OgzkapB
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 08:15:17 GMT
server
AmazonS3
age
67193
etag
W/"fbbd41418681e5edc1f97e294d92a7de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
date
Wed, 16 Mar 2022 03:26:24 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Jq43MkJ6odrIUFGh21pUvubdRNyF06Iu9d60lbKUziYhVON9H97R2w==
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=146698685967099&ev=Microdata&dl=https%3A%2F%2Fchicago.suntimes.com%2F&rl=&if=false&ts=1647453556112&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2F%22%2C%22og%3Asite_name%22%3A%22Chicago%20Sun-Times%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22url%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2F%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Chicago%20Sun-Times%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fcst.brightspotcdn.com%2Fa7%2Fda%2F9a739da544a698cdb98e1b1c5f27%2Fctimes-logo.svg%22%7D%7D%2C%22name%22%3A%22Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment%22%7D%5D&sw=1600&sh=1200&v=next&r=canary&a=tmgoogletagmanager&ec=1&o=30&ttf=1855.5&tts=1214.6000003814697&ttse=1351.6000003814697&fbp=fb.1.1647453555605.1538615710&it=1647453555473&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 16 Mar 2022 17:59:16 GMT
dj
ads.undertone.com/ Frame 9822 		0
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.undertone.com/dj?&pid=348&domain=suntimes.com&tagid=686&fb=1&cb=91311916397&t=1647453556.116&fv=0&x=800&y=484&sw=1600&sh=1200&cw=1600&ch=1200&loc=https%3A//chicago.suntimes.com/&fr=1&env=201
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-21.dus51.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://chicago.suntimes.com/
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
JLNOmROWzd0FVcpsLiOQlPNXi2ulgFeHBM3h-QmctmavNCxHgAXP6g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 		0
0
container.html
d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 84FB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 17:59:16 GMT
expires
Thu, 16 Mar 2023 17:59:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4446 		624 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjOjfLEATAB&v=APEucNV9dYRVyihPnfyWDC6Wg8uFmZE9fzAtJSMfbPTNnNlk5RUqOVZ3oeW4aqvLPZbSVQ-h_4qNy8Ei8p3IQsVwvK0zlq4z9qqdeLgP2suDk-hHfD-3HmJ8BDuVu1PIDWUmpQ_Ec_CTsloE8SWoVH4wQCVdeIjqJWDmXHEHM0wnxJ7Y0L9mE2I
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 16 Mar 2022 17:59:16 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Mar 2022 17:59:16 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 84FB 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANWhoXmxnM_ou9tOn8B6NEltFDLwDtimUen2K1Zm5ULo3SrbCpa17mA7bFztNbmSVRGvLQh0zAP9sfyo5B_-jCnOHfajbkWoCmxrHc55hbtZvOiqHy-tFQYT4tba-sP94Eq8VA32AnadUW5JFpj2Wyqr-sfg&dbm_d=AKAmf-Am1SadBeK5GDvGUAHTgrJIrXsiDUI3vHv3cNiRcvzmfFPyumyytH2PlXmz-R_yOho2BK73mLWZTtrKyYZS5h3CeRfbOu_nVgXpTUmz-pTdtk_FTqIPpQ9VfEyol5uKGb9XMIy6DFeXiYygsNWaEkLfdw2KVZ3bnilOECZ_V35dp90SRR67Bmb88KGGDKVfYxUY7HtgylwwrQVyb8TAQqNmP5PIGh4oVjc1Fq4VqbKbtViTlIv77vnZUkZh1SOE41cqMmuZHkOcYLwj6KZcsK1gqEJ-EXQ92hRDWHoaFJtaIT5w0H6ppsO77mbv2AYFC4aABquFJUJXfcpLipjTc5gdZSVKlZcTlfYgHW3-jtwvaVx1_G1JqUNw04pPf31yibDmsDd1mTyzqPxCaMqOLZszV4C_EvE5RURWGAoB8We-On-k4rIOzE1XTVB_XmGu6pPvwRevhTsGj8DxSGCBWqGIGH9w5T0D5bCFRn_Sc5hwJd64GfnTocZcPzDfSbWa26ojBhQAEll8X5k_jC8-9SOqyZJa4tvb2DjLJ--PQnvpRtZdI3524fMw12zKnwzOM3WJ0tt6_iMkYMMxQyHDrpb3INzA7DFAn0sqYABBUkhLBuPn9ttCpmSADScIqiGvsHC7Re14g5auK84H9HXb-6yGRNZNhQhMEGgfkUl3WZrKXoWVEgL0pqZZZXBtQDVBxRApb1e_W_t0BblhJQYFZ2mfBTbV-XumBTGUjHnM8FVExd_FCmvtRGjpLiekat4KQjL6-v7Riih5G119QPFnu4sNcnFp7bhIIxmLUbTDy4zo9PmW8TxolpupS20L5q6yUB2ZiP4251qRVuFsCTzJeErrv5HzNSQeIvKrkp106JrH-Ic5OwjJ2n6B15AazN5kZNrH4TYUq7Kj0wg-MaoBx_N-aZbMrUQql9mmH9KkOUOdxtSCUVK9uUOshQ9anJcPUQ9IaU6N0R46jxi9BD9DyJMClDz-qGl3LvScp1oaamNs9L0dEdAX57ajGQW3EFE11eYTmoe3H7gaOzd6Ma9ySFS61wTTOfIkoDkMDwquF9gvWrmfS9IsjYM51PGiPmXvK2DH6sm3THN2NphpSjFpNRGuJHc5xFpoOR2T8TAFlkiUagDdao1TrvRFIVF4clHxwie8WwsDwPoXWkETEvsTJwxcbQSLWfleqPt1R9jYLcEYfvWJ9367t3-cIts0EKg5QQlcKllCXfF6eJq7sGM6fqG1iVON_Q71a2mqyVQ5RzCo4x5Cn5fzCn5Xn7Kk8LBAZGwYAIcDFOOxGjj8ReOEu4P-9e5wFGCY9JAtBveBItAFMVFz0xxl6i9bBS-nsVkl9V1Sa19Riy4VfUhXAPfKosjUkAWY_G6v7fo1H_TRFWYQBZ1OHurKdz0l-6B8fUOFzHY6kXZ5C25jHIikM0p5-1GbiIu7UFSS8tmAJVA3Hos2j6xj82ey-uqbObXS-vhjK1uGqu417-5osouTsYJLNgG2JQYZr8sq-t5Y4KCPFa3G5WV1xUY3hX_OAj8jgBNBIwuYnEZFlsmmqgM6evujCG11bOg9Dty1CEVQjza8ykz3i0SG8yD36yUWoLiKPjMN44cI1VPZzUZUT16XazXOpd9ctllvWWFzzxv7C6aMoqBIynvRogSfRdQpb_NDy2WJX--PUgk_d_raDF9bhryuXMGfsmFsB94Hke6e1O2twnr8ooKMMoftkAEfdaaeURcaoISKtyMOjMU2Se0Ge4BQqMr3ed0DM_xPTwVle28EnWuRz7z49UCzWj7WN7uBUx3U0bpeGG83vCu-y7OaXTuFHer2UUuUkfqvraSVwSpDlSLOoPEYXcYOWuD-5OLYQG-xna-y7hZ1tE2ZtJuMSZT9-M7wVw_Y-BI4JksX-_hCYjPYLsKR29urMCz5OgIWsBiwCJOovnbZAuHMdAaBCNfjCS7qR9ZSQchpkZsktl4y9t5uzMgqFzVowEEQ3YG0u1vLPnikz6c35gt_hMOpn1TEFScmVehrIF7P6DIlx-Ymx-kr8T6Sf6pF8_KTyFW3rBjIaIZUHAgo4uCEN7NVmz0YXy-xWq3AZid9e1Ips6sTO0ufeM4OaT8UdUPniJ45Qz5JYJKyum2IKWr3213xTJ0QikkGMWVwjrsmhzsyf235TOIlclkdOrXjxl6pUiZHMKQ-4LxpTzeIo4G6Tb-psXBvy1C0UeE3rtPI--Zr4vMM9-muNgW8eNaxc2v1P1SO4k3tDyy7czLFMPPA2HxXfo6CpD7uPYS2ZijIgBzJcd0u1pVrDYQ1IyNk9AtVf8G_r4Ari9XlutLZ-Xj_lEzWHJI3kUQGeDZ-p0tXTvhIaDFHLYPBhtz1RegW3xJtUkZ4DRRieF90I2HpiwP7-hnUteoqcbnepjwBN0HVaqDrWYvNRM9bIobZtLoxhWIHLcEk9l8EaPFb9TqrPjogm6n_Y_jSNDbdcPSmxyFjnIIUb6IrJYDvf7vMpmtNTfEYMRotjy3TRCg8D7wfXpUXAPtgq5fs8X74lUtZFQohUAQW1Cs7LlalHWm_pNk0T80dfU8zNj7j5nGym16gRvY4JKdxW2BlRFJX2UkGLRKdGL2J44rPaSMbLbe-93BcoKirGLa1gfOfaLqLQpbuIbBU1GGaDrSmGPMIj3ebotHMrzmoOwwGLBqzAK-ni0WzWWAePRsRYuWsy0FVAw_Xz95scn13AfkSWKZ5lg1B_Uf-3lv0LEYbHgkSY1ThGsTLKZTYlUcyqfVAc55YyVZTC0tx-HHZCzA1N03cGnyFT5tfDkKHtkvX_e5Pgzp3CcPgAOfd-1GCCHuH3LqPwwTSqviDaIw88kbON79SE--T3KgLboz9EWXnb0MOlryfgtzFXMf7_VTXcjsnUBO4HYv3lS6GDDoP2oOsVS9_jF-wIDbBckktrPzweNTd0Cus2uYgYT9KGAiB1GgK5GB9dy6qtChm_KSlj72wsUz6mudG4ZwYJUxsGkXG3Uw_6WtlSWjRgTqGjh_OfPEakiSY8ILVb-GiIW6mupRnIb7H821u2xkLYy6iUz_4wLgEQECGpPrwmjGONhcXL917eiSQgdCFGNB05sADGTqP9F5wWpVSS5zMND8fjjVm_9-X-USlTebKMzVspcEPmPTz_HEhvqc5OeTepYnv6z6fD4VpVIXsOVWk-f6BL82azCOSVemW1wmXysfkPJn6lfJQaSQmRhAK1efmNeEptcvvAYZwPAwMX4yE7J4x6ZvDpfhS6cV1Ics&cid=CAASJ-Ro6jTBItTPtUnb5xP_TbsYsFfrZQPr-4YVZqEKLAIc0Cpm1J9BoA&rfl=1%2Chttps%253A%252F%252Fchicago.suntimes.com%252F%240
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e84f959f27a660a299514ce993bf839ad4a4d0a6be1562dd2cc675d5dacee84a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35429
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84FB 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqjI_9iItakCwXoE8qe7PwIaODzTqQLVKkGs76A1Mgx5dITWoQ9F7RZpWsGqludAiGfSI_BErhgQPYItlkIS0SSbY-PuV3JT0jaEoeMnjn2vK3n6A
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 84FB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 17:57:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84FB 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36369
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647258231097430"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Mar 2022 17:59:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 84FB 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 17:56:47 GMT
l
www.google.com/ads/measurement/ Frame 84FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSI6ZisjuDx1uoW7ccsKUh84miPOAR1CHBLcf8PYyjIE0B8LQBYfwI4RVXEL36AVJsrvLRBHJ1k3BZw7JTN4GLoS7-l5w
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 4446
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM53z7jLySdsWbmZVzjPcA&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM53z7jLySdsWbmZVzjPcA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjOjfLEATAB&v=APEucNV9dYRVyihPnfyWDC6Wg8uFmZE9fzAtJSMfbPTNnNlk5RUqOVZ3oeW4aqvLPZbSVQ-h_4qNy8Ei8p3IQsVwvK0zlq4z9qqdeLgP2suDk-hHfD-3HmJ8BDuVu1PIDWUmpQ_Ec_CTsloE8SWoVH4wQCVdeIjqJWDmXHEHM0wnxJ7Y0L9mE2I
Protocol
HTTP/1.1
Server
104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-85-0-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 17:59:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Mar 2022 17:59:16 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAM53z7jLySdsWbmZVzjPcA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4446
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjIldPJ6gzosjuCPrZXN3gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDICnhz9_HvVIK4uWOBHtRE&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDICnhz9_HvVIK4uWOBHtRE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjOjfLEATAB&v=APEucNV9dYRVyihPnfyWDC6Wg8uFmZE9fzAtJSMfbPTNnNlk5RUqOVZ3oeW4aqvLPZbSVQ-h_4qNy8Ei8p3IQsVwvK0zlq4z9qqdeLgP2suDk-hHfD-3HmJ8BDuVu1PIDWUmpQ_Ec_CTsloE8SWoVH4wQCVdeIjqJWDmXHEHM0wnxJ7Y0L9mE2I
Protocol
HTTP/1.1
Server
104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-85-0-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 17:59:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Mar 2022 17:59:16 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDICnhz9_HvVIK4uWOBHtRE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4446
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFVFUn8d8cyEBCd5aKoHnB0&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFVFUn8d8cyEBCd5aKoHnB0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjOjfLEATAB&v=APEucNV9dYRVyihPnfyWDC6Wg8uFmZE9fzAtJSMfbPTNnNlk5RUqOVZ3oeW4aqvLPZbSVQ-h_4qNy8Ei8p3IQsVwvK0zlq4z9qqdeLgP2suDk-hHfD-3HmJ8BDuVu1PIDWUmpQ_Ec_CTsloE8SWoVH4wQCVdeIjqJWDmXHEHM0wnxJ7Y0L9mE2I
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 17:59:16 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
49bdbdf8-964b-4dd2-8dba-e42368713f23
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFVFUn8d8cyEBCd5aKoHnB0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4446
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3OTk5MTA1MzkzNTk4OTIyNQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3OTk5MTA1MzkzNTk4OTIyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjOjfLEATAB&v=APEucNV9dYRVyihPnfyWDC6Wg8uFmZE9fzAtJSMfbPTNnNlk5RUqOVZ3oeW4aqvLPZbSVQ-h_4qNy8Ei8p3IQsVwvK0zlq4z9qqdeLgP2suDk-hHfD-3HmJ8BDuVu1PIDWUmpQ_Ec_CTsloE8SWoVH4wQCVdeIjqJWDmXHEHM0wnxJ7Y0L9mE2I
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Mar 2022 17:59:16 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
039be41c-9969-4c6e-b3dd-6731c5228c07
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3OTk5MTA1MzkzNTk4OTIyNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/985734/61500580/ Frame 84FB 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/985734/61500580/skeleton.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.61.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-61-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
05d53c620fe9c495143ead6f8a2e5545e3d211d551dcd10e6fd97a1a066d46f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 84FB 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
Origin
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 12:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Mar 2022 12:47:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/ Frame 84FB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANWhoXmxnM_ou9tOn8B6NEltFDLwDtimUen2K1Zm5ULo3SrbCpa17mA7bFztNbmSVRGvLQh0zAP9sfyo5B_-jCnOHfajbkWoCmxrHc55hbtZvOiqHy-tFQYT4tba-sP94Eq8VA32AnadUW5JFpj2Wyqr-sfg&dbm_d=AKAmf-Am1SadBeK5GDvGUAHTgrJIrXsiDUI3vHv3cNiRcvzmfFPyumyytH2PlXmz-R_yOho2BK73mLWZTtrKyYZS5h3CeRfbOu_nVgXpTUmz-pTdtk_FTqIPpQ9VfEyol5uKGb9XMIy6DFeXiYygsNWaEkLfdw2KVZ3bnilOECZ_V35dp90SRR67Bmb88KGGDKVfYxUY7HtgylwwrQVyb8TAQqNmP5PIGh4oVjc1Fq4VqbKbtViTlIv77vnZUkZh1SOE41cqMmuZHkOcYLwj6KZcsK1gqEJ-EXQ92hRDWHoaFJtaIT5w0H6ppsO77mbv2AYFC4aABquFJUJXfcpLipjTc5gdZSVKlZcTlfYgHW3-jtwvaVx1_G1JqUNw04pPf31yibDmsDd1mTyzqPxCaMqOLZszV4C_EvE5RURWGAoB8We-On-k4rIOzE1XTVB_XmGu6pPvwRevhTsGj8DxSGCBWqGIGH9w5T0D5bCFRn_Sc5hwJd64GfnTocZcPzDfSbWa26ojBhQAEll8X5k_jC8-9SOqyZJa4tvb2DjLJ--PQnvpRtZdI3524fMw12zKnwzOM3WJ0tt6_iMkYMMxQyHDrpb3INzA7DFAn0sqYABBUkhLBuPn9ttCpmSADScIqiGvsHC7Re14g5auK84H9HXb-6yGRNZNhQhMEGgfkUl3WZrKXoWVEgL0pqZZZXBtQDVBxRApb1e_W_t0BblhJQYFZ2mfBTbV-XumBTGUjHnM8FVExd_FCmvtRGjpLiekat4KQjL6-v7Riih5G119QPFnu4sNcnFp7bhIIxmLUbTDy4zo9PmW8TxolpupS20L5q6yUB2ZiP4251qRVuFsCTzJeErrv5HzNSQeIvKrkp106JrH-Ic5OwjJ2n6B15AazN5kZNrH4TYUq7Kj0wg-MaoBx_N-aZbMrUQql9mmH9KkOUOdxtSCUVK9uUOshQ9anJcPUQ9IaU6N0R46jxi9BD9DyJMClDz-qGl3LvScp1oaamNs9L0dEdAX57ajGQW3EFE11eYTmoe3H7gaOzd6Ma9ySFS61wTTOfIkoDkMDwquF9gvWrmfS9IsjYM51PGiPmXvK2DH6sm3THN2NphpSjFpNRGuJHc5xFpoOR2T8TAFlkiUagDdao1TrvRFIVF4clHxwie8WwsDwPoXWkETEvsTJwxcbQSLWfleqPt1R9jYLcEYfvWJ9367t3-cIts0EKg5QQlcKllCXfF6eJq7sGM6fqG1iVON_Q71a2mqyVQ5RzCo4x5Cn5fzCn5Xn7Kk8LBAZGwYAIcDFOOxGjj8ReOEu4P-9e5wFGCY9JAtBveBItAFMVFz0xxl6i9bBS-nsVkl9V1Sa19Riy4VfUhXAPfKosjUkAWY_G6v7fo1H_TRFWYQBZ1OHurKdz0l-6B8fUOFzHY6kXZ5C25jHIikM0p5-1GbiIu7UFSS8tmAJVA3Hos2j6xj82ey-uqbObXS-vhjK1uGqu417-5osouTsYJLNgG2JQYZr8sq-t5Y4KCPFa3G5WV1xUY3hX_OAj8jgBNBIwuYnEZFlsmmqgM6evujCG11bOg9Dty1CEVQjza8ykz3i0SG8yD36yUWoLiKPjMN44cI1VPZzUZUT16XazXOpd9ctllvWWFzzxv7C6aMoqBIynvRogSfRdQpb_NDy2WJX--PUgk_d_raDF9bhryuXMGfsmFsB94Hke6e1O2twnr8ooKMMoftkAEfdaaeURcaoISKtyMOjMU2Se0Ge4BQqMr3ed0DM_xPTwVle28EnWuRz7z49UCzWj7WN7uBUx3U0bpeGG83vCu-y7OaXTuFHer2UUuUkfqvraSVwSpDlSLOoPEYXcYOWuD-5OLYQG-xna-y7hZ1tE2ZtJuMSZT9-M7wVw_Y-BI4JksX-_hCYjPYLsKR29urMCz5OgIWsBiwCJOovnbZAuHMdAaBCNfjCS7qR9ZSQchpkZsktl4y9t5uzMgqFzVowEEQ3YG0u1vLPnikz6c35gt_hMOpn1TEFScmVehrIF7P6DIlx-Ymx-kr8T6Sf6pF8_KTyFW3rBjIaIZUHAgo4uCEN7NVmz0YXy-xWq3AZid9e1Ips6sTO0ufeM4OaT8UdUPniJ45Qz5JYJKyum2IKWr3213xTJ0QikkGMWVwjrsmhzsyf235TOIlclkdOrXjxl6pUiZHMKQ-4LxpTzeIo4G6Tb-psXBvy1C0UeE3rtPI--Zr4vMM9-muNgW8eNaxc2v1P1SO4k3tDyy7czLFMPPA2HxXfo6CpD7uPYS2ZijIgBzJcd0u1pVrDYQ1IyNk9AtVf8G_r4Ari9XlutLZ-Xj_lEzWHJI3kUQGeDZ-p0tXTvhIaDFHLYPBhtz1RegW3xJtUkZ4DRRieF90I2HpiwP7-hnUteoqcbnepjwBN0HVaqDrWYvNRM9bIobZtLoxhWIHLcEk9l8EaPFb9TqrPjogm6n_Y_jSNDbdcPSmxyFjnIIUb6IrJYDvf7vMpmtNTfEYMRotjy3TRCg8D7wfXpUXAPtgq5fs8X74lUtZFQohUAQW1Cs7LlalHWm_pNk0T80dfU8zNj7j5nGym16gRvY4JKdxW2BlRFJX2UkGLRKdGL2J44rPaSMbLbe-93BcoKirGLa1gfOfaLqLQpbuIbBU1GGaDrSmGPMIj3ebotHMrzmoOwwGLBqzAK-ni0WzWWAePRsRYuWsy0FVAw_Xz95scn13AfkSWKZ5lg1B_Uf-3lv0LEYbHgkSY1ThGsTLKZTYlUcyqfVAc55YyVZTC0tx-HHZCzA1N03cGnyFT5tfDkKHtkvX_e5Pgzp3CcPgAOfd-1GCCHuH3LqPwwTSqviDaIw88kbON79SE--T3KgLboz9EWXnb0MOlryfgtzFXMf7_VTXcjsnUBO4HYv3lS6GDDoP2oOsVS9_jF-wIDbBckktrPzweNTd0Cus2uYgYT9KGAiB1GgK5GB9dy6qtChm_KSlj72wsUz6mudG4ZwYJUxsGkXG3Uw_6WtlSWjRgTqGjh_OfPEakiSY8ILVb-GiIW6mupRnIb7H821u2xkLYy6iUz_4wLgEQECGpPrwmjGONhcXL917eiSQgdCFGNB05sADGTqP9F5wWpVSS5zMND8fjjVm_9-X-USlTebKMzVspcEPmPTz_HEhvqc5OeTepYnv6z6fD4VpVIXsOVWk-f6BL82azCOSVemW1wmXysfkPJn6lfJQaSQmRhAK1efmNeEptcvvAYZwPAwMX4yE7J4x6ZvDpfhS6cV1Ics&cid=CAASJ-Ro6jTBItTPtUnb5xP_TbsYsFfrZQPr-4YVZqEKLAIc0Cpm1J9BoA&rfl=1%2Chttps%253A%252F%252Fchicago.suntimes.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 17:56:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 84FB 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANWhoXmxnM_ou9tOn8B6NEltFDLwDtimUen2K1Zm5ULo3SrbCpa17mA7bFztNbmSVRGvLQh0zAP9sfyo5B_-jCnOHfajbkWoCmxrHc55hbtZvOiqHy-tFQYT4tba-sP94Eq8VA32AnadUW5JFpj2Wyqr-sfg&dbm_d=AKAmf-Am1SadBeK5GDvGUAHTgrJIrXsiDUI3vHv3cNiRcvzmfFPyumyytH2PlXmz-R_yOho2BK73mLWZTtrKyYZS5h3CeRfbOu_nVgXpTUmz-pTdtk_FTqIPpQ9VfEyol5uKGb9XMIy6DFeXiYygsNWaEkLfdw2KVZ3bnilOECZ_V35dp90SRR67Bmb88KGGDKVfYxUY7HtgylwwrQVyb8TAQqNmP5PIGh4oVjc1Fq4VqbKbtViTlIv77vnZUkZh1SOE41cqMmuZHkOcYLwj6KZcsK1gqEJ-EXQ92hRDWHoaFJtaIT5w0H6ppsO77mbv2AYFC4aABquFJUJXfcpLipjTc5gdZSVKlZcTlfYgHW3-jtwvaVx1_G1JqUNw04pPf31yibDmsDd1mTyzqPxCaMqOLZszV4C_EvE5RURWGAoB8We-On-k4rIOzE1XTVB_XmGu6pPvwRevhTsGj8DxSGCBWqGIGH9w5T0D5bCFRn_Sc5hwJd64GfnTocZcPzDfSbWa26ojBhQAEll8X5k_jC8-9SOqyZJa4tvb2DjLJ--PQnvpRtZdI3524fMw12zKnwzOM3WJ0tt6_iMkYMMxQyHDrpb3INzA7DFAn0sqYABBUkhLBuPn9ttCpmSADScIqiGvsHC7Re14g5auK84H9HXb-6yGRNZNhQhMEGgfkUl3WZrKXoWVEgL0pqZZZXBtQDVBxRApb1e_W_t0BblhJQYFZ2mfBTbV-XumBTGUjHnM8FVExd_FCmvtRGjpLiekat4KQjL6-v7Riih5G119QPFnu4sNcnFp7bhIIxmLUbTDy4zo9PmW8TxolpupS20L5q6yUB2ZiP4251qRVuFsCTzJeErrv5HzNSQeIvKrkp106JrH-Ic5OwjJ2n6B15AazN5kZNrH4TYUq7Kj0wg-MaoBx_N-aZbMrUQql9mmH9KkOUOdxtSCUVK9uUOshQ9anJcPUQ9IaU6N0R46jxi9BD9DyJMClDz-qGl3LvScp1oaamNs9L0dEdAX57ajGQW3EFE11eYTmoe3H7gaOzd6Ma9ySFS61wTTOfIkoDkMDwquF9gvWrmfS9IsjYM51PGiPmXvK2DH6sm3THN2NphpSjFpNRGuJHc5xFpoOR2T8TAFlkiUagDdao1TrvRFIVF4clHxwie8WwsDwPoXWkETEvsTJwxcbQSLWfleqPt1R9jYLcEYfvWJ9367t3-cIts0EKg5QQlcKllCXfF6eJq7sGM6fqG1iVON_Q71a2mqyVQ5RzCo4x5Cn5fzCn5Xn7Kk8LBAZGwYAIcDFOOxGjj8ReOEu4P-9e5wFGCY9JAtBveBItAFMVFz0xxl6i9bBS-nsVkl9V1Sa19Riy4VfUhXAPfKosjUkAWY_G6v7fo1H_TRFWYQBZ1OHurKdz0l-6B8fUOFzHY6kXZ5C25jHIikM0p5-1GbiIu7UFSS8tmAJVA3Hos2j6xj82ey-uqbObXS-vhjK1uGqu417-5osouTsYJLNgG2JQYZr8sq-t5Y4KCPFa3G5WV1xUY3hX_OAj8jgBNBIwuYnEZFlsmmqgM6evujCG11bOg9Dty1CEVQjza8ykz3i0SG8yD36yUWoLiKPjMN44cI1VPZzUZUT16XazXOpd9ctllvWWFzzxv7C6aMoqBIynvRogSfRdQpb_NDy2WJX--PUgk_d_raDF9bhryuXMGfsmFsB94Hke6e1O2twnr8ooKMMoftkAEfdaaeURcaoISKtyMOjMU2Se0Ge4BQqMr3ed0DM_xPTwVle28EnWuRz7z49UCzWj7WN7uBUx3U0bpeGG83vCu-y7OaXTuFHer2UUuUkfqvraSVwSpDlSLOoPEYXcYOWuD-5OLYQG-xna-y7hZ1tE2ZtJuMSZT9-M7wVw_Y-BI4JksX-_hCYjPYLsKR29urMCz5OgIWsBiwCJOovnbZAuHMdAaBCNfjCS7qR9ZSQchpkZsktl4y9t5uzMgqFzVowEEQ3YG0u1vLPnikz6c35gt_hMOpn1TEFScmVehrIF7P6DIlx-Ymx-kr8T6Sf6pF8_KTyFW3rBjIaIZUHAgo4uCEN7NVmz0YXy-xWq3AZid9e1Ips6sTO0ufeM4OaT8UdUPniJ45Qz5JYJKyum2IKWr3213xTJ0QikkGMWVwjrsmhzsyf235TOIlclkdOrXjxl6pUiZHMKQ-4LxpTzeIo4G6Tb-psXBvy1C0UeE3rtPI--Zr4vMM9-muNgW8eNaxc2v1P1SO4k3tDyy7czLFMPPA2HxXfo6CpD7uPYS2ZijIgBzJcd0u1pVrDYQ1IyNk9AtVf8G_r4Ari9XlutLZ-Xj_lEzWHJI3kUQGeDZ-p0tXTvhIaDFHLYPBhtz1RegW3xJtUkZ4DRRieF90I2HpiwP7-hnUteoqcbnepjwBN0HVaqDrWYvNRM9bIobZtLoxhWIHLcEk9l8EaPFb9TqrPjogm6n_Y_jSNDbdcPSmxyFjnIIUb6IrJYDvf7vMpmtNTfEYMRotjy3TRCg8D7wfXpUXAPtgq5fs8X74lUtZFQohUAQW1Cs7LlalHWm_pNk0T80dfU8zNj7j5nGym16gRvY4JKdxW2BlRFJX2UkGLRKdGL2J44rPaSMbLbe-93BcoKirGLa1gfOfaLqLQpbuIbBU1GGaDrSmGPMIj3ebotHMrzmoOwwGLBqzAK-ni0WzWWAePRsRYuWsy0FVAw_Xz95scn13AfkSWKZ5lg1B_Uf-3lv0LEYbHgkSY1ThGsTLKZTYlUcyqfVAc55YyVZTC0tx-HHZCzA1N03cGnyFT5tfDkKHtkvX_e5Pgzp3CcPgAOfd-1GCCHuH3LqPwwTSqviDaIw88kbON79SE--T3KgLboz9EWXnb0MOlryfgtzFXMf7_VTXcjsnUBO4HYv3lS6GDDoP2oOsVS9_jF-wIDbBckktrPzweNTd0Cus2uYgYT9KGAiB1GgK5GB9dy6qtChm_KSlj72wsUz6mudG4ZwYJUxsGkXG3Uw_6WtlSWjRgTqGjh_OfPEakiSY8ILVb-GiIW6mupRnIb7H821u2xkLYy6iUz_4wLgEQECGpPrwmjGONhcXL917eiSQgdCFGNB05sADGTqP9F5wWpVSS5zMND8fjjVm_9-X-USlTebKMzVspcEPmPTz_HEhvqc5OeTepYnv6z6fD4VpVIXsOVWk-f6BL82azCOSVemW1wmXysfkPJn6lfJQaSQmRhAK1efmNeEptcvvAYZwPAwMX4yE7J4x6ZvDpfhS6cV1Ics&cid=CAASJ-Ro6jTBItTPtUnb5xP_TbsYsFfrZQPr-4YVZqEKLAIc0Cpm1J9BoA&rfl=1%2Chttps%253A%252F%252Fchicago.suntimes.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 17:56:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 84FB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 13:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 13:40:29 GMT
truncated
/ Frame 84FB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0450569a7ee8b936a687b8da61a8861d82531c5207ebc53d7880875d4174a7dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9822 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d21722bc3e5e87fc1607a29895d4ca6fe135bf6c78d59717f0b8032a87c6430

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
main.gr.19.8.299.js
static.adsafeprotected.com/ Frame 84FB 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/985734/61500580/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:37:01 GMT
content-encoding
gzip
age
768136
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:11:01 GMT
server
AmazonS3
etag
W/"587738d3e44b43a2620f42eb51d89fbf"
vary
Accept-Encoding
x-amz-version-id
kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Qce9gudolva8iBQAiY5sh98R5afrIoiJWht5SXP5sDqMmXyYBSUPaw==
index.html
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/ Frame 10E7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fb1ef90aa5491087f1469439c8a27b0e205f0993853a4f24ffda8b3a258cabf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2012
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Mon, 14 Mar 2022 08:07:48 GMT
expires
Tue, 14 Mar 2023 08:07:48 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
content-type
text/html
age
208288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 84FB 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwA3IlDz3blHlGzVHRBk3ZoIkkhTJcTqHe6H3WPxCG5Bb46whSK4IMurk4PRW0ZBTfVDvu-ofiJrvWs4aQ78ZgeWmM7KBxPBA5YE9unfAXWcQ4JHGKsnKtbvtyqt_A0sSY_vu9afxjCFdFYPiBmi1Zuj_pnvZIM3aOcXLDaU4uRTLkFEzZC-1NkrtoUxbMFugaEsjyvv4i-tPVRNCEN6s7M5yBVoE9xMOOWHL1_gHmY50AiFCmH-1vPy8knCnrFXaHRmv_CaSem9VlUflSsjuwNEGl-2Pv9kN5ncUlbD47njGLCt3UI2VF4kBp5ENmjUFXeeh-G0BwCi2w3VG-eKTmruab7UNyjReOLw388ZZONs0r9XhQJSwGYlcdmRFQ87RGid9Iav55RdCY78kPiMPqmAtJgFoLmrA0Gt06gBwzsGod9QQR62UtO8rzoXOUm34FnwSe5xOHBwaPqRiii1zyD3-Ur2A20quaDgDeWS6D28CPwK1XxzDt8D9dTbkZk7g0UGqaFuMOcgGt494qjU9SEa0IBz1EFjkZHpXUQ1S-47ERrh_08xLpeP0jcCDi0E9wYxxyrfJha235Pu5WUf9SRyYAakaX1l5cKl5H0bfVvIvNDLkX8L7g8vY4l42NIkLLLRc7-PxumVb5mzveZgd1QDS3QNyJB8MkWZGWJTwjRpoAX6DT_esDEsCAc_1J8CpEibIavWFKjeZ02DjnFt4Ey1Y3Dlx9YKbqH_swz-YMhrS5BoS6k25LPdNzNEJY9h7vEKzhlup3cQVxEGjmD94qa-8nVUi6UJRm69f8Zy80cuIzSaVU8BFMI5p1rW6ul94MzALnqaeolW2qdwVAnpJ_bI8b5_wwapuLfrbkVJGIQ9Pgnf7caaojHZ1nPzF_ykGKG55OnQKCgl3cwZaztbTV2uhffiGujIJkS7zwEm-xrV07Xc4byLMa2BOcnmyzFKjWkbrV8YtKQzIj-o5eLn64yQ2orZHGxGXa1bidSmSgLN6D1TiiFtpYeXSzOZQDfpUwjUVA3IL5ih2QGHXo2O0RTKSzXOVBMjj81nxQ4xkApSspg4upElLXPLSWClHb4l7cOkNs5xytUjKz-1PNv_uSb28JOXHA-q61SQLcl5Vh45kkNW7D__GvkGsaUSC6KUilB2jhoU1f8VOKypFvxbL6UYLpPsoOn2q6v9zonhvuwrJdG6YuC9GbV42__nwSENrtLhoYoQ0heXVfiL7LLjRCYFmQO_hkz-0FRx9JvvDN_vL8o710jmKO9QkhJDZHOuHoxeI63_hq-MY&sai=AMfl-YRzBAfiRWUHPG2JsuqENop7H3I9s8ROlqnlbnldVyL2FMOW2bZwix3XbFp1iHmvvsElSHW-ZZn0JUk09fKaGZlhekAU5F7_fYYza2MA1BXjiK-1Ca_QA5wiVYbDdMtDRFBPl1BdbA0Zpp1wD8DNj4qrE0maunblZcHeD8kje_vXSkjIziJOovBnxsHoxRs4sXDWubNADs7sLHga5ILXrEj7OQSMyiY&sig=Cg0ArKJSzCt06YGMOdNmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=194&cisv=r20220314.81832&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 16 Mar 2022 17:59:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FAEF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Mar 2022 22:16:44 GMT
expires
Tue, 14 Mar 2023 22:16:44 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
157352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
skeleton.js
static.adsafeprotected.com/ Frame 84FB
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/985734/61500580/skeleton.js?adsafe_url=https%3A%2F%2Fchicago.suntimes.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd65b60be39bad264adc80473d37f26a7.safeframe....
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2156:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
age
2520073
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
a-ikF-xUvLxfL8xC767mY9IjGe1AJtwt5rvfpLNF8W7Ai_hHWIUkQQ==

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:16 GMT
x-server-name
app19.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 8071 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
2520073
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
5dc2TTz37Qkok-1czjo_Ruvae1qK5EBHy4hRID7tEMe2CawDJ9I70A==
dt
dt.adsafeprotected.com/ Frame 84FB 		0
0
dt
dt.adsafeprotected.com/ Frame 84FB 		0
0
hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js
pagead2.googlesyndication.com/bg/ Frame FAEF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 20:17:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
78129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13666
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Mar 2023 20:17:07 GMT
dt
dt.adsafeprotected.com/ Frame 84FB 		0
0
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 10E7 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Mar 2022 17:59:17 GMT
script.js
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/js/ Frame 10E7 		3 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b86c67e83bdb0ee288ef4f5eed7aec84b9f137bac6301786d2e504d2ef2d8cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:48 GMT
dt
dt.adsafeprotected.com/ Frame 84FB 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 84FB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwA3IlDz3blHlGzVHRBk3ZoIkkhTJcTqHe6H3WPxCG5Bb46whSK4IMurk4PRW0ZBTfVDvu-ofiJrvWs4aQ78ZgeWmM7KBxPBA5YE9unfAXWcQ4JHGKsnKtbvtyqt_A0sSY_vu9afxjCFdFYPiBmi1Zuj_pnvZIM3aOcXLDaU4uRTLkFEzZC-1NkrtoUxbMFugaEsjyvv4i-tPVRNCEN6s7M5yBVoE9xMOOWHL1_gHmY50AiFCmH-1vPy8knCnrFXaHRmv_CaSem9VlUflSsjuwNEGl-2Pv9kN5ncUlbD47njGLCt3UI2VF4kBp5ENmjUFXeeh-G0BwCi2w3VG-eKTmruab7UNyjReOLw388ZZONs0r9XhQJSwGYlcdmRFQ87RGid9Iav55RdCY78kPiMPqmAtJgFoLmrA0Gt06gBwzsGod9QQR62UtO8rzoXOUm34FnwSe5xOHBwaPqRiii1zyD3-Ur2A20quaDgDeWS6D28CPwK1XxzDt8D9dTbkZk7g0UGqaFuMOcgGt494qjU9SEa0IBz1EFjkZHpXUQ1S-47ERrh_08xLpeP0jcCDi0E9wYxxyrfJha235Pu5WUf9SRyYAakaX1l5cKl5H0bfVvIvNDLkX8L7g8vY4l42NIkLLLRc7-PxumVb5mzveZgd1QDS3QNyJB8MkWZGWJTwjRpoAX6DT_esDEsCAc_1J8CpEibIavWFKjeZ02DjnFt4Ey1Y3Dlx9YKbqH_swz-YMhrS5BoS6k25LPdNzNEJY9h7vEKzhlup3cQVxEGjmD94qa-8nVUi6UJRm69f8Zy80cuIzSaVU8BFMI5p1rW6ul94MzALnqaeolW2qdwVAnpJ_bI8b5_wwapuLfrbkVJGIQ9Pgnf7caaojHZ1nPzF_ykGKG55OnQKCgl3cwZaztbTV2uhffiGujIJkS7zwEm-xrV07Xc4byLMa2BOcnmyzFKjWkbrV8YtKQzIj-o5eLn64yQ2orZHGxGXa1bidSmSgLN6D1TiiFtpYeXSzOZQDfpUwjUVA3IL5ih2QGHXo2O0RTKSzXOVBMjj81nxQ4xkApSspg4upElLXPLSWClHb4l7cOkNs5xytUjKz-1PNv_uSb28JOXHA-q61SQLcl5Vh45kkNW7D__GvkGsaUSC6KUilB2jhoU1f8VOKypFvxbL6UYLpPsoOn2q6v9zonhvuwrJdG6YuC9GbV42__nwSENrtLhoYoQ0heXVfiL7LLjRCYFmQO_hkz-0FRx9JvvDN_vL8o710jmKO9QkhJDZHOuHoxeI63_hq-MY&sai=AMfl-YRzBAfiRWUHPG2JsuqENop7H3I9s8ROlqnlbnldVyL2FMOW2bZwix3XbFp1iHmvvsElSHW-ZZn0JUk09fKaGZlhekAU5F7_fYYza2MA1BXjiK-1Ca_QA5wiVYbDdMtDRFBPl1BdbA0Zpp1wD8DNj4qrE0maunblZcHeD8kje_vXSkjIziJOovBnxsHoxRs4sXDWubNADs7sLHga5ILXrEj7OQSMyiY&sig=Cg0ArKJSzCt06YGMOdNmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=377&vt=11&dtpt=180&dett=3&cstd=194&cisv=r20220314.81832&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 17:59:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
txt1@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/txt1@2x.png
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc0443ece891ff28d97dee74047026afc17a6963100635fe67bad3de2db7fa1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:48 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6743
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:48 GMT
disclaimer@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/disclaimer@2x.png
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b316f4cd64722ecbb5166ef4f9d1f1cb29b3a8f4bc6d88e1b5aeb8a0b46bb1b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:48 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1964
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:48 GMT
cta@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/cta@2x.png
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e3de56c129f13585b4188de34e5f2b4df6ba82666c9a68d6f11d1d7648275f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:48 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1258
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:48 GMT
logo.svg
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/logo.svg
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:48 GMT
bg1@2x.jpg
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/bg1@2x.jpg
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a796fa2a442132dd4daccf8b86904066ddd1c27b85db3be6d6bf1efccda43dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:48 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141826
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAEF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIrmxdCUyYvHAIoXy3wPmm5aIAwAAAAA4AeAEAg&bg=!f3ylfDjNAAZgliNcYJY7ACkAdvg8WqYAueVCLtXV28IBV3cayJq6DQsocQHKeBYQARqwH3-UijO0-wIAAABjUgAAAAJoAQeZAzs0q-7rVpoPWAoHkqEjBoiz1HisiRO8PQYSk9gcsG0dA6Uk9Bw_Qxi_qd-C_-tdtRzCEklxjS3Yp2zl5kduZ3iV4PWIVdua9cXaaf0085LoY6_9UdZ3fVar12zlVb3vEPB-p-zxgf1MtevekQOgNkcT-AN4wtpFUgRMqMhYTfVyAy4maNWLbDvipw3BcfSfBFqq7EW6A4oUcNLAibcNAVG8zwc4fnDi_ZdgFJEwfLHI7OPRHK6KveIfMJdPBTd0ABqOACEADP00hvy4rXIJvYF4vRSWZCs0hgIFrdwC7Xv3qMdIz0xj4orwqRSq7koUHHx84YjoFdZNhu9XoPogh4zssLfYTbiyq9CxWh840XpC2eqrN_kMvz3FOuP32xn1MU0u_vF0PizGB7NmESNve58x9ZJgdxlpY5ZArQWXc6YGph9aeR5mGGq-g8WlKc2zQXNna3IkxhtrpbVvqcq0chDaVcpKfFK4M0zi_SAf0GD_MWMkbKo0abaSGxQ-ZwTo3i_2wmKi3bbvz6_EHPV8hTaOWmyaagaTDjND0tel8HohSyGUEipu2-p72tvmpcin9GlKQVT-4k9QlyPuiM6oscUR7EqIFAwQC2IIoeuygkyLmJ8cJQQuy-_qiZ5l4pwgIItjnvv-6qWYB87zeRnVX4pZjpEApGcL8zC7FdXjU54X13B71yVsu8fuECHixV_YubVslPV_UEdMME46LDq2sVt0XpdoZjF_dpnd7eigvMp-bKbCk6kmPBR86d3twi_jOA9yGu8Jfu4FeUP5wQ6SGgCCPzIYcP0VAel2lG2yTBg7kcP8WK7Lx9VRRS3AekBNy9YJQiw8uS195mPkX3lGgj4aJ4WXEEmHKbaHodNBe7KIjfJMZQEV_8yKB4gd6zIbUFM3TbR69HVw7QB_NFQ661APCdQMIJLfVqQaIeCieRG4F0SPsHqpHrtPd-etN9xKdNXKNS7LSII4HbRVB2TBpauT5pVm_iOsfxxHniH-YBb-QqsinxvuyADLtLwr7E5q-QKniJvAasjCFEVCuJCCuNTvjpQ6PBywYMxhFGxgtjPQKQv1Aguzhu57BG4GDzEs_-umc-kScRusgpVOGg
Requested by
Host: d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
URL: https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 84FB 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 84FB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveAlYsmEC1COe860Nt0_aS7E8oDmr_lSgU96DTacO0spdPqIebrbU95WJYkQ7_oGO8j6OaaGAjqfqdVT17Y5eBc2accNyObsQDPVZbzdwRxsv-UejrsA&sai=AMfl-YTzD-38Gc8nT0PCyCdcU4yPAJ2JMyYGp_dUadDl2ClqpgLcF3MS9KXZOFRbmsK0EapxWIKvhIKWlMJO96MPrkxV0Kq5KL45BmDF2UuWMRgHuaOIPd-6HVy6WdsnSdY&sig=Cg0ArKJSzHyn-EmwVaN5EAE&cid=CAASJ-Ro6jTBItTPtUnb5xP_TbsYsFfrZQPr-4YVZqEKLAIc0Cpm1J9BoA&id=lidar2&mcvt=1000&p=215,315,465,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1766363990&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647453556353&rpt=451&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 17:59:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 84FB 		0
0
style.css
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/ Frame 10E7 		1 KB
448 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dbbf212625a85a414d7213b5bf9c6adf705a0c073f4e106a3d408c895002225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:49 GMT
txt2@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/txt2@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d10cb43a82d365609573307e72a5f34adf11adbda57c139cf7596d8655008e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:49 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6274
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:49 GMT
txt3@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/txt3@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61079143e9eb8b45fbced719d3279143cce60d20fd58c77ce527b157407c3414
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:49 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6117
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:49 GMT
txt4@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/txt4@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92564f435dae8691772f0a2f84f47686ead7a546af6416379a9236fd9f115988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 16:17:53 GMT
x-content-type-options
nosniff
age
178885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3152
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 16:17:53 GMT
klimaneutral@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/klimaneutral@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e3aa2e179c9e8b451618f5a2cb2231a1113fedaf2b571fc33457f3b44c5c0f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:49 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2831
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:49 GMT
stoerer@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/stoerer@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eab30023f23cb9fc05c9e6a9091aa9ef81d83b2483f4d5bdc0cdbcda6978c66a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:49 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2912
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:49 GMT
logo2.svg
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/logo2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:49 GMT
legals@2x.png
s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/ Frame 10E7 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/img/legals@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3961d1b7d2766121a6497f63f7990cd2ee6f72f26cfbcb808a4d6b390919a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5762228924658277902/23-IWE-eSUV-Billboard-970x250-Range_Phase2/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 08:07:49 GMT
x-content-type-options
nosniff
age
208289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10257
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:01:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 08:07:49 GMT
sdk.js
api-esp.piano.io/public/sdk/v04/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:20 GMT
content-encoding
gzip
cf-cache-status
HIT
age
13759
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 13 Mar 2022 14:03:26 GMT
server
cloudflare
etag
W/"1bbec-17f83974fb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6ecf61d09a1b9193-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Thu, 16 Mar 2023 17:59:20 GMT
jquery-2.2.0.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://chicago.suntimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 17:59:20 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e55"
vary
Accept-Encoding
x-hw
1647453560.dop239.am5.t,1647453560.cds214.am5.hn,1647453560.cds304.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
19
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=l0tvb6x1nboafvz8&stored_visitor=&pnespid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://chicago.suntimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Mar 2022 17:59:20 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://chicago.suntimes.com
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age
36000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ecf61d1fb5e923d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
19
api-esp.piano.io/publisher/fusion/lucid/data/ 		460 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=l0tvb6x1nboafvz8&stored_visitor=&pnespid=
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
057788e2cad937eb408138afee185156c56190fd39dcb9eee73f52ce8e99400b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://chicago.suntimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Mar 2022 17:59:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"1cc-gt8qpmYrQlZGunqouu1gVD20PgI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chicago.suntimes.com
access-control-allow-credentials
true
cf-ray
6ecf61d2ec3e9036-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
40
api-esp.piano.io/tracker/lucid/visit/ 		65 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2F&visitor=l0tvb6x1nboafvz8
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456f01a42e28db412823e1e3273cb18cb9f9384fb6850bb1a29f3862bf69a626
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://chicago.suntimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Mar 2022 17:59:21 GMT
content-encoding
gzip
vary
X-HTTP-Method-Override
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"41-iWY5K7R4R4E109tgAycC0IJFjgQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chicago.suntimes.com
access-control-allow-credentials
true
cf-ray
6ecf61d4af269036-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
40
api-esp.piano.io/tracker/lucid/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2F&visitor=l0tvb6x1nboafvz8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://chicago.suntimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Mar 2022 17:59:21 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://chicago.suntimes.com
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age
36000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ecf61d3de19923d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,700
Domain
prd-collector-anon.ex.co
URL
https://prd-collector-anon.ex.co/main/events
Domain
ams-pageview-public.s3.amazonaws.com
URL
https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=feb6b46121fe
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=985734&asId=8d60bab4-a2d5-721a-9114-3dde1a8ecbc9&tv=%7Bc:734BFM,pingTime:-3,time:145,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:146,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:122,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0gHepz+11%7C12%7C13%7C14*.985734-61500580%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=985734&asId=8d60bab4-a2d5-721a-9114-3dde1a8ecbc9&tv=%7Bc:734BFO,pingTime:-6,time:147,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:147,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:122,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0gHepz+11%7C12%7C13%7C14*.985734-61500580%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:chicago.suntimes.com*&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=985734&asId=8d60bab4-a2d5-721a-9114-3dde1a8ecbc9&tv=%7Bc:734BFW,pingTime:-2,time:155,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:326,bdZ:462,beA:464,beZ:465,mfA:568,cmA:570,inA:570,inZ:576,prA:576,prZ:582,si:587,poA:588,poZ:601,cmZ:601,mfZ:601,loA:610,loZ:612,ltA:619,ltZ:619%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:155,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:122,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0gHepz+11%7C12%7C13%7C14*.985734-61500580%7C141%7C142%7C143,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,sinceFw:31,readyFired:true%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=985734&asId=8d60bab4-a2d5-721a-9114-3dde1a8ecbc9&tv=%7Bc:734BH5,time:226,type:e,im:%7Bimprf:%7Bttecl:310,ecd:8,tsecr:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:226,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:122,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B117~0%5D,as:%5B117~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0gHepz+11%7C12%7C13%7C14*.985734-61500580%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=985734&asId=8d60bab4-a2d5-721a-9114-3dde1a8ecbc9&tv=%7Bc:734BKq,pingTime:-10,time:433,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1647453557249%7C%7C2a52bcba9c486a8a4af981a96ee29ddb%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cf7f2bfe89dec544a17936a31dda6aa83%7C%7C46134df603edd1c755417826d3993719%7C%7Cb5c4274b17e5f1802b7f322e9572f567%7C%7Cef2c65f13caea575ca60b324b8111f69%7C%7C89f6b38caa6105c2b7b36fd55fdab4cd%7C%7C1629390669%7D
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=985734&asId=8d60bab4-a2d5-721a-9114-3dde1a8ecbc9&tv=%7Bc:734BWC,time:1189,type:e,env:%7Bnr_p:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1189,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:122,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1080~0%5D,as:%5B1080~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0gHepz+11%7C12%7C13%7C14*.985734-61500580%7C141%7C142%7C143,idMap:14*,rmeas:1,rend:0,renddet:na%7D&br=c

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| setNptTechAdblockerCookie object| script function| isAdblockerEnabled function| getCookieValue object| WebComponents object| head function| fbAsyncInit boolean| htlbidLoaded function| pbjsChunk object| pbjs object| _pbjsGlobals function| HTLBIDLoader object| googletag object| apstag object| htlbid boolean| htlbidStarted string| isSandboxMode string| sectionName undefined| pathname string| isHome object| dataLayer object| dfpAdSlotsObject object| dfpAdSlots object| staticAdSlots object| link object| relList function| showPianoLogin function| pianoLogout function| toggleFields object| js_tags string| template string| categoryName number| cstArchive object| tp object| webpackChunkbrightspot_theme_core object| regeneratorRuntime function| unfocus object| FB boolean| apstagLOADED function| BlockAdBlock object| blockAdBlock object| PianoESPConfig object| _matherq object| ggeac object| google_js_reporting_queue object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE object| __EXCO object| CEDATO_TAG object| CEDATO_API string| pbPageIdentifier boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| cX function| ___tp object| google_tag_manager function| fbq function| _fbq function| cxCCE_callQueueExecute object| cxTest object| cXNative undefined| google_measure_js_timing undefined| cXJsonpCBl0tvb77dns9rqekn object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| ID5 object| ampInaboxIframes object| ampInaboxPendingMessages

21 Cookies

Domain/Path Name / Value
chicago.suntimes.com/ Name: exco-uid
Value: dddvb3dd61dd2n75
chicago.suntimes.com/ Name: __adblocker
Value: false
.suntimes.com/ Name: _fbp
Value: fb.1.1647453555605.1538615710
.piano.io/ Name: __cf_bm
Value: _FSAxpUY1bgb3EL5fVxNTmyE89evhQezh3vIE4vLqD8-1647453555-0-AYa9Tagp+zOU/A3lg4gAk/IsejJMaavu4EoHJfuiD4jAZzfuFtqemRxysyE3jMAkRf4oQptpUMdwD8sJ8EJkZNY=
.suntimes.com/ Name: __tbc
Value: %7Bkpex%7DZlcujepfPB7CDiUMRvPgReMDWjPZXBqX_zeKRk-LtHWIkMDo3a-9KJcK90RJDo3k
.suntimes.com/ Name: cX_P
Value: l0tvb6x1nboafvz8
.suntimes.com/ Name: __pat
Value: -18000000
.suntimes.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-l0tvb6x55a73t4oh%22%2C%22domain%22%3A%22.suntimes.com%22%2C%22time%22%3A1647453555633%7D
.suntimes.com/ Name: xbc
Value: %7Bkpex%7DeuWW6J6jfiM5NVlOvtVZGcyz6oHIKh0LWd8fdnmhFVTevcbF5fTcSVXs1yJ1xrRapD2NgzjWkyZHPjXcFNejMgq385smWHPFBveMpn60JEi0Mx1n8pkl8NO45xKEPfsHqS_ZYPKvF4LEDGBMeOH7qlQ0Mz34SmrCc2KmVPUAykt-xPt97HErTrvGWQTO5MJg0AhBncrfFbVW2afiYWUVaogR6DHL-TI0_Im1kU5eeO8zRFczLGyxz0X_vPJ5VjMhzKRrw2BBqj78V7L1PPUJHHPDNI06zxvkmvZ-5breHm1oncRXSxylR48kj5OVuMp8JDC43Gvot-qPSBti3NN1pw
.suntimes.com/ Name: cX_S
Value: l0tvb742bxa3mgc8
.cxense.com/ Name: gckp
Value: 3gs1lfshyxpm31xk6c94ekrgv4
.suntimes.com/ Name: cX_G
Value: cx%3A15c43p7bzgayl2cj0ikiwo8sti%3A3gew9h8s7br1q
.suntimes.com/ Name: __gads
Value: ID=6b2a0ed3e4e8420d-22779f195ecd0092:T=1647453556:S=ALNI_MZgzLq5ll5Zg_RbAT5kNVAjAFvCUQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlSOTv1ha0D7bcobRuUArN4MEH3HImdPsU1Evuk7_PTlHzS7bcXpZ5s1I7t41E
.adnxs.com/ Name: uuid2
Value: 7379991053935989225
.casalemedia.com/ Name: CMID
Value: YjIldPJ6gzosjuCPrZXN3gAA
.casalemedia.com/ Name: CMPS
Value: 3276
.casalemedia.com/ Name: CMPRO
Value: 1126
.casalemedia.com/ Name: CMST
Value: YjIldGIyJXQA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il_qKY^*!]tbPl1M>e)ZlrFUfJ+tGXxoHUx79v:BfRWZ8tk%QN<k2c17h^Na`YR0VU/o3If)y3KL9D3I?*qsN15j
.casalemedia.com/ Name: CMRUM3
Value: 2d623225742760CAESEDICnhz9_HvVIK4uWOBHtRE

2 Console Messages

Source Level URL
Text
javascript error URL: https://chicago.suntimes.com/
Message:
Access to CSS stylesheet at 'https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,700' from origin 'https://chicago.suntimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,700
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aamapi.com
ads.undertone.com
adservice.google.com
adservice.google.de
ams-pageview-public.s3.amazonaws.com
api-esp.piano.io
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cdn.cxense.com
cdn.id5-sync.com
cdn.tinypass.com
cdn.undertone.com
chicago.suntimes.com
cm.g.doubleclick.net
code.jquery.com
comcluster.cxense.com
connect.facebook.net
cst.brightspotcdn.com
d65b60be39bad264adc80473d37f26a7.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
experience.tinypass.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlbid.com
ib.adnxs.com
id.cxense.com
id5-sync.com
p.typekit.net
p1cluster.cxense.com
pagead2.googlesyndication.com
player.ex.co
prd-collector-anon.ex.co
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
tpc.googlesyndication.com
use.typekit.net
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
ams-pageview-public.s3.amazonaws.com
dt.adsafeprotected.com
fonts.googleapis.com
prd-collector-anon.ex.co
104.85.0.246
142.250.181.226
142.250.185.98
142.250.186.162
143.204.95.188
143.204.98.23
143.204.98.73
147.75.83.64
151.101.130.132
18.64.115.119
18.66.248.21
185.33.221.90
2001:4de0:ac18::1:a:3a
2600:1f14:600:6e02:8fca:8862:887a:8d4f
2600:9000:2156:8800:8:48e:53c0:93a1
2600:9000:21f3:5c00:1f:2473:9080:93a1
2606:4700:3032::ac43:bf95
2606:4700::6810:2a41
2606:4700::6811:b6b1
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a02:26f0:6c00:2bf::268b
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba28
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
46.105.202.126
51.89.20.87
54.76.61.188
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0450569a7ee8b936a687b8da61a8861d82531c5207ebc53d7880875d4174a7dc
057788e2cad937eb408138afee185156c56190fd39dcb9eee73f52ce8e99400b
05d53c620fe9c495143ead6f8a2e5545e3d211d551dcd10e6fd97a1a066d46f1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
099cab8513e9629e5817e2c50f9aacd16eaed375b0b25dd832ca1ac1c5fd9ea2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769
13ede502e0cbc1bc012baecd396efd9fff1f1c4ba00956cd33a3f93880515c89
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1aa8835d7dbb6bc26b744619c80256c405b9682772cb4441c32ff2b989515014
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fbaa660c226489dd2ffbf307483873305d78bd80d1a60d7ce71d2d2495038a1
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2e3aa2e179c9e8b451618f5a2cb2231a1113fedaf2b571fc33457f3b44c5c0f6
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
35bd5708253765f93f424b57b7ad6052174530eeb3c0a72a014be4d2187c419c
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6
36c0ba860513696078194b77e49dababf8c139deba55473af4450511de26c157
3bcade7d93f7cd574060f72824432df48837f0bebd7fe857f900e93ccee12af3
3cc937136514561933a2389bdcbc278886c5e5dcc10f0b2c8ace2ff65cf7f8c2
3d21722bc3e5e87fc1607a29895d4ca6fe135bf6c78d59717f0b8032a87c6430
3d42b2635c8ea32c1ea6213fe44a810f21d96e8f5c4fe8b0d539a88c0c0b2319
3dbbf212625a85a414d7213b5bf9c6adf705a0c073f4e106a3d408c895002225
3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee
456f01a42e28db412823e1e3273cb18cb9f9384fb6850bb1a29f3862bf69a626
47dbc5d3ff2ea188807916df8ebfc97492cd6c5366075b0c3ad1ccc17e1214db
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
49a9f5266265f8a116d4b20901bb04768842f07344a300340412a68e55e26b5e
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a435bc01903b6a6649423da8535249a56d628101b58de7ea8edfbc45fa0bdc8
4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a1bb47e69abfdb4e2dab5b00b435045a1e13a961564226881b7b3a313cd666
53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
58437dbb3b5fcc8128879b1c8c37ed2152615e5b7799466516d3d1e44a2afd54
59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097
5fb1ef90aa5491087f1469439c8a27b0e205f0993853a4f24ffda8b3a258cabf
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
61079143e9eb8b45fbced719d3279143cce60d20fd58c77ce527b157407c3414
63d8f08bbefb4763417e02b92ddc2b4e2fb66ac0418e20dcf9271f5f49d4236c
6638a839866eeeba0f2fcf5dd964f3dec6a7b54be76052bf240ba3ef2b835895
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69b10a19f0621a275fe4c7bec45f0b4d78bd465792d05eee54780443a620c78b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
86fde260a0f61a358a031ad9dc81608230df4842cfb4364d9645febfbbc15e3c
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b86c67e83bdb0ee288ef4f5eed7aec84b9f137bac6301786d2e504d2ef2d8cc
8e1526da8f25d1beb20238eb04e99aaf13e4a77c2b534d246229fb7eceadaeda
92564f435dae8691772f0a2f84f47686ead7a546af6416379a9236fd9f115988
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6
9a5c59439b66b4090331c78d18ef79a014e6e6a5a9d89a3d638d623f7e3b9d7a
9a796fa2a442132dd4daccf8b86904066ddd1c27b85db3be6d6bf1efccda43dc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a270400584b607fa72aa4d8505360e0db265565c90e3ea48fc6ce4628ed430a6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5eba0a4d924d8a92d34cea38b54eed5e3c4c607cbe83486320e4723865fb1b5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b316f4cd64722ecbb5166ef4f9d1f1cb29b3a8f4bc6d88e1b5aeb8a0b46bb1b2
b3d10cb43a82d365609573307e72a5f34adf11adbda57c139cf7596d8655008e
b4038b69bf76c3b8e9a1775ba4d94b668b26faa3f9fd7cfa337cb811d9a313b1
b7e8296280987572750afb49753383ceec2e011edbaca13533ae0248aa8b6865
b8e3de56c129f13585b4188de34e5f2b4df6ba82666c9a68d6f11d1d7648275f
bc5e8e9c0c52fc61d4a76c79b25f44d565a897d5622303bef6a2a14c8c23014b
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c3961d1b7d2766121a6497f63f7990cd2ee6f72f26cfbcb808a4d6b390919a72
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
d0759f440f1cb96273ca51f2de7a2a8158835673ec9d09e1193a4d22babd3dbe
d338d02da554c917c631d4bc41b3fcb618d33e6a0eabb1b97f3db77a065afea3
d383aab75333c3b4d9e639f8a4d75152350175d910c5021ba5223dd326b92f3e
dbc14c37249a9e5bbaf3da49b0392d4cceda2ab1d891833d8052443f9ce8d803
dc0443ece891ff28d97dee74047026afc17a6963100635fe67bad3de2db7fa1c
e0ee31b4a18cb4dae77c355ae6d58f8d34adb1d311217a6b46ffc4ac767d7f20
e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
e56572427aa68f68e2e5274468f2d9716b1f879d50e33a24a8fff86d2e98d0ed
e84f959f27a660a299514ce993bf839ad4a4d0a6be1562dd2cc675d5dacee84a
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
eab30023f23cb9fc05c9e6a9091aa9ef81d83b2483f4d5bdc0cdbcda6978c66a
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16409a5a85d650a9e27df200a226a1606cf72803fd1dc088991c3c43af8f466
f1b333a87873ffe712378a1ce8c9f7f94a62ba33a499a44d4c2bc38f0e7fdd65