www.illinoistimes.com Open in urlscan Pro
209.104.5.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://posting.illinoistimes.com/
Effective URL:
https://www.illinoistimes.com/
Submission Tags: falconsandbox
Submission: On June 14 via api (June 14th 2021, 4:06:24 am UTC) from US

Summary HTTP 183 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 54 IPs in 6 countries across 46 domains to perform 183 HTTP transactions. The main IP is 209.104.5.201, located in Arivaca, United States and belongs to LOGIN, US. The main domain is www.illinoistimes.com.
TLS certificate: Issued by R3 on May 1st 2021. Valid for: 3 months.

This is the only time www.illinoistimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	209.104.5.132 209.104.5.132	22772 (LOGIN) (LOGIN)
18	209.104.5.201 209.104.5.201	22772 (LOGIN) (LOGIN)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12	209.104.5.204 209.104.5.204	22772 (LOGIN) (LOGIN)
5	209.104.5.203 209.104.5.203	22772 (LOGIN) (LOGIN)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	199.19.89.14 199.19.89.14	54105 (SSM-NET) (SSM-NET)
16	172.67.39.17 172.67.39.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	2.22.88.169 2.22.88.169	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
32	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	199.19.89.19 199.19.89.19	54105 (SSM-NET) (SSM-NET)
1 3	99.86.241.40 99.86.241.40	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	208.100.17.183 208.100.17.183	32748 (STEADFAST) (STEADFAST)
2 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
6 6	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.194.137.128 54.194.137.128	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	35.156.153.71 35.156.153.71	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.126 38.27.122.126	174 (COGENT-174) (COGENT-174)
2 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	67.202.110.23 67.202.110.23	32748 (STEADFAST) (STEADFAST)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1 1	35.170.124.134 35.170.124.134	14618 (AMAZON-AES) (AMAZON-AES)
1	52.45.185.178 52.45.185.178	14618 (AMAZON-AES) (AMAZON-AES)
1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:206... 2600:9000:206e:7400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
183	54

2 209.104.5.132 (Arivaca, United States) 2 redirects

ASN22772 (LOGIN, US)

posting.illinoistimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 209.104.5.201 (Arivaca, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

www.illinoistimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 209.104.5.204 (Arivaca, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

media1.fdncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.104.5.203 (Arivaca, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

media2.fdncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.19.89.14 (United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-14.secondstreetmedia.com

embed.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.39.17 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.22.88.169 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-22-88-169.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.19.89.19 (United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-19.secondstreetmedia.com

api.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.241.40 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-40.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

56371af5cd24ef566ecfb5fcbac01ddd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.183 (United States)

ASN32748 (STEADFAST, US)
PTR: ip183.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.79 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.240 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.137.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-137-128.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.153.71 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.23 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.124.134 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.185.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:7400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	doubleclick.net 4 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	208 KB
28	googlesyndication.com pagead2.googlesyndication.com 56371af5cd24ef566ecfb5fcbac01ddd.safeframe.googlesyndication.com tpc.googlesyndication.com	947 KB
20	illinoistimes.com 2 redirects posting.illinoistimes.com www.illinoistimes.com	3 MB
17	fdncms.com media1.fdncms.com media2.fdncms.com	3 MB
16	infolinks.com resources.infolinks.com router.infolinks.com	275 KB
11	google.com apis.google.com adservice.google.com accounts.google.com www.google.com	58 KB
10	pubmatic.com 10 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	3 KB
6	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	4 KB
6	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
6	googletagservices.com www.googletagservices.com	214 KB
5	gstatic.com fonts.gstatic.com ssl.gstatic.com	138 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	305 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	facebook.com 1 redirects www.facebook.com	25 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google.de adservice.google.de	1 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
3	secondstreetapp.com embed.secondstreetapp.com api.secondstreetapp.com media.secondstreetapp.com	73 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	facebook.net connect.facebook.net	68 KB
2	addthis.com s7.addthis.com	142 KB
1	quantcount.com rules.quantcount.com	439 B
1	adentifi.com rtb.adentifi.com	88 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	deepintent.com match.deepintent.com	44 B
1	33across.com ssc-cms.33across.com	72 B
1	rfihub.com 1 redirects p.rfihub.com	754 B
1	bnmla.com match.bnmla.com	114 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com de.tynt.com	289 B
1	addthisedge.com v1.addthisedge.com	1 KB
1	moatads.com z.moatads.com	1 KB
1	googleadservices.com partner.googleadservices.com	444 B
1	2mdn.net s0.2mdn.net	17 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
183	46

	Domain	Requested by
31	securepubads.g.doubleclick.net	www.illinoistimes.com securepubads.g.doubleclick.net www.googletagservices.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.illinoistimes.com pagead2.googlesyndication.com tpc.googlesyndication.com
18	www.illinoistimes.com	www.illinoistimes.com
13	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
12	media1.fdncms.com	www.illinoistimes.com
8	pagead2.googlesyndication.com	www.illinoistimes.com pagead2.googlesyndication.com srcdoc www.googletagservices.com tpc.googlesyndication.com
6	image8.pubmatic.com	6 redirects
6	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	ib.adnxs.com	4 redirects imasdk.googleapis.com
5	media2.fdncms.com	www.illinoistimes.com
4	cm.g.doubleclick.net	4 redirects
4	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	www.facebook.com	1 redirects connect.facebook.net
3	sb.scorecardresearch.com	1 redirects www.illinoistimes.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
3	resources.infolinks.com	www.illinoistimes.com resources.infolinks.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	image4.pubmatic.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	apis.google.com	www.illinoistimes.com apis.google.com
2	connect.facebook.net	www.illinoistimes.com connect.facebook.net
2	platform.twitter.com	www.illinoistimes.com platform.twitter.com
2	s7.addthis.com	www.illinoistimes.com s7.addthis.com
2	imasdk.googleapis.com	www.illinoistimes.com imasdk.googleapis.com
2	fonts.googleapis.com	www.illinoistimes.com embed.secondstreetapp.com
2	posting.illinoistimes.com	2 redirects
1	media.secondstreetapp.com	www.illinoistimes.com
1	pixel.quantserve.com	www.illinoistimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	match.deepintent.com	ssum-sec.casalemedia.com
1	ssl.gstatic.com	accounts.google.com
1	syndication.twitter.com	platform.twitter.com
1	ssc-cms.33across.com	router.infolinks.com
1	p.rfihub.com	1 redirects
1	match.bnmla.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	56371af5cd24ef566ecfb5fcbac01ddd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	secure.quantserve.com	www.illinoistimes.com
1	api.secondstreetapp.com	embed.secondstreetapp.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	www.googletagmanager.com	www.illinoistimes.com
1	embed.secondstreetapp.com	www.illinoistimes.com
183	67

This site contains links to these domains. Also see Links.

Domain
posting.illinoistimes.com
capitalcityvisitor.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
publishwithfoundation.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
www.illinoistimes.fdncms.com R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
media.fdncms.com R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.secondstreetapp.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-07-23`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.illinoistimes.com/
Frame ID: 7E48294D9457B3E9ED0355A0142DDBB7
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 1B1A5716227459E313DFB6F2D7B238EF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html
Frame ID: 39A5043CB47168C0B7C798E268C253C2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1173878604900724&output=html&adk=3868342278&adf=3577538113&lmt=1623634832&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623643565045&bpp=6&bdt=1445&idt=155&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5665435620782&frm=20&pv=2&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982200%2C31060956%2C31061406%2C44736077&oid=3&pvsid=3160264117651440&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=49152&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176
Frame ID: 67931C347585DED6815306627420EA1F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D13FAA4C1CC8F437A48C891382F558A5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.illinoistimes.com
Frame ID: BAD02B62091F0E507AFD8C3DB0F942F1
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Frame ID: 15C81746C9FD4AA4976B8EEA1474975E
Requests: 16 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 64460358C9C1527BBA3A92BD1C329DC2
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveotW3b8nSDLRjvdpnzedqC3CZdYiRiESCL_iUuQtS6PAv2kqaSOSLsR9dce74al97aZi-9phq9AujyYAXuAJLrNc8YI0B_e4zqF3xOJXfMB66nmOUGSr0-L24KRj30aUqAoJbbsBA2iaGrBjZLJfIxGsdpFfLAQASVhw6Lr_8EMVNgmg2I2MEZQMveHkM1TjP0eZOx9DM80PBFBe6abzqQQJinO2-X8OVAHA1nlVgGUj0qCWsDE6ePFourXRkpBCFLJvz4kkzGfsk5N184jXeabmjbNWyk9yXX6IRUP44fSrGu7wDaCBVPLeT&sig=Cg0ArKJSzKA3JTHgiLdwEAE&adurl=
Frame ID: E120867B18F1F716786B392F7599F162
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Frame ID: 15145DEC6A83219167CA4B641E1B3DE5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthr5icA70uufjjdhIu-kVs8sdVs5OpbSzkN7qQQ06dYYURCCwc_emSmgDlEL975a0HbMk3IjDbFiZXOkuet_a2g9UVJlm40Bhcv4gM8vHrAiZIJD9kRTH1lAbi9815hNiDBlbVgC0cQpKxpMWovLzm3340TbWP0SUjThV8NpAQOdAsfQEBGqFeitcNslwDlE_HjSvMgCULGqL00jECrDhour9G-OCAqg-E2NiFgGmEe5uHr498Wq1jX9Tv-VlIM2NW84p3D3lVErxSnmZQ2cq5C-AS4iGyzh8aR6ZZM4PQN1p-5-ThTruFkIRDlDM&sig=Cg0ArKJSzBGMS4dyoThZEAE&adurl=
Frame ID: 9378EC8669B8F3944C01C9D9624D7049
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiIG4dHRU_tYOH0XIzEKDDw_4qGCqNlFy7R5U2PrvK_SjIzZg9Bs55fAff3Vq7SHv7Dt1GPko1nSMOLPteK1iCTdfZcTB0kw7i-4gGFCMnq9PVdg3tVOiBzDiXqrfxSP2jeY57rCLLI1j1q96irRZmkt2GC6oOkqu1Jwo0fEtjHYgwQlhiwW36thACOYo6u-aivCd4AJYk3M7zVwYOjAeiT2jU7S4-ySPJAst0WCEMF4LoOK094XuqYx_5PAmUCfiQ_Z1BlU-DwOGkzvQs84MKC5Bcxuar1PplZBwFzrpjxGSVoe4ICseM3dIzulEMTihxQg&sig=Cg0ArKJSzC36GrZ_yU0aEAE&adurl=
Frame ID: 79A89E94C545BE7E7CEFEA55F5E86706
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzhQEecfPjSYVHWshr-EqlmolnrtuR59Ig3fLaF4G0G-somZjNagCJRfFXPASAholvn8c7YdzRJ9JhOvrfFCMR1C3S91OxkToMJphVmjC8QTuIMSTtXRnbxny9voTyBsDcthXWPBkJVrYlX5DMb3N-UcwA4TkTWKKogMSkAz-pbDm7ZRZRoMmRU1IJPAyYCQv32OvCmz_ebH1Tumggkhg0u3UWxJ12X5ap7YTGJqhsXZLPH5VD66PEceYwFq-6QMLQ6ycKkK-B8g5MMCeH75C26hDM18bCnafSZ-snPaGbjbT9Rk5jX__vl23Y&sig=Cg0ArKJSzBzrSPseoTs5EAE&adurl=
Frame ID: 04743EF24E1DD4B20363CEC1C8BF1F95
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/5439567908973300661
Frame ID: 16961248E2CFF5A817B4155DADB2F22E
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 4740E8D34C5E9CB4E70691F135091F86
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 6D7C61DF3BBAD10F74A67F535D4E33AC
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 44EC7A583AAECE3D058FC0C1D4F46741
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 3F395E6AB2A6363832EC0239E9159BB4
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D808861419571642%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2558fc61fc950c%2526domain%253Dwww.illinoistimes.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.illinoistimes.com%25252Ff2e49278e36c4c4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fillinoistimes%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D500
Frame ID: EC69B7A5E599E79EBBD30BBD0AA2C98F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: AD6CB1059EDB5061ADE568B302940692
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02A2322A1FA086AF1B54FE9381FE43FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://posting.illinoistimes.com/ HTTP 301
https://posting.illinoistimes.com/ HTTP 302
https://www.illinoistimes.com/ Page URL

Detected technologies

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /uikit.*\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

183
Requests

100 %
HTTPS

42 %
IPv6

46
Domains

67
Subdomains

54
IPs

6
Countries

8577 kB
Transfer

17683 kB
Size

25
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://posting.illinoistimes.com/springfield/Search
Title: All

Search URL Search Domain Scan URL

URL: https://posting.illinoistimes.com/springfield/MyProfile
Title: View Profile

Search URL Search Domain Scan URL

URL: https://posting.illinoistimes.com/springfield/Profile/MySettings
Title: Edit Profile

Search URL Search Domain Scan URL

URL: https://capitalcityvisitor.com/capitolcityvisitor/2021/05
Title:

Search URL Search Domain Scan URL

URL: https://posting.illinoistimes.com/springfield/Events/AddEvent
Title: Submit an Event

Search URL Search Domain Scan URL

URL: https://www.facebook.com/illinoistimes/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/illinoistimes/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/ILTimes
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/IllinoisTimes
Title: YouTube

Search URL Search Domain Scan URL

URL: https://publishwithfoundation.com/
Title:

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsur7P7TCzpx7YukxHXp6AGSProyFpKc9i5QktF7pGkj62pxSzTj5ArbRHqUcwvdzDuD3VwFhnrEhZ1v7C-0CA1lFAxWr9CURDdmqFtZdH5kpDMj5Tu4mxgREP_vSTqpj9KSt5ms-f3JggSh-1LWSldZTYylz0FNhK9Jfn4942zQ1vgv0UMaDBl1ObCc0OQcc1p1k4Q27QzaEjssMBKwS86viSJZbvSwMla9XyXi0FYh6h-0I0xggIHwMSPNnWvLkSKc0soHoLQnQ_wylZd3VQgG7XQnD0iMd7ore2r76CRAAHwSdfDmbBu-qmKM9GgdzA&sig=Cg0ArKJSzEMBEncKY_4nEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.riversandroutes.com/
Title: .closeButt { position: absolute; top: 2px; right: 2px; font-weight: 300; font-family: Arial, sans-serif; font-size: 14px; line-height: 14px; width: 14px; height: 14px; border-radius: calc( 14px / 2 ); display: flex; justify-content: space-around; align-items: center; background-color: rgba(255,255,255,0.33); color: rgba(0,0,0,0.33); border: solid 1px rgba(0,0,0,0.33);}.closeButt svg path { stroke: rgba(0,0,0,0.25);}.closeButt:hover { background-color: rgba(255,255,255,1); color: rgba(0,0,0,1); border-color: rgba(0,0,0,1);}.closeButt:hover svg path { stroke: rgba(0,0,0,1);}

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://posting.illinoistimes.com/ HTTP 301
https://posting.illinoistimes.com/ HTTP 302
https://www.illinoistimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 131

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDY0MUQxRTItQzczOS00N0JDLUFGQUUtNkM5QkFGNDZERDhB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC05605E4-4E5A-42C0-B68A-74C8C35BA39C HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=C05605E4-4E5A-42C0-B68A-74C8C35BA39C

Request Chain 132

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=4671442627145516977

Request Chain 133

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-nnRT6fFE2uE5gK9OfDLP6Fd2ENX21vfkmVyiDsc-~A

Request Chain 134

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3543606170 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3543606170 HTTP 302
https://sync.1rx.io/usersync/tradedesk/6d001349-5e03-420c-8288-78a1a62e3002 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003

Request Chain 135

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 137

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.illinoistimes.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.illinoistimes.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.illinoistimes.com%2F&pid=12306&adnxs_uid=4671442627145516977

Request Chain 139

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd77959d6-ccc5-11eb-a5cd-06298ef1e368 HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-qRSwQK5E2uE7iCQHuSwpQd3G5lpBT_Bp~A~UPd77959d6-ccc5-11eb-a5cd-06298ef1e368

Request Chain 141

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=375d41300fad715405c60a4f

Request Chain 142

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzA1NjA1RTQtNEU1QS00MkMwLUI2OEEtNzRDOEMzNUJBMzlD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC05605E4-4E5A-42C0-B68A-74C8C35BA39C HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=C05605E4-4E5A-42C0-B68A-74C8C35BA39C

Request Chain 144

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=875739027553619379

Request Chain 160

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMbVrhmiqksne9HTD_P-2wAABKEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMbVrhmiqksne9HTD_P-2wAABKEAAAIB&dcc=t

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMbVrhmiqksne9HTD_P-2wAABKEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFWKJjoR1VRve0aY1ONQu6U&google_cver=1

Request Chain 163

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMbVrhmiqksne9HTD-P.2wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELXK6qgRYnwHglxGrOBiNGY&google_cver=1&gdpr=1&google_hm=2

Request Chain 165

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-34a1b2c3-bcc6-45db-8b4e-fbc60d7eb2af

Request Chain 171

https://sb.scorecardresearch.com/b?c1=2&c2=15882438&ns__t=1623643566529&ns_c=UTF-8&cv=3.5&c8=Illinois%20Times%2C%20the%20capital%20city%27s%20weekly%20source%20of%20news%2C%20politics%2C%20arts%2C%20entertainment%2C%20culture&c7=https%3A%2F%2Fwww.illinoistimes.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15882438&ns__t=1623643566529&ns_c=UTF-8&cv=3.5&c8=Illinois%20Times%2C%20the%20capital%20city%27s%20weekly%20source%20of%20news%2C%20politics%2C%20arts%2C%20entertainment%2C%20culture&c7=https%3A%2F%2Fwww.illinoistimes.com%2F&c9=

Request Chain 183

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=808861419571642&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2558fc61fc950c%26domain%3Dwww.illinoistimes.com%26origin%3Dhttps%253A%252F%252Fwww.illinoistimes.com%252Ff2e49278e36c4c4%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fillinoistimes&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D808861419571642%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2558fc61fc950c%2526domain%253Dwww.illinoistimes.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.illinoistimes.com%25252Ff2e49278e36c4c4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fillinoistimes%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D500

183 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.illinoistimes.com/
Redirect Chain

http://posting.illinoistimes.com/
https://posting.illinoistimes.com/
https://www.illinoistimes.com/

202 KB
30 KB

433ms
144ms

Document
text/html

209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: b719fe5da21c5d8ecd3250c64aec64a6093294d3843ad16820c2a923fa447b28

Request headers

Host: www.illinoistimes.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:03 GMT
Server: Apache
Last-Modified: Mon, 14 Jun 2021 01:40:32 GMT
X-DN-Cache-Control: max-age=1800
Cache-Control: max-age=600, s-maxage=900
X-DN-GyrobaseID: illinoistimes-Content-0-Home
X-Gyrobase-Publication: illinoistimes
Vary: Host,Accept-Encoding
Content-Encoding: gzip
Age: 1531
Content-Length: 30380
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Mon, 14 Jun 2021 04:06:03 GMT
Server: Apache
Location: https://www.illinoistimes.com/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 190
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK desktop.css
www.illinoistimes.com/fdn-system/assets/pub/styles/ 533 KB
73 KB 271ms
142ms Stylesheet
text/css 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/fdn-system/assets/pub/styles/desktop.css?cb=ecae4b76205a9e042ec5595bfa23418a
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: af82b204ec252b41dc3b687b20f67faae6d082dc5c17dd737ed2fd817369008b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Jun 2021 00:48:48 GMT
Server: Apache
Age: 1657
ETag: "852ec-5c486fcb5fc00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 74390
Expires: Thu, 17 Jun 2021 03:38:26 GMT

GET
H/1.1 200
OK uikit.js Show response
www.illinoistimes.com/fdn-system/assets/pub/scripts/ 332 KB
64 KB 568ms
284ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/fdn-system/assets/pub/scripts/uikit.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: fb0a7740b729ec4015f6c69ef4b4683322e62374f165f7c4362cb448636ff588

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Jun 2021 00:48:48 GMT
Server: Apache
Age: 37677
ETag: "52f2c-5c486fcb5fc00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 65323
Expires: Wed, 16 Jun 2021 17:38:06 GMT

GET
H/1.1 200
OK uikit-icons-fdn.js Show response
www.illinoistimes.com/fdn-system/assets/pub/scripts/ 236 KB
91 KB 568ms
284ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/fdn-system/assets/pub/scripts/uikit-icons-fdn.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 6f970a77b18c5abc9ad96241dc9df8377582f6327773e09d81e75d77550e516b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Jun 2021 00:48:48 GMT
Server: Apache
Age: 37822
ETag: "3ae2a-5c486fcb5fc00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 92348
Expires: Wed, 16 Jun 2021 17:35:41 GMT

GET
H/1.1 200
OK brands.min.js Show response
www.illinoistimes.com/foundation/fontawesome/js/ 437 KB
187 KB 148ms
144ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/foundation/fontawesome/js/brands.min.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 1c60fbb2cbbef335bceb50752f77180c710787594e46f9e00d13121c489af0f5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Feb 2021 00:33:24 GMT
Server: Apache
Age: 37822
ETag: "6d592-5bb7d5de2bd00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 191591
Expires: Wed, 16 Jun 2021 17:35:42 GMT

GET
H/1.1 200
OK solid.min.js Show response
www.illinoistimes.com/foundation/fontawesome/js/ 1 MB
360 KB 147ms
144ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/foundation/fontawesome/js/solid.min.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 5a1b092d7e105d5ecda0bd16c3642bc9c9a19ce1c86318331d81c8d40217641c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Feb 2021 00:33:24 GMT
Server: Apache
Age: 37822
ETag: "116b58-5bb7d5de2bd00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 368077
Expires: Wed, 16 Jun 2021 17:35:42 GMT

GET
H/1.1 200
OK regular.min.js Show response
www.illinoistimes.com/foundation/fontawesome/js/ 1 MB
460 KB 146ms
143ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/foundation/fontawesome/js/regular.min.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 1295392dc1ad49ec647789fb43abc365e98aee26822f397ba16a24d9acf6a689

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Feb 2021 00:33:24 GMT
Server: Apache
Age: 37822
ETag: "155d35-5bb7d5de2bd00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 470648
Expires: Wed, 16 Jun 2021 17:35:42 GMT

GET
H/1.1 200
OK fontawesome.min.js Show response
www.illinoistimes.com/foundation/fontawesome/js/ 36 KB
13 KB 145ms
142ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/foundation/fontawesome/js/fontawesome.min.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 380a2b96ba56a2981cd1c689b78edd8b91096f843ebec8ba62de16c8d8afd2fb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Feb 2021 00:33:24 GMT
Server: Apache
Age: 37821
ETag: "91a7-5bb7d5de2bd00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 13011
Expires: Wed, 16 Jun 2021 17:35:42 GMT

GET
H/1.1 200
OK light.min.js Show response
www.illinoistimes.com/foundation/fontawesome/js/ 1 MB
511 KB 149ms
146ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/foundation/fontawesome/js/light.min.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 9f44becebd35a6e9ec71d4917ee8690eb00a0b0f0c9c7fa230f504464e9c643c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Feb 2021 00:33:24 GMT
Server: Apache
Age: 37822
ETag: "17be80-5bb7d5de2bd00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 523364
Expires: Wed, 16 Jun 2021 17:35:42 GMT

GET
H/1.1 200
OK duotone.min.js Show response
www.illinoistimes.com/foundation/fontawesome/js/ 1 MB
367 KB 146ms
143ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/foundation/fontawesome/js/duotone.min.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 51643413920fb7346927f681edf04d04a89cbdd95e4b1f6c52808328bf92ad4e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Feb 2021 00:33:24 GMT
Server: Apache
Age: 37822
ETag: "12d01e-5bb7d5de2bd00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 375695
Expires: Wed, 16 Jun 2021 17:35:42 GMT

GET
H/1.1 200
OK common.js Show response
www.illinoistimes.com/foundation/scripts/ 215 KB
71 KB 568ms
284ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/foundation/scripts/common.js?cb=81b685a73e93c4b7b86e06a962b6d052
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 3d2ec1d990e7d6960d1af17e80926efcfea6af96338090068528678e119f6c13

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 23:29:56 GMT
Server: Apache
Age: 1657
ETag: "35a67-5b97173098500"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 72297
Expires: Thu, 17 Jun 2021 03:38:26 GMT

GET
H/1.1 200
OK foundation-air.js Show response
www.illinoistimes.com/foundation/scripts/ 787 KB
222 KB 432ms
145ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/foundation/scripts/foundation-air.js?cb=81b685a73e93c4b7b86e06a962b6d052
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: be7d16111871ab9df1c1f3be05e8ed51a06e32bb79eadf6c4a5340ed98ae3f93

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 23:29:57 GMT
Server: Apache
Age: 1777
ETag: "c4c97-5b9717318c740"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 227258
Expires: Thu, 17 Jun 2021 03:36:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
917 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,700|Open+Sans:400,700&display=swap

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a532b4812e845c8dee24485c9a229af78ca6f52ffd4e2409a90aadc7fef13cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 04:06:03 GMT
server: ESF
date: Mon, 14 Jun 2021 04:06:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 04:06:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d45210c94f35daaa1999be70652b41de8d934bfdb626ac6a09cfe6bd275ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48388
x-xss-protection: 0
server: cafe
etag: 352979060397452839
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Jun 2021 04:06:04 GMT

GET
H/1.1 200
OK ResizeSensor.js Show response
www.illinoistimes.com/fdn-system/assets/pub/scripts/ 10 KB
3 KB 434ms
146ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/fdn-system/assets/pub/scripts/ResizeSensor.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: f4e87dbef76aeb895e03dc869941f350590358f687a655886f20ebc58fae40a2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:03 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Jun 2021 00:48:48 GMT
Server: Apache
Age: 37822
ETag: "2778-5c486fcb5fc00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 2660
Expires: Wed, 16 Jun 2021 17:35:41 GMT

GET
H/1.1 200
OK ElementQueries.js Show response
www.illinoistimes.com/fdn-system/assets/pub/scripts/ 20 KB
5 KB 581ms
146ms Script
application/x-javascript 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.illinoistimes.com/fdn-system/assets/pub/scripts/ElementQueries.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: bcf1b3b9f4e409166c14acc07c5f3cfe13f2790c5f7690168be8bb4d63f456ed

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:04 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Jun 2021 00:48:48 GMT
Server: Apache
Age: 37822
ETag: "4f1d-5c486fcb5fc00"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4866
Expires: Wed, 16 Jun 2021 17:35:41 GMT

GET
H/1.1 200
OK mainLogo.svg
www.illinoistimes.com/images/logos/ 10 KB
10 KB 377ms
144ms Image
image/svg+xml 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.illinoistimes.com/images/logos/mainLogo.svg
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: c9a12faa8ddf17fb72213baa01c910ec562d4088a8decbe07bedda2ce9563b0c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Thu, 09 May 2019 16:48:11 GMT
Server: Apache
Age: 37822
ETag: "26f3-588773721c8c0"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 9971

GET
H/1.1 200
OK screen_shot_2021-06-09_at_3.34.18_pm.jpg
media1.fdncms.com/illinoistimes/imager/u/16x9-m/13686174/ 165 KB
166 KB 442ms
147ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/16x9-m/13686174/screen_shot_2021-06-09_at_3.34.18_pm.jpg

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

ceb95f5b7a8028d1208d7f92afda38c528f7a7777390d618c995330292e37f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Wed, 09 Jun 2021 20:37:49 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 161422
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 169417
Expires: Sat, 10 Jul 2021 07:15:45 GMT

GET
H/1.1 200
OK cover_1.jpg
media1.fdncms.com/illinoistimes/imager/u/16x9-m/13654188/ 261 KB
261 KB 428ms
142ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/16x9-m/13654188/cover_1.jpg

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

0dfeb30177fa61537cb219b67b3efbd55d117b9706b25b62d09aaa35597d0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Thu, 03 Jun 2021 13:02:04 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 24517
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 266965
Expires: Sun, 11 Jul 2021 21:17:29 GMT

GET
H/1.1 200
OK cover01.jpg
media1.fdncms.com/illinoistimes/imager/u/16x9-m/13593186/ 234 KB
235 KB 438ms
146ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/16x9-m/13593186/cover01.jpg

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

a326a8858bb826358a393bf587e5e40e7989d10e1b482aa779a1e35028d52582

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Thu, 20 May 2021 14:59:32 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 46004
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 240092
Expires: Sun, 11 Jul 2021 15:19:23 GMT

GET
H/1.1 200
OK cover01.jpg
media1.fdncms.com/illinoistimes/imager/u/16x9-m/13563894/ 187 KB
187 KB 435ms
146ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/16x9-m/13563894/cover01.jpg

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

d35c79e81225e4c05eb5bb1849bcd6927618c067e220b27c209fbcf740210430

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Thu, 13 May 2021 15:13:03 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 46004
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 191200
Expires: Sun, 11 Jul 2021 15:19:23 GMT

GET
H/1.1 200
OK cover.jpg
media2.fdncms.com/illinoistimes/imager/u/16x9-m/13534094/ 175 KB
176 KB 443ms
145ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/illinoistimes/imager/u/16x9-m/13534094/cover.jpg

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

efe020641ee2fd84ed591a45d4bf251d4fc528579162708e46c7625827c0b520

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Thu, 06 May 2021 13:09:13 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 46106
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 179331
Expires: Sun, 11 Jul 2021 15:17:40 GMT

GET
H/1.1 200
OK apple-touch-icon-iphone.png
www.illinoistimes.com/ 6 KB
6 KB 232ms
143ms Image
image/png 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.illinoistimes.com/apple-touch-icon-iphone.png
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 78617ae9ba35535ee5013ac4f0ac3c6622077de9b1801fd3d07ab7a1a0017064

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Mon, 24 Jun 2019 19:19:17 GMT
Server: Apache
Age: 37821
ETag: "16f2-58c16b0353740"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 5874
Expires: Sun, 11 Jul 2021 17:35:45 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 338 KB
116 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118262
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:04 GMT

GET
H/1.1 200
OK visitorguidecover2021.PNG
www.illinoistimes.com/binary/6677/ 650 KB
650 KB 172ms
142ms Image
image/png 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.illinoistimes.com/binary/6677/visitorguidecover2021.PNG
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 40dbf3fc1d4ae39ba2bfd7ba64789dad731dcfada53fcc93019686fe51a771db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Fri, 07 May 2021 23:10:46 GMT
Server: Apache
Age: 37822
Vary: Host
X-DN-Cache-Control: max-age=2419202
Content-Type: image/png
Content-Length: 665653
Expires: Sun, 11 Jul 2021 17:35:45 GMT

GET
H/1.1 200
OK optin.js Show response
embed.secondstreetapp.com/Scripts/dist/ 176 KB
52 KB 373ms
117ms Script
application/javascript 199.19.89.14
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.14 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-14.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:04 GMT
Content-Encoding: gzip
ETag: "0d3b302c5fd71:0"
Last-Modified: Sat, 12 Jun 2021 01:42:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 113
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 52427

GET
H/1.1 200
OK PoweredByFoundation.svg
www.illinoistimes.com/foundation/images/ 20 KB
21 KB 147ms
147ms Image
image/svg+xml 209.104.5.201
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.illinoistimes.com/foundation/images/PoweredByFoundation.svg
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.201 Arivaca, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 919e5d30a059272ad78c3e4babcd96f99e357ab5249f8d504071701b0db44a08

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.illinoistimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.illinoistimes.com/
Connection: keep-alive
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Fri, 26 Jun 2020 21:11:58 GMT
Server: Apache
Age: 37752
ETag: "515e-5a90328cbe380"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 20830

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 71ms
27ms Script
application/javascript 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca0ae60e1130ffcb656c7cb11791bc3b52be8d790bc166f126a844583d420d74

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 65f0af18cfc5089b-CDG
date: Mon, 14 Jun 2021 04:06:04 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2021 11:50:28 GMT
server: cloudflare
age: 910
etag: W/"da3-5c4a458dbb4b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
cf-request-id: 0aaa4bc37a0000089bc2318000000001
expires: Mon, 14 Jun 2021 04:50:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1362182-1

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

963aebed8101db351fb1f5bd5a2abda0beae2bea66c1a64efb4dee16a725b0cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36106
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 75ms
24ms Script
application/javascript 2.22.88.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.22.88.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-22-88-169.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 14 Jun 2021 04:06:04 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 39ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 202 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 26ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6795)
Age: 49
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/foundation/scripts/foundation-air.js?cb=81b685a73e93c4b7b86e06a962b6d052

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

819cab5e76863688f9f2ae5c001771dcb083b0d85e34cc83ec1d3ea4e05f9b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +mO/PQGtb4axGVdAB9OkzA==
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
cross-origin-resource-policy: cross-origin
expires: Mon, 14 Jun 2021 04:16:47 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: j4fnwcXaw6Ym560SBvBI2HwOmFQzqygr3tkJMmm/NdNMlqaXft6+Dvuu31tEoImRHkmkwQ/3nZdnLnowVBHcew==
x-fb-trip-id: 686109401
x-fb-content-md5: ba2161708b7736a73db0a381a780b378
date: Mon, 14 Jun 2021 04:06:05 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d3d550b1eba9f752ff46de9226734a76"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/foundation/scripts/foundation-air.js?cb=81b685a73e93c4b7b86e06a962b6d052

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xDln3wFCSuWBUhbZJyT12Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "a68431d28598ca094cc7a5b791b0415c"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-xDln3wFCSuWBUhbZJyT12Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700|Open+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.illinoistimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:37:01 GMT
x-content-type-options: nosniff
age: 167343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:37:01 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700|Open+Sans:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.illinoistimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:48:20 GMT
x-content-type-options: nosniff
age: 170264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:48:20 GMT

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47352b3c22b7f2b4a9e9f9f191d3e81e748bbffb79a44d91ffc974855ca998c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ 231 KB
85 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1173878604900724&plah=www.illinoistimes.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87427
x-xss-protection: 0
server: cafe
etag: 18285230650351733317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 1B1A 10 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.illinoistimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.illinoistimes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 08:20:10 GMT
expires: Sun, 27 Jun 2021 08:20:10 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
age: 71155
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK news01.jpg
media2.fdncms.com/illinoistimes/imager/u/r-big16x10/13685617/ 292 KB
292 KB 441ms
147ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/illinoistimes/imager/u/r-big16x10/13685617/news01.jpg?cb=1623331597

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

2381e2e687872368a9c570016681cb33629ba45d87603f6e4d4bae502f734e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Thu, 10 Jun 2021 13:26:37 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 132581
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 298529
Expires: Sat, 10 Jul 2021 15:16:26 GMT

GET
H/1.1 200
OK news02.jpg
media2.fdncms.com/illinoistimes/imager/u/r-big16x10/13685621/ 155 KB
155 KB 435ms
144ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/illinoistimes/imager/u/r-big16x10/13685621/news02.jpg?cb=1623331629

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

770a3a6ce5e964147151838d7ee321886872c76788e2d904fee22274c20b6b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Thu, 10 Jun 2021 13:27:09 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 132581
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 158227
Expires: Sat, 10 Jul 2021 15:16:26 GMT

GET
H/1.1 200
OK rich_miller_278.0.0.jpg
media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13685633/ 69 KB
69 KB 427ms
142ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13685633/rich_miller_278.0.0.jpg?cb=1623331714

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

ff1440702945cffe562b5e8462d2259d372ed6d28264169f6f9d9c8e20d21c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Last-Modified: Thu, 10 Jun 2021 13:28:34 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 132581
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 70177
Expires: Sat, 10 Jul 2021 15:16:26 GMT

GET
H/1.1 200
OK guestwork.jpg
media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13685637/ 268 KB
269 KB 352ms
146ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13685637/guestwork.jpg?cb=1623331658

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

614e175e0e8ae71043a6f933bf4b62335024b146d9e61dafb22606e700a7f022

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Thu, 10 Jun 2021 13:27:38 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 131292
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 274709
Expires: Sat, 10 Jul 2021 15:37:55 GMT

GET
H/1.1 200
OK screen_shot_2021-06-09_at_3.34.18_pm.jpg
media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13686174/ 162 KB
163 KB 231ms
148ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13686174/screen_shot_2021-06-09_at_3.34.18_pm.jpg?cb=1623271069

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

4d823a4e5ce94795fc96798925020333db1307b0439fedc164e9d56765dc69d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Wed, 09 Jun 2021 20:37:49 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 161167
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 166377
Expires: Sat, 10 Jul 2021 07:20:00 GMT

GET
H/1.1 200
OK letters01.jpg
media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13685627/ 191 KB
191 KB 148ms
148ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13685627/letters01.jpg?cb=1623264328

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

77c3400602c6775464fc877123e5a4cf58d2b17ed85143030bef4c6ec82b26c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Wed, 09 Jun 2021 18:45:28 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 161167
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 195386
Expires: Sat, 10 Jul 2021 07:20:00 GMT

GET
H/1.1 200
OK food.jpg
media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13685672/ 169 KB
169 KB 146ms
145ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13685672/food.jpg?cb=1623332330

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

b300bb4687a69e113e89fbc14178e4a2c5a0c5d9dcdaea96117683ba87516e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Thu, 10 Jun 2021 13:38:50 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 130784
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 172551
Expires: Sat, 10 Jul 2021 15:46:24 GMT

GET
H3-29 200 bridge3.464.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 39A5 575 KB
188 KB 20ms
6ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9d5e09558279565ec0682c25b6e19e7ba308333de0d5f4b50ca21e8dc6ce83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.464.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.illinoistimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.illinoistimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192661
date: Sat, 12 Jun 2021 09:53:55 GMT
expires: Sun, 12 Jun 2022 09:53:55 GMT
last-modified: Tue, 08 Jun 2021 16:24:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 151930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:06 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de472c7bfbac33dfd35ab64ddebb17c60b12151931d1b3717813425c1400571f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK mansa_musa_by_austin_well_from_ism_press_release.jpg
media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13559768/ 205 KB
205 KB 146ms
146ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/r-big16x10/13559768/mansa_musa_by_austin_well_from_ism_press_release.jpg?cb=1620765739

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

932f99bdd5804c86713c8891d666d75feaa1180c145d79f57ffbd889e9d5ce70

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Tue, 11 May 2021 20:42:19 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 80012
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 209809
Expires: Sun, 11 Jul 2021 05:52:35 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
444 B 16ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.illinoistimes.com&callback=_gfp_s_&client=ca-pub-1173878604900724

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1173878604900724&plah=www.illinoistimes.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

75d43068f2494b0681b0620340f894bbea10af594e8f3d95a969a2fbfa31fd13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.illinoistimes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 33ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.illinoistimes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6793 603 B
68 B 34ms
32ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1173878604900724&output=html&adk=3868342278&adf=3577538113&lmt=1623634832&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623643565045&bpp=6&bdt=1445&idt=155&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5665435620782&frm=20&pv=2&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982200%2C31060956%2C31061406%2C44736077&oid=3&pvsid=3160264117651440&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=49152&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1173878604900724&output=html&adk=3868342278&adf=3577538113&lmt=1623634832&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623643565045&bpp=6&bdt=1445&idt=155&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5665435620782&frm=20&pv=2&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982200%2C31060956%2C31061406%2C44736077&oid=3&pvsid=3160264117651440&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=49152&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.illinoistimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.illinoistimes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Jun 2021 04:06:05 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Jun-2021 04:21:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Jun 2021 04:06:05 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:06 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D13F 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 03:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 04:26:13 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84b742c171dadedcad5db808d8dca7c9b19487365533eee7919cebe8e88c3cf6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 359 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d295212d1518f876a5454f6a5b90194b607b11a81a16a816e91c7f0d706ed0a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 1813511 Show response
api.secondstreetapp.com/audience_signup_widgets/ 3 KB
2 KB 584ms
337ms Script
text/javascript 199.19.89.19
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.secondstreetapp.com/audience_signup_widgets/1813511?callback=secondStreetOptinWidget_1813511
Requested by: Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.19 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-19.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6bee7c2287dde885ae029ce46c5dfa0b956b792779607e56f3e98ab5ec13fc97

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:05 GMT
Content-Encoding: br
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 81
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|a9eed1f2-42c8-45bb-8ae7-76d80b5e103e|C69601|CD14
Cache-Control: private
Expires: Mon, 14 Jun 2021 04:16:06 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b72d5158628601126495a0d4231bb7f963ebaec631896f7b6a21f5d2f15d71c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK juneteenth04.jpg
media2.fdncms.com/illinoistimes/imager/u/r-bigsquare/13685652/ 45 KB
46 KB 144ms
144ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/illinoistimes/imager/u/r-bigsquare/13685652/juneteenth04.jpg?cb=1623330924

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

091c34a7f8718b4dd335584074f7ae9ac8439d0bcaf26d22d34a960a155ba7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Thu, 10 Jun 2021 13:15:24 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 132568
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 46418
Expires: Sat, 10 Jul 2021 15:16:39 GMT

GET
H/1.1 200
OK sgcalendar01.jpg
media2.fdncms.com/illinoistimes/imager/u/r-bigsquare/13622459/ 85 KB
86 KB 219ms
145ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/illinoistimes/imager/u/r-bigsquare/13622459/sgcalendar01.jpg?cb=1622059396

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

26a6fbd0e834ebccbd923a4a6ebb7f3e740eae994784694906cb5021f8529991

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Wed, 26 May 2021 20:03:16 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 103614
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 87205
Expires: Sat, 10 Jul 2021 23:19:13 GMT

GET
H/1.1 200
OK screen_shot_2021-06-09_at_3.34.18_pm.jpg
media1.fdncms.com/illinoistimes/imager/u/r-bigsquare/13686174/ 54 KB
54 KB 156ms
156ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/r-bigsquare/13686174/screen_shot_2021-06-09_at_3.34.18_pm.jpg?cb=1623271069

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

e80a99eedd9d278fb9e047b5e213eec44711e86d073f649e7bcce3bf9cb29ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Wed, 09 Jun 2021 20:37:49 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 143505
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 55123
Expires: Sat, 10 Jul 2021 12:14:22 GMT

GET
H/1.1 200
OK food.jpg
media1.fdncms.com/illinoistimes/imager/u/r-bigsquare/13685672/ 53 KB
53 KB 151ms
151ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/illinoistimes/imager/u/r-bigsquare/13685672/food.jpg?cb=1623332330

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

66d63653c7dddb0aa40c3064812e656bf2c39552426da16d0c4416012913e87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Last-Modified: Thu, 10 Jun 2021 13:38:50 GMT
Server: Apache
X-Gyrobase-Publication: illinoistimes
Age: 132581
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 54126
Expires: Sat, 10 Jul 2021 15:16:27 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1744.004-3.012/ 588 KB
188 KB 30ms
29ms Script
application/javascript 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1744.004-3.012/ice.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffa811ff2834d53f32832c8b70d7df7208264e144629487bbd91179ca13a5eca

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 65f0af1b6ac9089b-CDG
date: Mon, 14 Jun 2021 04:06:05 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 28 May 2021 14:41:16 GMT
server: cloudflare
age: 13506
etag: W/"9312d-5c364de427ed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 0aaa4bc5200000089b1fb15000000001
expires: Wed, 14 Jul 2021 00:20:59 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 97ms
31ms Script
application/javascript 99.86.241.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-40.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 03:36:45 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1762
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: MOWHbrU1Nm2SHQ0An09fqQjrEDJeyWILwvsXEyiIY5FDy7_ZCSyVMA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 24ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 21 Jun 2021 04:06:06 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 56ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=19970
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e8b8694c55bf0c3/ 2 KB
1 KB 476ms
182ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e8b8694c55bf0c3/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3db0e7ae3d28e06921dfec85be78f611b236b16e119b111ba2d81af69357d5f8

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
content-encoding: gzip
etag: 845202983--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=56, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 867

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
112 KB 34ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame BAD0 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.illinoistimes.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.illinoistimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.illinoistimes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 285669
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 14 Jun 2021 04:06:05 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1362182-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6086
date: Mon, 14 Jun 2021 02:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 14 Jun 2021 04:24:40 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 223 KB
65 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b0b3bda7650a068b4deb0746987d7f79&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a04bf86f66bb62664a8db9037e41bbea13cee656222db85c45e1f90ad6f4a5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.illinoistimes.com
Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4QrgQqe84IRbM7ZhVcUE5w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66890
x-fb-rlafr: 0
x-fb-debug: UCpTcF962iUa4YL/1DMqO6jUCCaGEgLvcN1QKlGfwFJqLm1Xtq7AkPQkj+hS8VtWrNiytmR648dfBjTwXKRYMw==
x-fb-content-md5: 5590bc23ca4e6f891a6ae710437c0f07
x-frame-options: DENY
date: Mon, 14 Jun 2021 04:06:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4073b86645dcf85f9e327d106c9ece18"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Jun 2022 02:38:43 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 103 KB
34 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35022
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 08:00:38 GMT

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.012/ 253 KB
80 KB 31ms
31ms Script
application/javascript 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.012/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1744.004-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 65f0af1ccc13089b-CDG
date: Mon, 14 Jun 2021 04:06:05 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 13:31:34 GMT
server: cloudflare
age: 13626
etag: W/"3f394-5bc292b988e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 0aaa4bc5f90000089bfe902000000001
expires: Wed, 14 Jul 2021 00:18:59 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 15C8 8 KB
2 KB 127ms
126ms Document
text/html 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1744.004-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 252ab97ee499d7d23a00614970c623278062851d9cfe59f3cd513e48e039ec74

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.illinoistimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.illinoistimes.com/

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0aaa4bc60d0000089bba121000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65f0af1cec2b089b-CDG
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
59 B 123ms
123ms Script
text/plain 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3312917&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1744.004-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 65f0af22aa85089b-CDG
content-length: 0
cf-request-id: 0aaa4bc9ac0000089b0326f000000001

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.illinoistimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.illinoistimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 63ms
62ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_leaderboard_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565685&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=326&adys=188&adks=4240863125&ucis=1&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x8&msz=728x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

39d97cb8d10a21871f5786b3e50a57f6a71043a2f34208fb3700e98af30e85f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12674
x-xss-protection: 0
google-lineitem-id: 5697892483
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138350113499
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
56371af5cd24ef566ecfb5fcbac01ddd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 46ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://56371af5cd24ef566ecfb5fcbac01ddd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 55ms
55ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_spotlight_220x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=220x90&prev_scp=viewportsize%3DLVP%2CSVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565688&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=1054&adys=188&adks=1157147286&ucis=2&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=220x8&msz=220x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=220&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

21e0f6fdadab8fbe7dd3f982d1c103e1799658fdde841463fc8f7baf878c82b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12586
x-xss-protection: 0
google-lineitem-id: 5681967768
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351375668
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 435 B
250 B 38ms
37ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_pencil_970x45&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x45&prev_scp=viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565691&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=196&adks=3683225529&ucis=3&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x8&msz=980x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=980&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

efe19584191f0d14a12cb073568aa20d05b1b3c4c4c2d55c42918b1a39eacbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
273 B 69ms
68ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DMainContent%2CLeft%2CUpper%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565692&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=1764&adks=1779370454&ucis=4&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=331x15&msz=331x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=331&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

664a77d8c8ee2817a5ce1a523d91619bf9d5eaf6ede7dd3ff51b5a6c493f154d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 63ms
62ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DMainContent%2CRight%2CUpper%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565694&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=641&adys=1764&adks=2073913150&ucis=5&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=331x15&msz=331x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=331&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1e295501da993eb0d8f58398611a5c8bed503fdde2ef5361e2ba210c9441315b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12606
x-xss-protection: 0
google-lineitem-id: 5683789406
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348846142
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
271 B 77ms
76ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DMainContent%2CLeft%2CMiddle%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565695&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=2315&adks=1933006825&ucis=6&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=331x15&msz=331x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=331&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bdf088a945996c8946afb09540a08312d626772822c80f1a50a77506d3ce5002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
272 B 74ms
73ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DMainContent%2CRight%2CMiddle%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565696&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=641&adys=2315&adks=342564583&ucis=7&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=331x15&msz=331x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=331&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bd42dcba649e6fc1e6dc35d07b8837b148034e6a1b31c2bc400a11db707dabcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 55ms
55ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DMainContent%2CLeft%2CLower%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565698&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=3485&adks=232517221&ucis=8&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=331x15&msz=331x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=331&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

cc1e5fb62639ccdfb7e1c592af6f0f3bba106e9fb79161db1400766eba8794b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14096
x-xss-protection: 0
google-lineitem-id: 5693620506
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349743006
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
274 B 100ms
99ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DMainContent%2CRight%2CLower%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565699&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=641&adys=3485&adks=2728475807&ucis=9&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=331x15&msz=331x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=331&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e89e11e20eb100d2cb16389b487c8cc09da5068455cef7ce504cdb1551d87d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
260 B 42ms
42ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_3_to_1_300x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100&prev_scp=pageplacement%3DRightRail%2CUpper%26viewportsize%3DSVP%2CLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565701&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=1241&adks=3225971127&ucis=a&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=300&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

732babb8d82695b3300099007ae46f2b38e799a25c1dbce5abe047387e8c89e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
274 B 87ms
86ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DRightRail%2CUpper%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565702&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=1256&adks=2075871384&ucis=b&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x15&msz=300x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=300&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

14ba8426bdf97d6b4ee638e43a30dd03f4efa02fa2f2577f2d558736177a6442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 74ms
72ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_halfpage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=pageplacement%3DRightRail%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565703&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=2032&adks=823545731&ucis=c&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=300&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e8b9606094b65e5b858db2d4cd54b302eea636dcdc64ecf43e9223fdba54ea22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12661
x-xss-protection: 0
google-lineitem-id: 5708521674
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352017295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
259 B 81ms
80ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_3_to_1_300x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100&prev_scp=pageplacement%3DRightRail%2CMiddle%26viewportsize%3DSVP%2CLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565704&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=2249&adks=2812328638&ucis=d&ifi=14&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=300&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

95d34bf77b74c56e6221d7e75bd6f389f253275795fea67c07708fab6e7c4324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
264 B 83ms
82ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DRightRail%2CMiddle%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565705&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=2273&adks=1083009781&ucis=e&ifi=15&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x24&msz=300x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=300&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c422c61bba668a681be54bba76326d9a4c3800276f6ed9e3f8a852a42d4fa7c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
261 B 63ms
62ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_3_to_1_300x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100&prev_scp=pageplacement%3DRightRail%2CLower%26viewportsize%3DSVP%2CLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565706&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=2763&adks=391653695&ucis=f&ifi=16&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=300&btvi=12&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

123f9922b94f951e94fc684fae3003c2046fe1dd66a9e7266d3732a2bbe93749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
272 B 94ms
93ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_mediumrectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=pageplacement%3DRightRail%2CLower%26viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565707&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=2787&adks=2849056998&ucis=g&ifi=17&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x24&msz=300x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=4&ohw=300&btvi=13&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a0dc87b590e31e66accf570804b48b1f3cc7f08356e50f284f42133cfa544626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
4 KB 95ms
94ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_superleaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=viewportsize%3DSVP%2CMVP%2CLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565708&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4244349821&ucis=h&ifi=18&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c65415f7040531e3c198e6dd8a7181e4158f814e8e08421de2222af4fe41cf84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3832
x-xss-protection: 0
google-lineitem-id: 5698147430
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138350093853
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 430 B
253 B 88ms
87ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3160264117651440&correlator=1156638533488864&output=ldjh&impl=fif&eid=31061039%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=1497570%2Cfdn_siteskin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=viewportsize%3DLVP&cust_params=template%3DHome%26media%3Dscreen&cookie_enabled=1&bc=31&abxe=1&lmt=1623634832&dt=1623643565709&dlt=1623643563600&idt=2031&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=870257370&ucis=i&ifi=19&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.illinoistimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=2064410747.1623643565&ga_sid=1623643565&ga_hid=1891474227&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ca8f6615de0ca17dfbd509adacf6d61c54b61399c2e2e317f45761a38310a965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 6446 513 B
924 B 35ms
15ms Document
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3dda88c0f4d69b6b58784ee4b6ba0c2538811c31d130d9687c1151fb816e487a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HZ0Wc0Y6E++1YOpFku6ooQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.illinoistimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=UUEXjjcYoQEcCrCx_v_RkPxtnTo03kQ-oVv0QujQvUS-W2lmKRoE3dU293cri85Aa7lEaHFhrkQw9ckbcmqv84Ra6XFyw9m9VygkbXD7lBDiLjqXE9w1XSKZVjRmiVy8RF5jy2Wz77uoOhm0V0p9jVt8cKFg4nC1pNkvXqJ--ls
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.illinoistimes.com/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Jun 2021 04:06:05 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-HZ0Wc0Y6E++1YOpFku6ooQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E120 0
0 18ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveotW3b8nSDLRjvdpnzedqC3CZdYiRiESCL_iUuQtS6PAv2kqaSOSLsR9dce74al97aZi-9phq9AujyYAXuAJLrNc8YI0B_e4zqF3xOJXfMB66nmOUGSr0-L24KRj30aUqAoJbbsBA2iaGrBjZLJfIxGsdpFfLAQASVhw6Lr_8EMVNgmg2I2MEZQMveHkM1TjP0eZOx9DM80PBFBe6abzqQQJinO2-X8OVAHA1nlVgGUj0qCWsDE6ePFourXRkpBCFLJvz4kkzGfsk5N184jXeabmjbNWyk9yXX6IRUP44fSrGu7wDaCBVPLeT&sig=Cg0ArKJSzKA3JTHgiLdwEAE&adurl=

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame E120 17 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 03:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 03:59:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame E120 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 04:05:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E120 122 KB
37 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H2 200 9771300320747741245
tpc.googlesyndication.com/simgad/ Frame E120 49 KB
50 KB 29ms
11ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9771300320747741245

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19e73b5a0aaba9b218aa3469c4920ec0ba9c44ee5616ce8632afafedecec7b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 23:31:28 GMT
x-content-type-options: nosniff
age: 102877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50618
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 19:31:14 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 23:31:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 1514 17 KB
7 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 03:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 03:59:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1514 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 04:05:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1514 122 KB
38 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1514 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaScBKP2YgIU4p6pOyHwnEfp0Gdib_3nksnQRdyZyXPfdQwItyjcnXhv66gdHTN-S50M8uAPLMBfCUr9ibJt6qLcy8UWTQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 221251431091198889
tpc.googlesyndication.com/simgad/ Frame 1514 122 KB
122 KB 27ms
17ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/221251431091198889

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0405a5bc77c0464bc7d9b42f82ce313058a35a4d756c9e2975e5519902d5f7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:40:30 GMT
x-content-type-options: nosniff
age: 59135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124538
x-xss-protection: 0
last-modified: Mon, 17 May 2021 17:16:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 11:40:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9378 0
0 17ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthr5icA70uufjjdhIu-kVs8sdVs5OpbSzkN7qQQ06dYYURCCwc_emSmgDlEL975a0HbMk3IjDbFiZXOkuet_a2g9UVJlm40Bhcv4gM8vHrAiZIJD9kRTH1lAbi9815hNiDBlbVgC0cQpKxpMWovLzm3340TbWP0SUjThV8NpAQOdAsfQEBGqFeitcNslwDlE_HjSvMgCULGqL00jECrDhour9G-OCAqg-E2NiFgGmEe5uHr498Wq1jX9Tv-VlIM2NW84p3D3lVErxSnmZQ2cq5C-AS4iGyzh8aR6ZZM4PQN1p-5-ThTruFkIRDlDM&sig=Cg0ArKJSzBGMS4dyoThZEAE&adurl=

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 9378 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 03:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 03:59:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 9378 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 04:05:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9378 122 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9378 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxO-KBpeBRBx0A1_DfVj6heE5TstUVwYjmWSO_3IugmcATBdp1_NyngkMOe9TiixNjiugWqoV8eDcg0u1UoWq84YxZfA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 12222202414268002562
tpc.googlesyndication.com/simgad/ Frame 9378 95 KB
96 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12222202414268002562

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d79eec0c1842ab8b4d021899ef94ffdef7867ca6c46848527a26bca705b4b239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:14:48 GMT
x-content-type-options: nosniff
age: 118277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97662
x-xss-protection: 0
last-modified: Thu, 20 May 2021 19:20:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 19:14:48 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79A8 0
0 20ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiIG4dHRU_tYOH0XIzEKDDw_4qGCqNlFy7R5U2PrvK_SjIzZg9Bs55fAff3Vq7SHv7Dt1GPko1nSMOLPteK1iCTdfZcTB0kw7i-4gGFCMnq9PVdg3tVOiBzDiXqrfxSP2jeY57rCLLI1j1q96irRZmkt2GC6oOkqu1Jwo0fEtjHYgwQlhiwW36thACOYo6u-aivCd4AJYk3M7zVwYOjAeiT2jU7S4-ySPJAst0WCEMF4LoOK094XuqYx_5PAmUCfiQ_Z1BlU-DwOGkzvQs84MKC5Bcxuar1PplZBwFzrpjxGSVoe4ICseM3dIzulEMTihxQg&sig=Cg0ArKJSzC36GrZ_yU0aEAE&adurl=

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 79A8 17 KB
7 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 03:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 03:59:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 79A8 2 KB
1 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 04:05:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79A8 122 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H3-29 200 5714887543808355497
tpc.googlesyndication.com/simgad/ Frame 79A8 134 KB
134 KB 20ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5714887543808355497

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e467b1599e5b503059cd48cf495897a5dde5d288cbc2cd66dc3e78db31a16e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:19:37 GMT
x-content-type-options: nosniff
age: 161188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137487
x-xss-protection: 0
last-modified: Mon, 03 May 2021 21:39:05 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:19:37 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0474 0
0 17ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzhQEecfPjSYVHWshr-EqlmolnrtuR59Ig3fLaF4G0G-somZjNagCJRfFXPASAholvn8c7YdzRJ9JhOvrfFCMR1C3S91OxkToMJphVmjC8QTuIMSTtXRnbxny9voTyBsDcthXWPBkJVrYlX5DMb3N-UcwA4TkTWKKogMSkAz-pbDm7ZRZRoMmRU1IJPAyYCQv32OvCmz_ebH1Tumggkhg0u3UWxJ12X5ap7YTGJqhsXZLPH5VD66PEceYwFq-6QMLQ6ycKkK-B8g5MMCeH75C26hDM18bCnafSZ-snPaGbjbT9Rk5jX__vl23Y&sig=Cg0ArKJSzBzrSPseoTs5EAE&adurl=

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 0474 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 03:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 03:59:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 0474 2 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 04:05:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0474 122 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:05 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0474 0
0 22ms
21ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTIoBrq-Zs6PMLVCB2GxuP6M2-ChDMfFFmZV7RBJhzfF-OoyKWw8696jwcotCnR6zvWTypTPwvd6tJH5lj-q9EtsKMQg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 3064488965737239346
tpc.googlesyndication.com/simgad/ Frame 0474 94 KB
94 KB 11ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3064488965737239346

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3177b278c5c3b93593d8fab99f7577a0d7701b100cf24ddab61730f69953794c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:19:39 GMT
x-content-type-options: nosniff
age: 161186
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96359
x-xss-protection: 0
last-modified: Thu, 03 Jun 2021 16:38:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:19:39 GMT

GET
H3-29 200 5439567908973300661
tpc.googlesyndication.com/simgad/ Frame 1696 120 KB
120 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5439567908973300661?

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a353dad05eb71a15a8e326aee63687a0b55225730f1f8cb32327de440427e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:19:40 GMT
x-content-type-options: nosniff
age: 161185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122622
x-xss-protection: 0
last-modified: Thu, 20 May 2021 13:18:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:19:40 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 40ms
27ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=808861419571642&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.illinoistimes.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b0b3bda7650a068b4deb0746987d7f79&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 2OoP39fuaIaM+fXS0ckPdSTOXavNu8fbObcQ1AO5AIfnHESAqZvgyz5//YMFrjrbEN1vwAdkNWEYdwqNA8YEFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Jun 2021 04:06:05 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.illinoistimes.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1514 0
0 17ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmxKFefBD8JUKDgy-q2wJ_jUnzsfylKltYPqBH4ae92_oXpERlF2K0JN2aFoS2YhZaqdDmtG0du91NY3ryh47dT_XAI1us2RjqOAysT7xuIjw2vU3NVkHZBUtDP418heEdwxm2_V98bX9HD6km40yJxfa884q00TO11SjClw0f9MkzSrBKfJwKF_NHAUbO62UyqmajSxZmzQdlsgjFKE3oPoi2hg-Quq_p69nIY3QXGFuZTsWwmw3u15rIgUBSpRI-aYA6ZE-sKvk5Ss6N2uUTmoUDqq05zFYOt1kFDuwZ2cbaiV6IASaJ5aT-_m9TF4y42g&sig=Cg0ArKJSzPaLh37iGEKOEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&adurl=

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 / Show response
de.tynt.com/deb/ Frame 4740 75 B
289 B 333ms
107ms Document
text/html 208.100.17.183
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.183 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip183.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Tue, 15 Jun 2021 04:06:06 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 14 Jun 2021 04:06:05 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 6D7C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

30ms
30ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6cca9ac12d68e44dd5d8c28c9dc277450ba65bf42cba4d5a3ccbefd3f8f33ab8

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YMbVrhmiqksne9HTD-P.2wAA; CMPS=5182
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|176|195|188|46
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1779
Expires: Mon, 14 Jun 2021 04:06:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Connection: keep-alive
Set-Cookie: CMID=YMbVrhmiqksne9HTD-P.2wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 04:06:06 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 04:06:06 GMT CMPRO=1185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 04:06:06 GMT CMRUM3=2d60c6d5ae05a0&b060c6d5ae05a00&bc60c6d5ae05a00&2e60c6d5ae05a0&f160c6d5ae05a0&c360c6d5ae05a00&2760c6d5ae0b40&e660c6d5ae2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 04:06:06 GMT CMST=YMbVrmDG1a4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 04:06:06 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 14 Jun 2021 04:06:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Connection: keep-alive
Set-Cookie: CMID=YMbVrhmiqksne9HTD-P.2wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 04:06:06 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 04:06:06 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 44EC 2 KB
818 B 35ms
9ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDY0MUQxRTItQzczOS00N0JDLUFGQUUtNkM5QkFGNDZERDhB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC05605E4-4E5A-42C0-B68A-74C8C35BA39C
https://router.infolinks.com/dyn/usersync?pmuservalue=C05605E4-4E5A-42C0-B68A-74C8C35BA39C

0
182 B

118ms
117ms

Image
text/plain

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=C05605E4-4E5A-42C0-B68A-74C8C35BA39C
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 65f0af238b69089b-CDG
content-length: 0
cf-request-id: 0aaa4bca310000089bd0a68000000001

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=C05605E4-4E5A-42C0-B68A-74C8C35BA39C
date: Mon, 14 Jun 2021 01:22:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=4671442627145516977

35 B
212 B

133ms
126ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=4671442627145516977
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 65f0af20c844089b-CDG
content-length: 35
cf-request-id: 0aaa4bc8810000089bfba8f000000001
expires: Sun, 14 Jun 2020 04:06:06 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid: 12bf92f8-0b60-4268-b8c7-661c81063320
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=4671442627145516977
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-nnRT6fFE2uE5gK9OfDLP6Fd2ENX21vfkmVyiDsc-~A

35 B
326 B

124ms
122ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-nnRT6fFE2uE5gK9OfDLP6Fd2ENX21vfkmVyiDsc-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 65f0af20c848089b-CDG
content-length: 35
cf-request-id: 0aaa4bc87e0000089bd0a53000000001
expires: Sun, 14 Jun 2020 04:06:06 GMT

Redirect headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-nnRT6fFE2uE5gK9OfDLP6Fd2ENX21vfkmVyiDsc-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3543606170
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3543606170
https://sync.1rx.io/usersync/tradedesk/6d001349-5e03-420c-8288-78a1a62e3002
https://sync.targeting.unrulymedia.com/csync/RX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003

35 B
238 B

133ms
133ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 65f0af21a977089b-CDG
content-length: 35
cf-request-id: 0aaa4bc90d0000089bfe1ff000000001
expires: Sun, 14 Jun 2020 04:06:06 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003
date: Mon, 14 Jun 2021 04:06:06 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXca7078bd24f24be7a559ec3fd892faf2003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
282 B

124ms
124ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 65f0af21f9dc089b-CDG
content-length: 35
cf-request-id: 0aaa4bc93a0000089b092a4000000001
expires: Sun, 14 Jun 2020 04:06:06 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 15C8 0
478 B 64ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 15C8
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.illinoistimes.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.illinoistimes.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.illinoistimes.com%2F&pid=12306&adnxs_uid=4671442627145516977

95 B
945 B

130ms
30ms

Image
image/png

54.194.137.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.illinoistimes.com%2F&pid=12306&adnxs_uid=4671442627145516977

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.137.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-137-128.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 14 Jun 2021 04:06:06 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 14 Jun 2021 04:06:06 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: cb5f8352-0f43-4a19-b2f1-6769b8dd1503
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.illinoistimes.com%2F&pid=12306&adnxs_uid=4671442627145516977
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 15C8 42 B
233 B 265ms
85ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd77959d6-ccc5-11eb-a5cd-06298ef1e368
https://router.infolinks.com/dyn/outh-usync?uid=y-qRSwQK5E2uE7iCQHuSwpQd3G5lpBT_Bp~A~UPd77959d6-ccc5-11eb-a5cd-06298ef1e368

35 B
261 B

149ms
148ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-qRSwQK5E2uE7iCQHuSwpQd3G5lpBT_Bp~A~UPd77959d6-ccc5-11eb-a5cd-06298ef1e368
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 65f0af21089d089b-CDG
content-length: 35
cf-request-id: 0aaa4bc8aa0000089b1f033000000001
expires: Sun, 14 Jun 2020 04:06:06 GMT

Redirect headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-qRSwQK5E2uE7iCQHuSwpQd3G5lpBT_Bp~A~UPd77959d6-ccc5-11eb-a5cd-06298ef1e368
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usersync
match.bnmla.com/ Frame 15C8 0
114 B 331ms
105ms Image
text/plain 38.27.122.126
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=375d41300fad715405c60a4f

35 B
219 B

121ms
121ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=375d41300fad715405c60a4f
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 65f0af20f882089b-CDG
content-length: 35
cf-request-id: 0aaa4bc89b0000089bf9a95000000001
expires: Sun, 14 Jun 2020 04:06:06 GMT

Redirect headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=375d41300fad715405c60a4f
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzA1NjA1RTQtNEU1QS00MkMwLUI2OEEtNzRDOEMzNUJBMzlD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC05605E4-4E5A-42C0-B68A-74C8C35BA39C
https://router.infolinks.com/dyn/usersync?pmuservalue=C05605E4-4E5A-42C0-B68A-74C8C35BA39C

0
182 B

131ms
131ms

Image
text/plain

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=C05605E4-4E5A-42C0-B68A-74C8C35BA39C
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 65f0af238b6d089b-CDG
content-length: 0
cf-request-id: 0aaa4bca320000089bf732b000000001

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=C05605E4-4E5A-42C0-B68A-74C8C35BA39C
date: Mon, 14 Jun 2021 01:22:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 15C8 0
62 B 118ms
118ms Image
text/plain 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 65f0af2158ef089b-CDG
content-length: 0
cf-request-id: 0aaa4bc8d30000089bb2b3f000000001

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 15C8
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=875739027553619379

35 B
257 B

118ms
118ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=875739027553619379
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 65f0af239b85089b-CDG
content-length: 35
cf-request-id: 0aaa4bca440000089b2d0e3000000001
expires: Sun, 14 Jun 2020 04:06:06 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=875739027553619379
Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 15C8 0
72 B 1347ms
107ms Image
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3312917&wsid=0&pdom=www.illinoistimes.com&purl=https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP004 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status: 2000208
date: Mon, 14 Jun 2021 04:06:06 GMT
server: 33XP004

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9378 0
0 31ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6sX1HkAYxtpMUpg0aXOWKw5uXbHwpZrfOgJt_Q7H3Tj6ln-LpOOJ9gwZuuBY_TERTDC6dxh8fffRTC8h8meiGohDOP0gZAPofMVVCQ5_WtaSFX7P560x9CmxSPSVulweF4MRrpPqtBQIxDYN3Kuvr693OOCis5a4ksFKSHOu2osONVOnzJ1m-5KAEVTSOWQ0giPZFR_rxFDQfZwLiyMNul1CmOgBlJ-IMoRuQ15YtRoI9ud0I-KXgJlIZW7YeiwVKaLtE-WNQhb-NW2wutkJlyq4RPeTUbPQg2uiC5U4WM2mbx9IjjVPwqVyrfi90bA&sig=Cg0ArKJSzCxJDSkr9olJEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 04:06:06 GMT

GET
DATA 200
OK truncated
/ Frame 9378 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33afd6864c5b5a9330453d75f5d93cecebee1390b79c53316e6f302c22487111

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E120 0
0 17ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssokZXy3kF4Zkt8Ln9ybQBf7TsX6EUe9U5HYd-zYGsFYWkX5Pf9Hs43oOulUFz-Lwic--9qPDFwV6LZXGgN9IZ2yTGvbiiR0EAxRAvtEZh1eaCLo3V6fsu67sE0rl7o9NTmWuo_6d0zeDdMsJkIyPviSRZVhKQixsoTrkLCyZnA2OMv5q3TiODyr7KV61s5nfu3MqJ2jjD7k8PgTtEDFPzqeHbjNTJSJT6bDXBod2sHKM90DbS4-8gYGUilJLEQSMs0SlSQ7A-oBx2-zWn3mffaKDc4XGxHTIMtCTLGSjKONq1Y5RDOO1sfjni7rhY&sig=Cg0ArKJSzIoFXA20NWSpEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 04:06:06 GMT

GET
DATA 200
OK truncated
/ Frame E120 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 381359ffacca2e616134548f72501028737112338f58d73b1afe8497564f1309

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1514 0
0 16ms
16ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQJAEiUJ6kfUPxmxJvCdJWJ1f1IQmI_wTlCn0h-c8Gmomi_T49x55VpVlL_DuNoMwhwfIxqx2syQhGbc47IyA697AEccwNWFeBHF4ktSLmMH_u6orEbpwWHmQsm9tbnLBczV6ozhSVv7s5Ft0EJIWB0VjjBm4OxrLB7tHRz5Zgd-MNiMrDTxviy7bqvz06MVbsEl19IsHOqjpHLbCPVKbY117hKh5qRPaVEzZIrEJVeIVmH-uxGoW9Gv7EhTb2V88BW8nsONPGgfubTnHKuKSxJCoFC6y40xcg_-GKcxjEl2BB5QC-pbDbuq7ABVKZ9xh0fZYw&sig=Cg0ArKJSzLdeTVUNQuFdEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 04:06:06 GMT

GET
DATA 200
OK truncated
/ Frame 1514 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 642c7ca38577ca06a2f252b92689ccdaf2fd6877462a42da02ab63be58c82ed6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79A8 0
0 17ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC6JzA2f6oHf8ybhjhXwXuKZclLNTleaLNKb-QIDk9YD7yH3kTbkLdcBuFIRcy_kICFpO9MqFXZlmFksynsu9aYtdalMRpDbpubr3pxW-xHGJu00OrDEzDa4AwCbasmx9qC7TuH-39VMeGjO8wmC4DiyYpp1Ud2peeXnj0m83hGS0wQ6aFlA_dpK1cPzTSnoUYIU-wzrX2fEOPBOVe_kXMsChhPI2y0_4MpXn90RaIB1dJPi4hbYMbJnhNGtsgpZwHrxUkA9pZMHB7SiOEyeXO_ElpZPgu2se0V3-KY1O4Zz_6LMjj3-PWV6x6zQRCIZ3Pp2Xu&sig=Cg0ArKJSzG7mTXjyLCy7EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 04:06:06 GMT

GET
DATA 200
OK truncated
/ Frame 79A8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95f599607d1251c4c4368afd1a74858f317eb13fceb32664eb364afe1a107f88

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 settings Show response
syndication.twitter.com/ Frame BAD0 256 B
442 B 157ms
125ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4c7433020a079a7f653423c357e089206da8aadb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.illinoistimes.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:05 GMT
content-encoding: gzip
last-modified: Mon, 14 Jun 2021 04:06:06 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c2082fa6b8e63f2634937146fce881d98d79f38d35eec784748a96aa1848f68b
content-length: 176

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0474 0
0 17ms
17ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP-hFaNqoMQ83jkWvI5Gxxws5_Fhw93q2R4dkUQxVtH-KMFxFrsWnAemusxEltOXUojh-V9czgM4Y3yaFSVozN3dxjw-g_hCRyQBjkKRyUO8EJzOgCmgMFROvCU0HF7uJgFhx9WmIftwnOQxW81saFBikM9S1RDKkVl6at_Y5D5nDlsl1GJD35C166cmT0AQAoZEPeIkCniVqsF0Bhz36IvkBTtvRKTh6gybMKlF9iZX0UgT_bqXytS84a9l_AolOeNBr-kV5PUtYPjQoL2nkPaKRUrNb3fZj2YICIaVzZzUV3p4y3E7JaN4i5AD0&sig=Cg0ArKJSzIj_dBhFTGQZEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 04:06:06 GMT

GET
DATA 200
OK truncated
/ Frame 0474 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a988b3c215ca3df7151bf7e1f5c4fd0d13b9691e7a878832ecce4f6aac4e3a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 5439567908973300661
tpc.googlesyndication.com/simgad/ 120 KB
120 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5439567908973300661?

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a353dad05eb71a15a8e326aee63687a0b55225730f1f8cb32327de440427e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:19:40 GMT
x-content-type-options: nosniff
age: 161186
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122622
x-xss-protection: 0
last-modified: Thu, 20 May 2021 13:18:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:19:40 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ 0
27 B 20ms
20ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuD6msEVboPlfj4yk06GC5yTZgR7bLM6eEAE5y2E45dYUPIlJBwnXu9OPiNBC22PybdsXNUwE0UR6i9FzFEZc2u_AF28guvbbnsGzt_cVfbJYU8J4flzRhmzGq3hDbHflJMJDwkzDc-_ZSnOcYytL_vDHqOuBIRsTQ2xOgiI11Ws5kCK_sw2fd8mzXn5IXBfdnzp0pGVB5UjcmJi8A9ZJcGXr1nlkr4XPN1RC50yAM8G6Ex6sz7k05kdw7_iHOT84vy7vOKBaVUAd4b1cxiK_EZFYKClNkDhkxRHZc48enVLh_X79y_yE_GVIWB2aOczMU8Xz7uqA&sig=Cg0ArKJSzNNfZQFHoiGlEAE&urlfix=1&adurl=

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 1076821231-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 6446 115 KB
40 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1076821231-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1816d947d4d4bafd1c4f03793110f64a56b2885ee29fc9fae3c226cea8bc2757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40143
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 02:30:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 06:17:57 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6D7C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMbVrhmiqksne9HTD_P-2wAABKEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMbVrhmiqksne9HTD_P-2wAABKEAAAIB&dcc=t

43 B
433 B

106ms
106ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMbVrhmiqksne9HTD_P-2wAABKEAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMbVrhmiqksne9HTD_P-2wAABKEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 6D7C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMbVrhmiqksne9HTD_P-2wAABKEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFWKJjoR1VRve0aY1ONQu6U&google_cver=1

43 B
315 B

22ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFWKJjoR1VRve0aY1ONQu6U&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 14 Jun 2021 04:06:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFWKJjoR1VRve0aY1ONQu6U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6D7C 70 B
264 B 31ms
29ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMbVrhmiqksne9HTD-P.2wAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6D7C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMbVrhmiqksne9HTD-P.2wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELXK6qgRYnwHglxGrOBiNGY&google_cver=1&gdpr=1&google_hm=2

43 B
1002 B

40ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELXK6qgRYnwHglxGrOBiNGY&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 14 Jun 2021 04:06:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELXK6qgRYnwHglxGrOBiNGY&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame 6D7C 0
44 B 313ms
101ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
content-length: 0
server: a

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6D7C
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-34a1b2c3-bcc6-45db-8b4e-fbc60d7eb2af

43 B
1 KB

33ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-34a1b2c3-bcc6-45db-8b4e-fbc60d7eb2af
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 14 Jun 2021 04:06:06 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-34a1b2c3-bcc6-45db-8b4e-fbc60d7eb2af
date: Mon, 14 Jun 2021 04:06:06 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 6D7C 0
88 B 415ms
101ms Image
text/plain 52.45.185.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.185.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 6D7C 0
0 70ms
37ms Image
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame 6D7C 35 B
222 B 118ms
116ms Image
image/gif 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YMbVrhmiqksne9HTD-P.2wAA%261185
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 65f0af210894089b-CDG
content-length: 35
cf-request-id: 0aaa4bc8a50000089bba143000000001
expires: Sun, 14 Jun 2020 04:06:06 GMT

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 6446 14 B
58 B 43ms
28ms XHR
application/json 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.illinoistimes.com&client_id=463997208051-cf42pqgbnj2plogdj8gskmbgo20gm8eb.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1076821231-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 14 Jun 2021 05:06:06 GMT

GET
H2 200 rules-p-d35d9chY5-eks.js Show response
rules.quantcount.com/ 3 B
439 B 65ms
21ms Script
application/javascript 2600:9000:206e:7400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d35d9chY5-eks.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:7400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:40:33 GMT
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
age: 59134
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:57:13 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: HEdCQT4JCZgIcZhl9BVO9fIYMraXigYcWIBxJVweE4S_ceMJULR_iQ==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15882438&ns__t=1623643566529&ns_c=UTF-8&cv=3.5&c8=Illinois%20Times%2C%20the%20capital%20city%27s%20weekly%20source%20of%20news%2C%20politics%2C%20arts%2C%...
https://sb.scorecardresearch.com/b2?c1=2&c2=15882438&ns__t=1623643566529&ns_c=UTF-8&cv=3.5&c8=Illinois%20Times%2C%20the%20capital%20city%27s%20weekly%20source%20of%20news%2C%20politics%2C%20arts%2C...

64 B
330 B

61ms
60ms

Image
image/gif

99.86.241.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15882438&ns__t=1623643566529&ns_c=UTF-8&cv=3.5&c8=Illinois%20Times%2C%20the%20capital%20city%27s%20weekly%20source%20of%20news%2C%20politics%2C%20arts%2C%20entertainment%2C%20culture&c7=https%3A%2F%2Fwww.illinoistimes.com%2F&c9=
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-40.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: HxZHdceYlPfNJFu996-ADZcLj2WFncruMsHzAj6OYv6AodY2SRviqw==

Redirect headers

date: Mon, 14 Jun 2021 04:06:06 GMT
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=15882438&ns__t=1623643566529&ns_c=UTF-8&cv=3.5&c8=Illinois%20Times%2C%20the%20capital%20city's%20weekly%20source%20of%20news%2C%20politics%2C%20arts%2C%20entertainment%2C%20culture&c7=https%3A%2F%2Fwww.illinoistimes.com%2F&c9=
content-length: 292
x-amz-cf-id: UanqO8q1Fy4_x5Ug5Qg6fIOSoCGxmIq6xb_Mu1zApI537MYf7SFVcQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1891474227&t=pageview&_s=1&dl=https%3A%2F%2Fwww.illinoistimes.com%2F&ul=en-us&de=UTF-8&dt=Illinois%20Times%2C%20the%20capital%20city%27s%20weekly%20source%20of%20news%2C%20politics%2C%20arts%2C%20entertainment%2C%20culture&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1002921771&gjid=1990709966&cid=2064410747.1623643565&tid=UA-1362182-1&_gid=712965136.1623643567&_r=1&gtm=2ou690&z=1658162388

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1362182-1&cid=2064410747.1623643565&jid=1002921771&gjid=1990709966&_gid=712965136.1623643567&_u=YAhAAUAAAAAAAC~&z=943466218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Jun 2021 04:06:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.illinoistimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1455158958;rf=0;a=p-d35d9chY5-eks;url=https%3A%2F%2Fwww.illinoistimes.com%2F;uht=2;fpan=1;fpa=P0-1813849350-1623643566597;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;r...
pixel.quantserve.com/ 35 B
371 B 11ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1455158958;rf=0;a=p-d35d9chY5-eks;url=https%3A%2F%2Fwww.illinoistimes.com%2F;uht=2;fpan=1;fpa=P0-1813849350-1623643566597;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=illinoistimes.com;je=0;sr=1600x1200x24;dst=1;et=1623643566597;tzo=-120;ogl=url.https%3A%2F%2Fwww%252Eillinoistimes%252Ecom%2F%2Csite_name.Illinois%20Times%2Ctitle.Illinois%20Times%252C%20the%20capital%20city's%20weekly%20source%20of%20news%252C%20politics%252C%20arts%252C%20entert%2Cimage.https%3A%2F%2Fwww%252Eillinoistimes%252Ecom%2Fbinary%2F4cc1%2Fillinois_times_facebook_share%252Epng%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cdescription.Illinois%20Times%252C%20the%20capital%20city's%20weekly%20source%20of%20news%252C%20politics%252C%20arts%252C%20entert%2Ctype.website

Requested by

Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3F39 2 KB
434 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 03:17:00 GMT
server: ESF
date: Mon, 14 Jun 2021 04:06:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 04:06:06 GMT

GET
H/1.1 200
OK 2572684
media.secondstreetapp.com/ Frame 3F39 19 KB
20 KB 357ms
118ms Image
image/png 199.19.89.14
SSM-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.secondstreetapp.com/2572684
Requested by: Host: www.illinoistimes.com
URL: https://www.illinoistimes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.14 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-14.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 272c7ceed798c0b46a1b36b07e1277614686b4f2b5d82b6b06f09025a7fe61a4

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 04:06:06 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 114
Content-Type: image/png
X-StackifyID: V2|5796463f-1425-4a46-ab41-6001684f05f2|C69601|CD9
Cache-Control: private
Content-Length: 19634
Expires: Tue, 14 Jun 2022 04:06:06 GMT

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 3F39 30 KB
30 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.illinoistimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:32:04 GMT
x-content-type-options: nosniff
age: 120842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 18:32:04 GMT

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 3F39 30 KB
30 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.illinoistimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 18:32:04 GMT
x-content-type-options: nosniff
age: 120842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 18:32:04 GMT

GET
H2 200 custom-messages.5799ddf75a30812a3d49.js Show response
s7.addthis.com/static/ 114 KB
28 KB 23ms
23ms Script
application/javascript 2.22.88.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.22.88.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-22-88-169.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6e91e73fa61993cea2208718d670f5ed1161039b2c7c9fe38e21cdbd5d5ab181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-1c9fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 14 Jun 2021 04:06:06 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 28519

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9378 42 B
64 B 29ms
15ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_eWrD8H8IFTeQ_zoCjlAHpMj1Q3Mf-apFAgbTl5jvwaJtEX-Rn4YsAM5rOImhWvZRV6xJ4k4aiWkyvHfgKwtbk8jSaNeFyCGAFZ1nviY&sig=Cg0ArKJSzKIR3am18GgwEAE&id=lidar2&mcvt=1000&p=188,326,278,1054&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4240863125&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623643565845&dlt=0&rpt=423&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E120 42 B
64 B 28ms
15ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstt068SXv06vr5TsIZgB19JMhbHsMfpxwMCnhzyRlkw9jLtAyMw0BwwnxgxqNgybYDIt1aj7MU5JbEULXzP1s2e9LS1Cx0U3hoZJBIPt1o&sig=Cg0ArKJSzGjUWBjfjSZxEAE&id=lidar2&mcvt=1002&p=188,1054,278,1274&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1157147286&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623643565825&dlt=0&rpt=467&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df89fd9a68d288030709826c8ce4beb0f2f68e4863da8a55b594717e61f5380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7889
x-xss-protection: 0

GET
H3-29

200

/
www.facebook.com/login/ Frame EC69
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=808861419571642&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df255...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D808861419571642%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

115ms
115ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D808861419571642%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2558fc61fc950c%2526domain%253Dwww.illinoistimes.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.illinoistimes.com%25252Ff2e49278e36c4c4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fillinoistimes%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b0b3bda7650a068b4deb0746987d7f79&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D808861419571642%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2558fc61fc950c%2526domain%253Dwww.illinoistimes.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.illinoistimes.com%25252Ff2e49278e36c4c4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fillinoistimes%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.illinoistimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
cache-control: private, no-cache, no-store, must-revalidate
x-frame-options: DENY
content-encoding: br
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
content-type: text/html; charset="utf-8"
x-fb-debug: atYALT7eGi1uNJVwntuG9bWZwdobEdoC7q0eyNLFLAdr7uFR13c022gH2+4jkWE06b2K6USxT6MkIQTZd6LBFw==
date: Mon, 14 Jun 2021 04:06:07 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D808861419571642%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2558fc61fc950c%2526domain%253Dwww.illinoistimes.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.illinoistimes.com%25252Ff2e49278e36c4c4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fillinoistimes%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D500
x-fb-rlafr: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
facebook-api-version: v4.0
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: x3EHbNhvxwL700ZzxVbqENbijPJe6MAL+WLYwqR4RzFjx7V3D40zh8aps98cFrKQ1r/wfmWGNAC02wWfujdAUw==
content-length: 0
date: Mon, 14 Jun 2021 04:06:07 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 04:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:06:07 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame AD6C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.illinoistimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.illinoistimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 02A2 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f599b7b8d4907a27e5345262f8fa534c2c5a6f8a356fa0f24cbae4b23514369

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4kTRfMrPxelcTzZ74d/ubg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.illinoistimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=UUEXjjcYoQEcCrCx_v_RkPxtnTo03kQ-oVv0QujQvUS-W2lmKRoE3dU293cri85Aa7lEaHFhrkQw9ckbcmqv84Ra6XFyw9m9VygkbXD7lBDiLjqXE9w1XSKZVjRmiVy8RF5jy2Wz77uoOhm0V0p9jVt8cKFg4nC1pNkvXqJ--ls
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.illinoistimes.com/

Response headers

expires: Mon, 14 Jun 2021 04:06:07 GMT
date: Mon, 14 Jun 2021 04:06:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4kTRfMrPxelcTzZ74d/ubg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame AD6C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=3160264117651440&bg=!nZ6lntrNAAY6sG-_OrA7ACkAdvg8WgICGGzAU5wkL3VcRPs82DvS_MpL_zwiAHm-MW-yUX6qPcExbQIAAABNUgAAAAtoAQcKAH2GVuF-2HxL4xVZfFt6GvQcPPrn6j49RD9PwPchiFPibaHyipdK9A3TCweTsKnU9lNwsgTsT9fiTePaPtAtf8mQvnpbkYkBAw_TnI0muoIGvOGkvIVQyKoNes-_DyU3P64sqIrX-ZPiCSwZfgR3Jpo6II-NzpfSu1Plzje6BJkCbFRYpIFqEXp0kfrTAlwQX9lAeVAjXt2Aiuns-xYodMbBcgZ52jT24EcxzT4Xask1OY_ugvLhIFWVo1_crHEHOs45fXtPfW8gauyQepJXaN47ee1umf481jVfZybUUX-jAXVLGZCpcqr24Hjq_XvprycDpKPrcbu8rbAlDkmNj_gw7e6Tzc73BWLW3YjJmflVkIPfzX9FUdlDVIhTh-OoKb_BnEn4wtZzhhKgfPIbB188-3LDyhPbyGxmwrdGMZNdzCuYpK4vCUYNBCBcG7EhN0MPUMo1v8Mx78_jOiRT20H87Wt3KuIms9cIr27nuVIl7mHSVrKbro8tOvcKGCAC-pB4lKcLKPwI5Fhb-geVdEAskhVFSH1hlL5AqhrMmNW3BmrNWAzzW3YeyUTJpNOt1GzlLt52pcYfbj5CfSzZXA8FCec-TtD6S5WZAi0nH47Kb8zcBYykWbk-8EK2XEUFZjcNNwc_PT_T9myzt1IgqQp0PYz7TzdGAqi87e8p4iy2Rn6DCN5uvDn5Ji1prDIQqBsl2KUUAtdmU5I699JeUg1yq2VandEQhwVKKOyTp7cp1-IFNvdJJMgSJUuSpxeluPwgTSHzNuAh7E7HN3JYbYp3xroSRRwfA2lcYaIRiOpQ7XhHUmlc-Nnma6XgiBs99oWQCuvxYUwpQtIKARU_J86ZgtrGGlh42k7g1Mlml8ir0d7yncAjAlFEVfjxuArzgphUPik0lIg4D4h6IomrgwACUniLxnn40POShILC-n6MeDo71ESZ0YTbWG51TNd7ykd9gG2AfOC03t4Ydh26FKuc5jal0lRHPqqlqEE1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 04:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.illinoistimes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.illinoistimes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.illinoistimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 04:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ Frame 39A5 27 B
729 B 16ms
15ms XHR
application/xml 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=21114281&cb=1623643573363&referrer=https://www.illinoistimes.com&kw_publication=illinoistimes&kw_page=home&vwidth=426&vheight=247&vcontext=4&vframeworks=1,2&vv=2,3,4&mimes=video%2Fmp4

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 04:06:13 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 9624dd54-049b-4e23-ae40-7a42a9fe9412
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-20 03:46:19	Name: CMRUM3 Value: f160c6d5ae05a0&2e60c6d5ae05a0&bc60c6d5ae05a00&2760c6d5ae0b40&c360c6d5ae2760av-34a1b2c3-bcc6-45db-8b4e-fbc60d7eb2af&e660c6d5ae2760&b060c6d5ae05a00&2d60c6d5ae2760CAESELXK6qgRYnwHglxGrOBiNGY
.www.illinoistimes.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.casalemedia.com/	1970-01-20 03:46:19	Name: CMID Value: YMbVrhmiqksne9HTD-P.2wAA
.google.com/	1970-01-19 23:24:14	Name: NID Value: 216=UUEXjjcYoQEcCrCx_v_RkPxtnTo03kQ-oVv0QujQvUS-W2lmKRoE3dU293cri85Aa7lEaHFhrkQw9ckbcmqv84Ra6XFyw9m9VygkbXD7lBDiLjqXE9w1XSKZVjRmiVy8RF5jy2Wz77uoOhm0V0p9jVt8cKFg4nC1pNkvXqJ--ls
www.illinoistimes.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 3e9c6f04-5069-4b38-96d2-b43ad970117d
.casalemedia.com/	1970-01-19 21:10:19	Name: CMPRO Value: 1185
.infolinks.com/	1970-01-19 19:02:09	Name: ZTUSERCOOKIE Value: 875739027553619379
.infolinks.com/	1970-01-19 19:02:09	Name: KADUSERCOOKIE Value: C05605E4-4E5A-42C0-B68A-74C8C35BA39C~1623643653108
.infolinks.com/	1970-01-19 21:10:19	Name: ZMNUSERCOOKIE Value: ""
.casalemedia.com/	1970-01-19 21:10:19	Name: CMPS Value: 5182
www.illinoistimes.com/	1970-01-19 19:00:45	Name: __atuvs Value: 60c6d5ada2aa1570000
.illinoistimes.com/	1970-01-19 19:00:43	Name: _gat_gtag_UA_1362182_1 Value: 1
.infolinks.com/	1970-01-19 19:02:09	Name: R1USERCOOKIE Value: RX-ca7078bd-24f2-4be7-a559-ec3fd892faf2-003
.illinoistimes.com/	1970-01-19 19:02:09	Name: _gid Value: GA1.2.712965136.1623643567
.infolinks.com/	1970-01-19 19:02:09	Name: IXUSERCOOKIE Value: YMbVrhmiqksne9HTD-P.2wAA&1185
.infolinks.com/	1970-01-19 19:02:09	Name: SOVRNUSERCOOKIE Value: 375d41300fad715405c60a4f
.illinoistimes.com/	1970-01-20 04:22:19	Name: __gads Value: ID=0214e3a6865922a7-22f64c8debc80075:T=1623643566:RT=1623643566:S=ALNI_MYS0CCiuU3GgQfLVA7uBu_vsXBhJg
.infolinks.com/	1970-01-19 19:02:09	Name: VRUSERCOOKIE Value: y-nnRT6fFE2uE5gK9OfDLP6Fd2ENX21vfkmVyiDsc-~A
.casalemedia.com/	1970-01-19 19:02:09	Name: CMST Value: YMbVrmDG1a4A
.doubleclick.net/	1970-01-20 04:22:19	Name: IDE Value: AHWqTUnYDMKUM0tj3I1EFYJqQYL8hc7pKuyM_3H2ijc1FQRcznH0clTn4SA-wqOXUto
.illinoistimes.com/	1970-01-20 04:25:12	Name: __qca Value: P0-1813849350-1623643566597
www.illinoistimes.com/	1970-01-20 04:29:31	Name: __atuvc Value: 1%7C24
.illinoistimes.com/	1970-01-20 12:31:55	Name: _ga Value: GA1.2.2064410747.1623643565
.infolinks.com/	1970-01-19 21:10:19	Name: ANUSERCOOKIE Value: 4671442627145516977
.infolinks.com/	1970-01-19 19:02:09	Name: OUTHUSERCOOKIE Value: y-qRSwQK5E2uE7iCQHuSwpQd3G5lpBT_Bp~A~UPd77959d6-ccc5-11eb-a5cd-06298ef1e368

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://resources.infolinks.com/js/1744.004-3.012/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1744.004-3.012/ice.js(Line 1) Message: Failed to log to loggly because of this exception: SecurityError: Blocked a frame with origin "https://www.illinoistimes.com" from accessing a cross-origin frame.
console-api	log	URL: https://resources.infolinks.com/js/1744.004-3.012/ice.js(Line 1) Message: Failed log data: [object Object]
console-api	log	(Line 179) Message: https://tpc.googlesyndication.com/simgad/5439567908973300661?

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56371af5cd24ef566ecfb5fcbac01ddd.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.secondstreetapp.com
apis.google.com
b1sync.zemanta.com
cm.g.doubleclick.net
connect.facebook.net
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
embed.secondstreetapp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
media.secondstreetapp.com
media1.fdncms.com
media2.fdncms.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.quantserve.com
platform.twitter.com
posting.illinoistimes.com
resources.infolinks.com
router.infolinks.com
rtb.adentifi.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssl.gstatic.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.illinoistimes.com
z.moatads.com
104.244.42.200
104.75.88.126
13.248.242.197
142.250.185.130
142.250.186.34
169.197.150.8
172.67.39.17
174.137.133.49
178.162.133.149
18.156.0.31
185.33.220.240
185.33.221.91
185.64.189.110
185.64.190.79
185.64.190.81
193.0.160.128
199.19.89.14
199.19.89.19
2.18.234.21
2.18.235.40
2.22.88.169
208.100.17.183
209.104.5.132
209.104.5.201
209.104.5.203
209.104.5.204
213.19.147.45
216.52.2.19
2600:9000:206e:7400:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2002
2a00:1450:4001:803::2008
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:810::200d
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2006
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c04::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.156.153.71
35.170.124.134
38.27.122.126
51.89.9.254
52.45.185.178
54.194.137.128
64.202.112.31
67.202.110.23
72.21.206.140
99.86.241.40
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0405a5bc77c0464bc7d9b42f82ce313058a35a4d756c9e2975e5519902d5f7f2
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07d45210c94f35daaa1999be70652b41de8d934bfdb626ac6a09cfe6bd275ea8
091c34a7f8718b4dd335584074f7ae9ac8439d0bcaf26d22d34a960a155ba7ae
0dfeb30177fa61537cb219b67b3efbd55d117b9706b25b62d09aaa35597d0b1a
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
123f9922b94f951e94fc684fae3003c2046fe1dd66a9e7266d3732a2bbe93749
1295392dc1ad49ec647789fb43abc365e98aee26822f397ba16a24d9acf6a689
14ba8426bdf97d6b4ee638e43a30dd03f4efa02fa2f2577f2d558736177a6442
1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
1816d947d4d4bafd1c4f03793110f64a56b2885ee29fc9fae3c226cea8bc2757
19e73b5a0aaba9b218aa3469c4920ec0ba9c44ee5616ce8632afafedecec7b27
1c60fbb2cbbef335bceb50752f77180c710787594e46f9e00d13121c489af0f5
1e295501da993eb0d8f58398611a5c8bed503fdde2ef5361e2ba210c9441315b
21e0f6fdadab8fbe7dd3f982d1c103e1799658fdde841463fc8f7baf878c82b0
2381e2e687872368a9c570016681cb33629ba45d87603f6e4d4bae502f734e10
252ab97ee499d7d23a00614970c623278062851d9cfe59f3cd513e48e039ec74
26a6fbd0e834ebccbd923a4a6ebb7f3e740eae994784694906cb5021f8529991
272c7ceed798c0b46a1b36b07e1277614686b4f2b5d82b6b06f09025a7fe61a4
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3177b278c5c3b93593d8fab99f7577a0d7701b100cf24ddab61730f69953794c
33afd6864c5b5a9330453d75f5d93cecebee1390b79c53316e6f302c22487111
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
380a2b96ba56a2981cd1c689b78edd8b91096f843ebec8ba62de16c8d8afd2fb
381359ffacca2e616134548f72501028737112338f58d73b1afe8497564f1309
39d97cb8d10a21871f5786b3e50a57f6a71043a2f34208fb3700e98af30e85f1
3d2ec1d990e7d6960d1af17e80926efcfea6af96338090068528678e119f6c13
3db0e7ae3d28e06921dfec85be78f611b236b16e119b111ba2d81af69357d5f8
3dda88c0f4d69b6b58784ee4b6ba0c2538811c31d130d9687c1151fb816e487a
3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c
40dbf3fc1d4ae39ba2bfd7ba64789dad731dcfada53fcc93019686fe51a771db
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
47352b3c22b7f2b4a9e9f9f191d3e81e748bbffb79a44d91ffc974855ca998c3
4d823a4e5ce94795fc96798925020333db1307b0439fedc164e9d56765dc69d8
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
51643413920fb7346927f681edf04d04a89cbdd95e4b1f6c52808328bf92ad4e
5a1b092d7e105d5ecda0bd16c3642bc9c9a19ce1c86318331d81c8d40217641c
5f599b7b8d4907a27e5345262f8fa534c2c5a6f8a356fa0f24cbae4b23514369
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
614e175e0e8ae71043a6f933bf4b62335024b146d9e61dafb22606e700a7f022
642c7ca38577ca06a2f252b92689ccdaf2fd6877462a42da02ab63be58c82ed6
664a77d8c8ee2817a5ce1a523d91619bf9d5eaf6ede7dd3ff51b5a6c493f154d
66d63653c7dddb0aa40c3064812e656bf2c39552426da16d0c4416012913e87c
6a353dad05eb71a15a8e326aee63687a0b55225730f1f8cb32327de440427e0c
6a532b4812e845c8dee24485c9a229af78ca6f52ffd4e2409a90aadc7fef13cf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bee7c2287dde885ae029ce46c5dfa0b956b792779607e56f3e98ab5ec13fc97
6cca9ac12d68e44dd5d8c28c9dc277450ba65bf42cba4d5a3ccbefd3f8f33ab8
6e91e73fa61993cea2208718d670f5ed1161039b2c7c9fe38e21cdbd5d5ab181
6f970a77b18c5abc9ad96241dc9df8377582f6327773e09d81e75d77550e516b
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
732babb8d82695b3300099007ae46f2b38e799a25c1dbce5abe047387e8c89e8
75d43068f2494b0681b0620340f894bbea10af594e8f3d95a969a2fbfa31fd13
770a3a6ce5e964147151838d7ee321886872c76788e2d904fee22274c20b6b30
77c3400602c6775464fc877123e5a4cf58d2b17ed85143030bef4c6ec82b26c9
78617ae9ba35535ee5013ac4f0ac3c6622077de9b1801fd3d07ab7a1a0017064
7a988b3c215ca3df7151bf7e1f5c4fd0d13b9691e7a878832ecce4f6aac4e3a5
819cab5e76863688f9f2ae5c001771dcb083b0d85e34cc83ec1d3ea4e05f9b10
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84b742c171dadedcad5db808d8dca7c9b19487365533eee7919cebe8e88c3cf6
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
919e5d30a059272ad78c3e4babcd96f99e357ab5249f8d504071701b0db44a08
932f99bdd5804c86713c8891d666d75feaa1180c145d79f57ffbd889e9d5ce70
95d34bf77b74c56e6221d7e75bd6f389f253275795fea67c07708fab6e7c4324
95f599607d1251c4c4368afd1a74858f317eb13fceb32664eb364afe1a107f88
963aebed8101db351fb1f5bd5a2abda0beae2bea66c1a64efb4dee16a725b0cd
9d295212d1518f876a5454f6a5b90194b607b11a81a16a816e91c7f0d706ed0a
9df89fd9a68d288030709826c8ce4beb0f2f68e4863da8a55b594717e61f5380
9f44becebd35a6e9ec71d4917ee8690eb00a0b0f0c9c7fa230f504464e9c643c
a04bf86f66bb62664a8db9037e41bbea13cee656222db85c45e1f90ad6f4a5ef
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0dc87b590e31e66accf570804b48b1f3cc7f08356e50f284f42133cfa544626
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a326a8858bb826358a393bf587e5e40e7989d10e1b482aa779a1e35028d52582
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af82b204ec252b41dc3b687b20f67faae6d082dc5c17dd737ed2fd817369008b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b300bb4687a69e113e89fbc14178e4a2c5a0c5d9dcdaea96117683ba87516e1a
b719fe5da21c5d8ecd3250c64aec64a6093294d3843ad16820c2a923fa447b28
b72d5158628601126495a0d4231bb7f963ebaec631896f7b6a21f5d2f15d71c3
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc9d5e09558279565ec0682c25b6e19e7ba308333de0d5f4b50ca21e8dc6ce83
bcf1b3b9f4e409166c14acc07c5f3cfe13f2790c5f7690168be8bb4d63f456ed
bd42dcba649e6fc1e6dc35d07b8837b148034e6a1b31c2bc400a11db707dabcd
bdf088a945996c8946afb09540a08312d626772822c80f1a50a77506d3ce5002
be7d16111871ab9df1c1f3be05e8ed51a06e32bb79eadf6c4a5340ed98ae3f93
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c422c61bba668a681be54bba76326d9a4c3800276f6ed9e3f8a852a42d4fa7c7
c65415f7040531e3c198e6dd8a7181e4158f814e8e08421de2222af4fe41cf84
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c9a12faa8ddf17fb72213baa01c910ec562d4088a8decbe07bedda2ce9563b0c
ca0ae60e1130ffcb656c7cb11791bc3b52be8d790bc166f126a844583d420d74
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8f6615de0ca17dfbd509adacf6d61c54b61399c2e2e317f45761a38310a965
cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484
cc1e5fb62639ccdfb7e1c592af6f0f3bba106e9fb79161db1400766eba8794b1
ceb95f5b7a8028d1208d7f92afda38c528f7a7777390d618c995330292e37f9c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d35c79e81225e4c05eb5bb1849bcd6927618c067e220b27c209fbcf740210430
d79eec0c1842ab8b4d021899ef94ffdef7867ca6c46848527a26bca705b4b239
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de472c7bfbac33dfd35ab64ddebb17c60b12151931d1b3717813425c1400571f
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467b1599e5b503059cd48cf495897a5dde5d288cbc2cd66dc3e78db31a16e2b
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e80a99eedd9d278fb9e047b5e213eec44711e86d073f649e7bcce3bf9cb29ca4
e89e11e20eb100d2cb16389b487c8cc09da5068455cef7ce504cdb1551d87d18
e8b9606094b65e5b858db2d4cd54b302eea636dcdc64ecf43e9223fdba54ea22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21
efe020641ee2fd84ed591a45d4bf251d4fc528579162708e46c7625827c0b520
efe19584191f0d14a12cb073568aa20d05b1b3c4c4c2d55c42918b1a39eacbff
f4e87dbef76aeb895e03dc869941f350590358f687a655886f20ebc58fae40a2
fb0a7740b729ec4015f6c69ef4b4683322e62374f165f7c4362cb448636ff588
ff1440702945cffe562b5e8462d2259d372ed6d28264169f6f9d9c8e20d21c0c
ffa811ff2834d53f32832c8b70d7df7208264e144629487bbd91179ca13a5eca

www.illinoistimes.com Open in urlscan Pro 209.104.5.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

100 %HTTPS

42 %IPv6

46 Domains

67 Subdomains

54 IPs

6 Countries

8577 kBTransfer

17683 kBSize

25 Cookies

11 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.illinoistimes.com Open in urlscan Pro
209.104.5.201 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

100 %
HTTPS

42 %
IPv6

46
Domains

67
Subdomains

54
IPs

6
Countries

8577 kB
Transfer

17683 kB
Size

25
Cookies

183 HTTP transactions
10 data transactions