www.nwitimes.com Open in urlscan Pro
192.104.182.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/...
Effective URL:
https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/...
Submission: On September 19 via api (September 19th 2024, 2:11:53 am UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 54 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is www.nwitimes.com. The Cisco Umbrella rank of the primary domain is 451397.
TLS certificate: Issued by WR1 on September 1st 2024. Valid for: 3 months.

This is the only time www.nwitimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
20	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:266... 2600:9000:266e:2e00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
3	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:266... 2600:9000:266e:9000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
54	9

8 192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

www.nwitimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:266e:2e00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:9000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 23973	291 KB
8	nwitimes.com www.nwitimes.com — Cisco Umbrella Rank: 451397	59 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	576 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5315	128 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2756	106 KB
2	gstatic.com www.gstatic.com	13 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3310
54	7

	Domain	Requested by
20	bloximages.chicago2.vip.townnews.com	www.nwitimes.com
8	www.nwitimes.com	www.nwitimes.com
6	www.googletagmanager.com	www.nwitimes.com cmp.osano.com
5	cmp.osano.com	www.nwitimes.com cmp.osano.com
3	tagan.adlightning.com	www.nwitimes.com cmp.osano.com
2	www.gstatic.com	www.nwitimes.com
1	region1.google-analytics.com	www.googletagmanager.com
54	7

This site contains links to these domains. Also see Links.

Domain
subscriberservices.lee.net
nwitimes.obituaries.com
www.stringr.com
thetimesmediacompany.com
nwitimes.column.us
www.legacy.com
lee.net
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
nwitimes.com WR1	`2024-09-01` - `2024-11-30`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
*.osano.com Amazon RSA 2048 M02	`2024-09-17` - `2025-10-16`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html
Frame ID: 369B5988AC14B7AB3F091EF75AEB413D
Requests: 43 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 215FF5A7AA3483346BACA6AEDA342FF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

-5e52 | nwitimes.com

Page URL History Show full URLs

http://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-s... HTTP 307
https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-s... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

83 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

1173 kB
Transfer

3809 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://subscriberservices.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=nwitimes.com&SubscriberLevel=DOP&Return=https%3A%2F%2Fwww.nwitimes.com%2Fnews%2Flocal%2Fcrime%2F-and%2F-courts%2Fsmoke%2F-detector%2F-credited%2F-with%2F-saving%2F-sleeping%2F-couple%2F-in%2F-region%2F-house%2F-fire%2Farticle%2F_25ec0d28%2F-2f20%2F-5e52%2F-a4c5%2F-c2256f465f0a.html#tracking-source=header&ir=true
Title: Subscribe $1 for 3 months

Search URL Search Domain Scan URL

URL: https://nwitimes.obituaries.com/?utm_campaign=consumerdirect&utm_source=lee&utm_medium=np_s&utm_content=nwitimes
Title: Share a story

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xliQhSkXoCb
Title: Share video

Search URL Search Domain Scan URL

URL: https://thetimesmediacompany.com/
Title: The Times Media Company

Search URL Search Domain Scan URL

URL: https://nwitimes.column.us/search
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=nwitimes.com
Title: My Subscription

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/nwitimes
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://nwitimes.column.us/search
Title: Legal Notices

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here

Search URL Search Domain Scan URL

URL: https://lee.net/advertise/tos/
Title: Advertising Terms of Use

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: bloxdigital.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html HTTP 307
https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request -c2256f465f0a.html Show response
www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/
Redirect Chain

http://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html
https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

103 KB
23 KB

876ms
459ms

Document
text/html

192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

6b32924b6a0600a50a2752cbae7f67cf33d82a5fad1a3873aa855575435f9335

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 21686
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 19 Sep 2024 02:11:48 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.81.0; app13; 0.19s; 4.7M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 134ms
61ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"60e609f2-1882c"
age: 15284280
expires: Thu, 13 Mar 2025 19:22:34 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c145fc1d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38456
server: cloudflare

GET
H2 200 user.js Show response
www.nwitimes.com/shared-content/art/tncms/user/ 4 KB
2 KB 122ms
121ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nwitimes.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e89eba-ee3"
age: 248
accept-ranges: bytes
content-length: 1658
date: Thu, 19 Sep 2024 02:07:39 GMT
last-modified: Mon, 16 Sep 2024 21:10:18 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 132ms
60ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d726a23-9bd8"
age: 16367470
expires: Thu, 13 Mar 2025 15:33:47 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c143f9cd27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12719
server: cloudflare

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 133ms
61ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66922-841f"
age: 16362087
expires: Thu, 13 Mar 2025 16:44:37 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c145fc0d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14189
server: cloudflare

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 133ms
61ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-2d77"
age: 4059
expires: Thu, 13 Mar 2025 16:44:37 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c145fc3d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4260
server: cloudflare

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 133ms
61ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66316804-1102"
age: 1032968
expires: Fri, 16 May 2025 23:56:20 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Tue, 30 Apr 2024 21:52:04 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c145fc6d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1590
server: cloudflare

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 130ms
59ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-9b8"
age: 16353945
expires: Thu, 13 Mar 2025 19:24:10 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c143f9dd27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 910
server: cloudflare

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 104ms
33ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: www.nwitimes.com
URL: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66920-1ac2e"
age: 2060679
expires: Thu, 13 Mar 2025 18:00:19 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c143f97d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21439
server: cloudflare

GET
H2 200 layout.a20a82cd2d0545ab6b327211aa0ea22b.css
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 155 KB
34 KB 103ms
32ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.a20a82cd2d0545ab6b327211aa0ea22b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4adce56d5b9e718c9ae4798c09e85846e80100fd12ed65d3aeb234047028cf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66be51f6-26c4a"
age: 2530760
expires: Wed, 20 Aug 2025 19:01:08 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 19:07:34 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c143f99d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34404
server: cloudflare

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 98 KB
21 KB 102ms
31ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1726642885

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962f88b62b18780a0b6cf19d5d529db54986db8635f6db5d778a5f3b76a6e78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66ea7ac5-187ab"
age: 67402
expires: Thu, 18 Sep 2025 07:06:57 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 07:01:25 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c143f9ad27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20739
server: cloudflare

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 130ms
59ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-183e"
age: 15548748
expires: Thu, 13 Mar 2025 19:24:10 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c143f9bd27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1979
server: cloudflare

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 422 KB
90 KB 98ms
27ms Script
application/javascript 2600:9000:266e:2e00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:2e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

19901965530872c43c101f3e4a0c8076397ce1160ba4409c0d91c580cc6d126b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: br
etag: "6f22bb886e8e56a8c1bd0fb8b8e108ee"
age: 22600
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Wjn-Zq-rHoEDHz46UwBLRlnzaqrh4ss6XGEfCZWUHL2KsQ1Af2o2Og==
date: Wed, 18 Sep 2024 19:55:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Sep 2024 17:52:17 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 83f37b03194be210134265ef78592588.cloudfront.net (CloudFront)
content-length: 91803
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET
H2 200 csrf.js Show response
www.nwitimes.com/shared-content/art/tncms/api/ 940 B
762 B 122ms
121ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nwitimes.com/shared-content/art/tncms/api/csrf.js
Requested by: Host: www.nwitimes.com
URL: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.nwitimes.com
Referer: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e89eba-3ac"
age: 14
accept-ranges: bytes
content-length: 537
date: Thu, 19 Sep 2024 02:11:34 GMT
last-modified: Mon, 16 Sep 2024 21:10:18 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 access.3e0b8030b6000aa9a609.js Show response
www.nwitimes.com/shared-content/art/tncms/api/ 71 KB
29 KB 123ms
122ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nwitimes.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by: Host: www.nwitimes.com
URL: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.nwitimes.com
Referer: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e33faa-11c3d"
age: 197
accept-ranges: bytes
content-length: 29787
date: Thu, 19 Sep 2024 02:08:31 GMT
last-modified: Thu, 12 Sep 2024 19:23:22 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 nwitimes.com.v2.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 1 KB
643 B 445ms
375ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/nwitimes.com.v2.js?_dc=1726711908

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23f33b0d1e2723aa702942eb7986d9a54fc7a7d73bcbefd9b611887c046343ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66ea5f24-470"
expires: Fri, 19 Sep 2025 02:11:48 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 05:03:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c145fc5d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 511
server: cloudflare

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 36ms
35ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-dbe"
age: 1957899
expires: Thu, 13 Mar 2025 19:24:10 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c15d95dd27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1322
server: cloudflare

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 37ms
36ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-1baf"
age: 6971214
expires: Thu, 13 Mar 2025 19:24:30 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c16199cd27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2388
server: cloudflare

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 94ms
34ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: gzip
age: 132620
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 13:21:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 13:21:28 GMT
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3945
x-xss-protection: 0
server: sffe

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 47ms
34ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: gzip
age: 392589
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Sun, 14 Sep 2025 13:08:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Sep 2024 13:08:39 GMT
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8653
x-xss-protection: 0
server: sffe

GET
H2 200 messaging.js Show response
www.nwitimes.com/shared-content/art/tncms/api/ 2 KB
1 KB 125ms
124ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nwitimes.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: www.nwitimes.com
URL: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e89eba-9cb"
age: 135
accept-ranges: bytes
content-length: 885
date: Thu, 19 Sep 2024 02:09:33 GMT
last-modified: Mon, 16 Sep 2024 21:10:18 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
309 B 130ms
61ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66924-cf"
age: 4059
expires: Thu, 13 Mar 2025 16:44:37 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:36 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c143fa0d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
server: cloudflare

GET
H2 200 tracking.js Show response
www.nwitimes.com/shared-content/art/tncms/ 3 KB
1 KB 239ms
239ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nwitimes.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.nwitimes.com
URL: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e89eba-a3a"
age: 185
accept-ranges: bytes
content-length: 1157
date: Thu, 19 Sep 2024 02:08:43 GMT
last-modified: Mon, 16 Sep 2024 21:10:18 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 11 KB
4 KB 128ms
59ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1726642885

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66ea7ac5-2c45"
age: 67403
expires: Thu, 18 Sep 2025 07:06:57 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 07:01:25 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c143f9ed27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3556
server: cloudflare

GET
H2 200 fontawesome.48f6e778a25162f5c4a6977fb556155b.js Show response
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 277 KB
115 KB 41ms
41ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e19e2e-45518"
age: 111605
expires: Wed, 17 Sep 2025 19:01:09 GMT
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Sep 2024 13:42:06 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c16ba40d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 117608
server: cloudflare

GET
H2 200 295e891a-7a4e-11ec-896b-afd10bcf2b4e.png
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/custom/image/ 7 KB
8 KB 49ms
49ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/custom/image/295e891a-7a4e-11ec-896b-afd10bcf2b4e.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba0e03fc02c15c4910af1d379b27c467d42ca396b62e17801ebc53fb8a661da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "61e9f952-22ed"
age: 6145259
cf-cache-status: HIT
expires: Tue, 01 Jul 2025 20:36:53 GMT
cf-polished: origFmt=png, origSize=8941
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: image/webp
content-disposition: inline; filename="295e891a-7a4e-11ec-896b-afd10bcf2b4e.webp"
vary: Accept
last-modified: Fri, 21 Jan 2022 00:07:46 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c147fdcd27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7616
server: cloudflare

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 40ms
40ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "551dba72-e1a"
age: 1980124
cf-cache-status: HIT
expires: Fri, 22 Aug 2025 19:16:47 GMT
cf-polished: origFmt=png, origSize=3610
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: image/webp
content-disposition: inline; filename="user_no_avatar.webp"
vary: Accept
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c16ba43d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 978
server: cloudflare

GET
H2 200 newsplus_white.png
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 4 KB
4 KB 48ms
48ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/newsplus_white.png?_dc=1726642885

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "66ea7ac5-2106"
age: 67403
cf-cache-status: HIT
expires: Thu, 18 Sep 2025 07:06:57 GMT
cf-polished: origFmt=png, origSize=8454
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: image/webp
content-disposition: inline; filename="newsplus_white.webp"
vary: Accept
last-modified: Wed, 18 Sep 2024 07:01:25 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c147fded27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4248
server: cloudflare

GET
H2 200 logo-tagline.png
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 5 KB
5 KB 32ms
32ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1726642885

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "66ea7ac5-2ac5"
age: 67402
cf-cache-status: HIT
expires: Thu, 18 Sep 2025 07:06:58 GMT
cf-polished: origFmt=png, origSize=10949
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: image/webp
content-disposition: inline; filename="logo-tagline.webp"
vary: Accept
last-modified: Wed, 18 Sep 2024 07:01:25 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c560c1548c5d27c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5302
server: cloudflare

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 15 KB
7 KB 89ms
28ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: www.nwitimes.com
URL: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70af69885a451e2e9d632a0fd27b554d80238c763ca26eb1231e6acf5407178c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: gzip
x-amz-version-id: TxuTSmzG1Dl3gAShUAzW.cnLnsyGxQaA
etag: "f19dcc0a43b2e81728bde7bb9d86b4fb"
age: 1660
x-cache: Hit from cloudfront
x-amz-cf-id: yt_RbGtp_YROdPTfOsmJHUMXnvbqr4NRaQxX4_Zo1GNJyNx5EflB-g==
date: Thu, 19 Sep 2024 01:44:09 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 18:05:38 GMT
cache-control: max-age=3600
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6660
x-amz-meta-git_commit: 904ac2d
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
74 KB 96ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9c8d9f564d20de24e17a811f03aabcac9c53366c5bf385cf2a8bfbf67bf238a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 02:11:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 02:11:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 75544
x-xss-protection: 0
server: Google Tag Manager

GET 846b67e7-dfca-4422-926a-7c479da362d8
https://www.nwitimes.com/ Frame 0
0

GET a8b66c95-290f-4d13-8de1-7447fe0cbe0f
https://www.nwitimes.com/ Frame 0
0

GET 72819f8e-c231-4661-acb7-213341202643
https://www.nwitimes.com/ Frame 0
0

GET 74f41470-36b0-4e49-a94a-999c9eeeae2b
https://www.nwitimes.com/ Frame 0
0

GET
H2 200 b-904ac2d-fa24dc02.js Show response
tagan.adlightning.com/leeenterprises/ 71 KB
26 KB 35ms
35ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: gzip
etag: "7a41b7e2b9e4a0f06ee27698e5b7b752"
x-amz-version-id: JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
age: 4862048
x-cache: Hit from cloudfront
x-amz-cf-id: fwkg1_e6VfMgw88B7y5uLAlfI_w7wPq5RK-w2pn-Zgi8Ne_KeeckrA==
date: Wed, 24 Jul 2024 19:37:41 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 14:47:48 GMT
cache-control: max-age=31536000
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 26202
x-amz-meta-git_commit: 904ac2d
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bl-dcec6ef-ecfebf48.js Show response
tagan.adlightning.com/leeenterprises/ 198 KB
73 KB 59ms
59ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-dcec6ef-ecfebf48.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c3352c54a7173c414fc5ef7010dcd01e1e9f4a30967e0e3b493a7112aef23d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: gzip
etag: "81bc5e3a18040b82603f80f5c84bf8ba"
x-amz-version-id: XsFIwzLbMDjSSxx3rmUOOTCkpM48Gm6e
age: 26906
x-cache: Hit from cloudfront
x-amz-cf-id: KvBni9A8xmoLpsdAGpPgnlpjFqK816jVegbDG4w8m8FghurEiJY4bQ==
date: Wed, 18 Sep 2024 18:43:23 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2024 18:05:16 GMT
cache-control: max-age=31536000
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 74550
x-amz-meta-git_commit: dcec6ef
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET 68e37d7b-380d-4322-bd21-86b5df8fdf9d
https://www.nwitimes.com/ Frame 0
0

GET
H2 200 /
cmp.osano.com/ Frame 215F 0
0 70ms
23ms Document
text/html 2600:9000:266e:9000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:9000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nwitimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 56421
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Wed, 18 Sep 2024 10:31:29 GMT
etag: W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified: Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront)
x-amz-cf-id: tM9vm_bT5gZTXQpMx2xUG8R4ywwVdNDqNlxnTWjLTwTFmhSuGJx3hA==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 101 KB
26 KB 28ms
27ms Script
application/javascript 2600:9000:266e:2e00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:2e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

606da14e6acf7c35107d38369d2a81e317eb5f4837d3fcefead70105748d5fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: gzip
x-amz-version-id: YWrAN2GpsU0fFbIjnmpMUHO5p_FMn9dt
etag: W/"3750338343c97ec0eaf57cc84a525cf7"
age: 81312
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: zY1-K08UeQs739p5eXGypGcxpFL87-_68oOuS7ox5q9boT7WbG4DZA==
date: Wed, 18 Sep 2024 03:36:38 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
last-modified: Thu, 12 Sep 2024 17:52:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 83f37b03194be210134265ef78592588.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 de.json Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 35 KB
11 KB 24ms
23ms XHR
application/json 2600:9000:266e:2e00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:266e:2e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4c6f22d4825c1840fafaaaa15167e1cc2239f734ea73f60885b7b10635fbb598

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nwitimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-max-age: 86400
content-encoding: br
x-amz-version-id: Gbb170CnUU.wvLxMT736ypvLVkCFZCQC
etag: W/"fb63007425642594f63868fb87ab3810"
age: 71658
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: t45kAK2xyn5aFFk6FJ7WdWDwrRAE6BrZHvfUTnjn96nOVlN9KT49Pg==
date: Wed, 18 Sep 2024 06:32:36 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 12 Sep 2024 17:52:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H3 200 de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 0
0 416ms
390ms Preflight 2600:9000:266e:2e00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:266e:2e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.nwitimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 19 Sep 2024 02:11:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
x-amz-cf-id: FHuuS3WBppwxe7Dpt77d1tx_xZDvKt8kCtyIEl4U0qMsd8_a1yKQlw==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 557 KB
145 KB 125ms
124ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9b677164890601d360b5122efe076245dc9aa29abd470f76b40e4a9f8ccb1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: gzip
expires: Thu, 19 Sep 2024 02:11:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 02:11:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 148197
x-xss-protection: 0
server: Google Tag Manager

GET 14fcc4e4-86d8-40cc-baa5-43f3c61ab57d
https://www.nwitimes.com/ Frame 0
0

GET ec1fff71-479c-4c77-a502-57e186754309
https://www.nwitimes.com/ Frame 0
0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
73 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0765ca6da85d6ec48a024cd4a45804601a99e7a6da66eaad7d66ff625f39af01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 02:11:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 02:11:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 74256
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
81 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfede37f8d361a1854dc3dae1acf276974926b304a2e8d7d00d266395db6530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 02:11:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 02:11:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 83397
x-xss-protection: 0
server: Google Tag Manager

GET a02d7e3d-2efd-4601-b33b-a6330931680e
https://www.nwitimes.com/ Frame 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
99 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3af21374881de83ca78922102ec1f12930cca429e8c23619986cf1762cf675e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 02:11:49 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101604
date: Thu, 19 Sep 2024 02:11:49 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET f5404362-517f-4ffc-9104-e4fd61ab7ba6
https://www.nwitimes.com/ Frame 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
104 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EJ8C1VFYDH&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

414798a4094ab1cffc49b098611a7744e5bfa27a45eb2d5c09c50b58dc71863c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 02:11:49 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106100
date: Thu, 19 Sep 2024 02:11:49 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 /
www.nwitimes.com/tncms/csrf/token/ 0
0 141ms
140ms Fetch
text/html 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nwitimes.com/tncms/csrf/token/

Requested by

Host: www.nwitimes.com
URL: https://www.nwitimes.com/shared-content/art/tncms/api/csrf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Response headers

x-robots-tag: noarchive
content-encoding: gzip
age: 0
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 02:11:49 GMT
content-type: text/html; charset=UTF-8
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-frame-options: SAMEORIGIN
x-vcache: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms: 1.81.0; app15; 0.01s; 4.6M
content-security-policy: upgrade-insecure-requests
cache-control: private, no-cache, no-store, max-age=0
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
content-length: 20
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 83ms
29ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EJ8C1VFYDH&gtm=45je49h0v893785541za200zb6749731&_p=1726711908889&gcs=G100&gcd=13q3pPq2q5l1&npa=1&dma_cps=-&dma=1&tcfd=14n4f&tag_exp=0&cid=1261647175.1726711909&ecid=1279458533&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEAE&_s=1&sid=1726711909&sct=1&seg=0&dl=https%3A%2F%2Fwww.nwitimes.com%2F%2Fnews%2F%2Flocal%2F%2Fcrime%2F-and%2F-courts%2F%2Fsmoke%2F-detector%2F-credited%2F-with%2F-saving%2F-sleeping%2F-couple%2F-in%2F-region%2F-house%2F-fire%2F%2Farticle%2F_25ec0d28%2F-2f20%2F-5e52%2F-a4c5%2F-c2256f465f0a.html&dt=-5e52%20%7C%20nwitimes.com&en=scroll&_fv=1&_nsi=1&_ss=2&ep.domain=nwitimes.com&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.page_type=error&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=news%2Clocal%2Ccrime%2C-and%2C-courts%2Csmoke%2C-detector%2C-credited%2C-with%2C-saving%2C-sleeping%2C-couple%2C-in%2C-region%2C-house%2C-fire%2Carticle%2C_25ec0d28%2C-2f20%2C-5e52&ep.url_fragment=&ep.author=Undefined&ep.eedition_view_type=Page%20View&ep.asset_app=editorial&ep.asset_has_paywall=notset&ep.asset_has_video=no&epn.percent_scrolled=90&up.user_status=anonymous&up.user_subscription=No&up.user_ppid=&up.user_uuid=false&up.user_subscription_date=false&tfd=1833
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EJ8C1VFYDH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.nwitimes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 02:11:49 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 icon.ico
www.nwitimes.com/content/tncms/site/ 1 KB
2 KB 120ms
120ms Other
image/x-icon 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nwitimes.com/content/tncms/site/icon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 7bfcf003308f31cac54114533e931deaf99001d6ff9d01b493ebdb6d3a672c3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html

Response headers

x-vcache: HIT
cache-control: public, max-age=43200
etag: "4ee28b0e-57e"
age: 19766
accept-ranges: bytes
content-length: 1406
date: Wed, 18 Sep 2024 20:42:23 GMT
last-modified: Fri, 09 Dec 2011 22:26:22 GMT
content-type: image/x-icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/846b67e7-dfca-4422-926a-7c479da362d8

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/a8b66c95-290f-4d13-8de1-7447fe0cbe0f

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/72819f8e-c231-4661-acb7-213341202643

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/74f41470-36b0-4e49-a94a-999c9eeeae2b

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/68e37d7b-380d-4322-bd21-86b5df8fdf9d

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/14fcc4e4-86d8-40cc-baa5-43f3c61ab57d

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/ec1fff71-479c-4c77-a502-57e186754309

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/a02d7e3d-2efd-4601-b33b-a6330931680e

Domain: www.nwitimes.com
URL: blob:https://www.nwitimes.com/f5404362-517f-4ffc-9104-e4fd61ab7ba6

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nwitimes.com/	1969-12-31 23:59:59	Name: tncms_csrf_token Value: d8c4c04a5188f8a7267711a80b190329bf3985048bd3f5ea503f7f617f9f610b.b0a5fe7d392f20ee3185

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.nwitimes.com//news//local//crime/-and/-courts//smoke/-detector/-credited/-with/-saving/-sleeping/-couple/-in/-region/-house/-fire//article/_25ec0d28/-2f20/-5e52/-a4c5/-c2256f465f0a.html Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloximages.chicago2.vip.townnews.com
cmp.osano.com
region1.google-analytics.com
tagan.adlightning.com
www.googletagmanager.com
www.gstatic.com
www.nwitimes.com
www.nwitimes.com
104.16.132.24
18.66.147.43
192.104.182.209
2001:4860:4802:34::36
2600:9000:266e:2e00:3:b7e:8940:93a1
2600:9000:266e:9000:3:b7e:8940:93a1
2a00:1450:4001:812::2008
2a00:1450:4001:81d::2003
0765ca6da85d6ec48a024cd4a45804601a99e7a6da66eaad7d66ff625f39af01
19901965530872c43c101f3e4a0c8076397ce1160ba4409c0d91c580cc6d126b
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076
23f33b0d1e2723aa702942eb7986d9a54fc7a7d73bcbefd9b611887c046343ae
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
3af21374881de83ca78922102ec1f12930cca429e8c23619986cf1762cf675e2
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
414798a4094ab1cffc49b098611a7744e5bfa27a45eb2d5c09c50b58dc71863c
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4adce56d5b9e718c9ae4798c09e85846e80100fd12ed65d3aeb234047028cf35
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4c6f22d4825c1840fafaaaa15167e1cc2239f734ea73f60885b7b10635fbb598
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379
5c3352c54a7173c414fc5ef7010dcd01e1e9f4a30967e0e3b493a7112aef23d9
606da14e6acf7c35107d38369d2a81e317eb5f4837d3fcefead70105748d5fd4
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6b32924b6a0600a50a2752cbae7f67cf33d82a5fad1a3873aa855575435f9335
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
70af69885a451e2e9d632a0fd27b554d80238c763ca26eb1231e6acf5407178c
7ba0e03fc02c15c4910af1d379b27c467d42ca396b62e17801ebc53fb8a661da
7bfcf003308f31cac54114533e931deaf99001d6ff9d01b493ebdb6d3a672c3d
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
962f88b62b18780a0b6cf19d5d529db54986db8635f6db5d778a5f3b76a6e78f
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
a9b677164890601d360b5122efe076245dc9aa29abd470f76b40e4a9f8ccb1a6
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b9c8d9f564d20de24e17a811f03aabcac9c53366c5bf385cf2a8bfbf67bf238a
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bfede37f8d361a1854dc3dae1acf276974926b304a2e8d7d00d266395db6530c
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

www.nwitimes.com Open in urlscan Pro 192.104.182.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

83 %HTTPS

63 %IPv6

7 Domains

7 Subdomains

9 IPs

3 Countries

1173 kBTransfer

3809 kBSize

1 Cookies

12 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nwitimes.com Open in urlscan Pro
192.104.182.209 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

83 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

1173 kB
Transfer

3809 kB
Size

1
Cookies

54 HTTP transactions
0 data transactions