www.chicagotribune.com Open in urlscan Pro
2600:1408:5400:22::b819:7f9a  Public Scan

URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos...
Submission: On January 19 via manual from US — Scanned from US

Summary

This website contacted 159 IPs in 10 countries across 127 domains to perform 542 HTTP transactions. The main IP is 2600:1408:5400:22::b819:7f9a, located in Ashburn, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.chicagotribune.com. The Cisco Umbrella rank of the primary domain is 66045.
TLS certificate: Issued by R3 on January 16th 2024. Valid for: 3 months.
This is the only time www.chicagotribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2600:1408:540... 20940 (AKAMAI-ASN1)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:21a... 16509 (AMAZON-02)
2 13.225.195.91 16509 (AMAZON-02)
14 13.225.195.114 16509 (AMAZON-02)
2 13.225.195.55 16509 (AMAZON-02)
2 3.161.213.29 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1408:540... 20940 (AKAMAI-ASN1)
9 2607:f8b0:400... 15169 (GOOGLE)
26 151.101.1.44 54113 (FASTLY)
3 23.7.73.96 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.7.17.42 16625 (AKAMAI-AS)
1 13.225.195.104 16509 (AMAZON-02)
1 6 3.161.213.40 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
4 35.190.38.143 15169 (GOOGLE)
2 18.205.148.211 14618 (AMAZON-AES)
11 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.195.106 16509 (AMAZON-02)
1 3 3.161.213.103 16509 (AMAZON-02)
12 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.107.60 16509 (AMAZON-02)
1 2 107.178.250.234 396982 (GOOGLE-CL...)
5 3.161.213.102 16509 (AMAZON-02)
1 35.82.223.115 16509 (AMAZON-02)
1 54.230.48.133 16509 (AMAZON-02)
3 34.193.251.250 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
4 3.161.213.4 16509 (AMAZON-02)
6 52.85.107.191 16509 (AMAZON-02)
1 54.192.51.51 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
3 52.86.159.66 14618 (AMAZON-AES)
2 13.225.195.126 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
6 52.223.1.76 16509 (AMAZON-02)
1 2620:100:a001::c 19750 (AS-CRITEO)
1 34.194.161.83 14618 (AMAZON-AES)
5 151.101.65.44 54113 (FASTLY)
1 2600:9000:215... 16509 (AMAZON-02)
1 172.64.149.180 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 104.18.35.167 13335 (CLOUDFLAR...)
9 54.192.51.62 16509 (AMAZON-02)
6 54.242.242.79 14618 (AMAZON-AES)
1 13.225.195.122 16509 (AMAZON-02)
1 2600:9000:21a... 16509 (AMAZON-02)
1 3.233.23.249 14618 (AMAZON-AES)
1 199.250.161.129 26459 (TTD-ASN-01)
1 2602:803:c002... 26667 (RUBICONPR...)
2 5 34.236.229.2 14618 (AMAZON-AES)
7 8 68.67.179.164 29990 (ASN-APPNEX)
1 44.215.250.220 14618 (AMAZON-AES)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 2620:100:a001... 19750 (AS-CRITEO)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
2 54.192.51.94 16509 (AMAZON-02)
1 13.225.199.75 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:21a... 16509 (AMAZON-02)
1 13.225.195.59 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 3.5.9.19 14618 (AMAZON-AES)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 34.206.99.162 14618 (AMAZON-AES)
14 16 52.223.40.198 16509 (AMAZON-02)
9 141.226.224.48 200478 (TABOOLA-AS)
1 54.231.199.129 16509 (AMAZON-02)
11 141.226.124.48 200478 (TABOOLA-AS)
1 2600:1408:20:... 20940 (AKAMAI-ASN1)
1 34.194.154.144 14618 (AMAZON-AES)
1 4 35.244.193.51 15169 (GOOGLE)
2 23.7.29.146 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.225.195.48 16509 (AMAZON-02)
4 3.161.213.111 16509 (AMAZON-02)
1 54.192.51.117 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 35.190.39.111 15169 (GOOGLE)
2 25 52.46.128.147 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3 52.201.6.220 14618 (AMAZON-AES)
1 54.192.51.48 16509 (AMAZON-02)
1 3.236.169.124 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 23.56.220.66 16625 (AKAMAI-AS)
5 7 2600:1f18:4e9... 14618 (AMAZON-AES)
4 6 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
6 14 35.244.159.8 396982 (GOOGLE-CL...)
1 54.192.51.110 16509 (AMAZON-02)
1 1 2600:9000:215... 16509 (AMAZON-02)
3 51.222.239.232 16276 (OVH)
2 54.192.51.61 16509 (AMAZON-02)
1 3 54.225.160.26 14618 (AMAZON-AES)
1 2600:9000:21a... 16509 (AMAZON-02)
1 1 23.105.12.143 30633 (LEASEWEB-...)
1 2600:9000:215... 16509 (AMAZON-02)
2 6 52.71.125.247 14618 (AMAZON-AES)
3 23.220.109.13 16625 (AKAMAI-AS)
1 52.202.66.82 14618 (AMAZON-AES)
10 23.202.153.103 16625 (AKAMAI-AS)
8 9 3.225.218.10 14618 (AMAZON-AES)
2 3.229.81.23 14618 (AMAZON-AES)
2 2 63.251.86.51 10913 (INTERNAP-BLK)
2 8 63.251.86.49 10913 (INTERNAP-BLK)
15 21 142.251.111.155 15169 (GOOGLE)
1 3.161.213.3 16509 (AMAZON-02)
38 3.224.6.94 14618 (AMAZON-AES)
2 3 35.71.139.29 16509 (AMAZON-02)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
5 5 2620:112:f002... 6336 (TURN-US-ASN)
2 3 151.101.194.49 54113 (FASTLY)
1 2606:ae80:147... 25751 (VALUECLICK)
2 2 80.77.87.161 46636 (NATCOWEB)
2 172.64.107.35 13335 (CLOUDFLAR...)
6 6 198.148.27.131 19189 (PULSEPOINT)
11 11 69.194.240.13 26120 (RHYTHMONE)
11 11 8.28.7.82 62713 (AS-PUBMATIC)
7 20 8.28.7.83 62713 (AS-PUBMATIC)
4 4 68.67.179.87 29990 (ASN-APPNEX)
14 3.214.33.241 14618 (AMAZON-AES)
7 7 35.211.178.172 15169 (GOOGLE)
1 1 35.211.118.13 15169 (GOOGLE)
8 11 34.111.113.62 396982 (GOOGLE-CL...)
2 2 54.175.110.69 14618 (AMAZON-AES)
3 3 52.2.41.65 14618 (AMAZON-AES)
1 2 38.91.45.7 398989 (DEEPINTENT)
4 4 64.202.112.255 22075 (AS-OUTBRAIN)
3 3 23.83.76.52 395954 (LEASEWEB-...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2 185.167.164.49 198622 (ADFORM)
1 1 124.146.153.163 2514 (INFOSPHER...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
4 4 104.96.238.138 16625 (AKAMAI-AS)
2 2 2607:f350:3:2... 27630 (AS-XFERNET)
3 3 63.251.28.233 13789 (INTERNAP-...)
2 2 35.214.136.176 15169 (GOOGLE)
1 37.157.5.132 198622 (ADFORM)
2 67.202.105.24 32748 (STEADFAST)
1 23.202.152.28 16625 (AKAMAI-AS)
2 2 172.240.127.129 7979 (SERVERS-COM)
2 2 35.207.24.140 15169 (GOOGLE)
1 1 195.244.31.11 63140 (IGUANA-WO...)
1 1 216.219.92.22 19318 (IS-AS-1)
1 8 35.173.162.10 14618 (AMAZON-AES)
9 14 8.43.72.98 26667 (RUBICONPR...)
3 3 207.198.113.89 13768 (COGECO-PEER1)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 82.145.213.8 39832 (NO-OPERA)
1 2 8.2.110.134 46636 (NATCOWEB)
2 2620:100:a001::4 19750 (AS-CRITEO)
8 2607:f8b0:400... 15169 (GOOGLE)
4 23.220.110.24 16625 (AKAMAI-AS)
1 162.19.138.119 16276 (OVH)
1 4 104.36.115.113 62713 (AS-PUBMATIC)
7 12 8.43.72.97 26667 (RUBICONPR...)
1 205.234.175.175 30081 (CACHENETW...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 10 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 44.219.54.255 14618 (AMAZON-AES)
2 3 54.243.186.52 14618 (AMAZON-AES)
3 3 69.173.151.100 26667 (RUBICONPR...)
1 40.76.134.238 8075 (MICROSOFT...)
1 1 34.150.170.96 396982 (GOOGLE-CL...)
4 162.248.18.34 62713 (AS-PUBMATIC)
1 141.226.224.32 200478 (TABOOLA-AS)
1 52.95.118.179 16509 (AMAZON-02)
8 8 54.159.20.108 14618 (AMAZON-AES)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 23.40.207.42 20940 (AKAMAI-ASN1)
1 147.28.146.89 54825 (PACKET)
8 10 141.95.98.64 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 44.218.239.184 14618 (AMAZON-AES)
1 34.199.116.44 14618 (AMAZON-AES)
2 2 173.231.184.20 32475 (SINGLEHOP...)
1 1 216.22.16.8 30633 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 34.224.254.163 14618 (AMAZON-AES)
1 52.45.141.6 14618 (AMAZON-AES)
1 1 2620:116:800b... 14618 (AMAZON-AES)
2 2 54.208.255.20 14618 (AMAZON-AES)
1 2 34.231.250.139 14618 (AMAZON-AES)
1 74.119.119.150 19750 (AS-CRITEO)
1 54.192.51.7 16509 (AMAZON-02)
1 34.237.132.177 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
2 34.231.224.100 ()
1 2 34.227.43.106 ()
1 151.101.130.132 ()
542 159
Apex Domain
Subdomains
Transfer
52 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1024
pm-widget.taboola.com — Cisco Umbrella Rank: 3284
trc.taboola.com — Cisco Umbrella Rank: 646
vidstat.taboola.com — Cisco Umbrella Rank: 3158
trc-events.taboola.com — Cisco Umbrella Rank: 2085
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3780
imprchmp.taboola.com — Cisco Umbrella Rank: 4775
ch-match.taboola.com — Cisco Umbrella Rank: 4994
sync.taboola.com — Cisco Umbrella Rank: 1289
vidstatb.taboola.com — Cisco Umbrella Rank: 4631
opps.taboola.com — Cisco Umbrella Rank: 6326
pips.taboola.com — Cisco Umbrella Rank: 1652
cds.taboola.com — Cisco Umbrella Rank: 1817
ch-vid-events.taboola.com — Cisco Umbrella Rank: 4636
713 KB
51 chicagotribune.com
www.chicagotribune.com — Cisco Umbrella Rank: 66045
r610.chicagotribune.com — Cisco Umbrella Rank: 82150
zephr.chicagotribune.com — Cisco Umbrella Rank: 93922
authenticate.chicagotribune.com — Cisco Umbrella Rank: 180491
844 KB
44 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
83 KB
43 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image8.pubmatic.com — Cisco Umbrella Rank: 664
image2.pubmatic.com — Cisco Umbrella Rank: 912
image6.pubmatic.com — Cisco Umbrella Rank: 805
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image4.pubmatic.com — Cisco Umbrella Rank: 1237
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
44 KB
35 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
171 KB
27 minutemedia-prebid.com
cs-tam.minutemedia-prebid.com — Cisco Umbrella Rank: 6343
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 2030
13 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
193 KB
23 google.com
www.google.com — Cisco Umbrella Rank: 2
accounts.google.com — Cisco Umbrella Rank: 23
news.google.com — Cisco Umbrella Rank: 6054
play.google.com — Cisco Umbrella Rank: 31
192 KB
21 gstatic.com
fonts.gstatic.com
www.gstatic.com
758 KB
17 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1478
usersync.gumgum.com — Cisco Umbrella Rank: 1988
5 KB
17 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 2647
match.adsrvr.org — Cisco Umbrella Rank: 357
8 KB
16 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1736
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
u.openx.net — Cisco Umbrella Rank: 683
us-u.openx.net — Cisco Umbrella Rank: 524
3 KB
15 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1664
a.ad.gt — Cisco Umbrella Rank: 1857
p.ad.gt — Cisco Umbrella Rank: 2222
ids.ad.gt — Cisco Umbrella Rank: 1592
pixels.ad.gt — Cisco Umbrella Rank: 1982
19 KB
15 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
6 KB
13 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 1945
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1999
cs.yellowblue.io — Cisco Umbrella Rank: 1706
7 KB
13 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 13368
embedcdn.sendtonews.com — Cisco Umbrella Rank: 14711
s2l.sendtonews.com — Cisco Umbrella Rank: 13457
player.sendtonews.com — Cisco Umbrella Rank: 14731
382 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
11 KB
12 cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
dyv1bugovvq1g.cloudfront.net
d15kdpgjg3unno.cloudfront.net
806 KB
11 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
44 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
44 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
11 KB
9 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 3083
usr.undertone.com — Cisco Umbrella Rank: 2036
5 KB
9 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
lexicon.33across.com — Cisco Umbrella Rank: 1517
ssc-cms.33across.com — Cisco Umbrella Rank: 901
14 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
4 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
r.bidswitch.net — Cisco Umbrella Rank: 6571
4 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
4 KB
8 sophi.io
dynpaywall-api-chicagotribune.ml.sophi.io — Cisco Umbrella Rank: 149240
cdn.sophi.io — Cisco Umbrella Rank: 16184
ecollector-tribune.sophi.io
43 KB
7 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1011
idsync.rlcdn.com — Cisco Umbrella Rank: 451
id.rlcdn.com — Cisco Umbrella Rank: 738
2 KB
7 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2851
launchpad.privacymanager.io — Cisco Umbrella Rank: 2337
geo.privacymanager.io — Cisco Umbrella Rank: 1860
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2199
83 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
5 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
2 KB
6 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 651
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5488
4 KB
6 remixd.com
tags.remixd.com — Cisco Umbrella Rank: 20833
pubcast-files.remixd.com — Cisco Umbrella Rank: 21865
player-files.remixd.com — Cisco Umbrella Rank: 20998
82 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
135 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
2 KB
5 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6940
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
1 KB
5 media.net
cs.media.net — Cisco Umbrella Rank: 1236
contextual.media.net — Cisco Umbrella Rank: 709
3 KB
5 googlesyndication.com
9516acb358add85bb1d82b0bdd5c0756.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
67 KB
5 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2221
mng-trib-tagan.adlightning.com — Cisco Umbrella Rank: 64016
99 KB
5 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11005
www.i.matheranalytics.com — Cisco Umbrella Rank: 10770
45 KB
5 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5210
consent.api.osano.com — Cisco Umbrella Rank: 9295
122 KB
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 704
px.moatads.com — Cisco Umbrella Rank: 660
112 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
13 KB
4 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
creativecdn.com — Cisco Umbrella Rank: 564
3 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
2 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com — Cisco Umbrella Rank: 412
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 698
ice.360yield.com — Cisco Umbrella Rank: 1892
2 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
2 KB
3 blockboardtech.com
edge.blockboardtech.com — Cisco Umbrella Rank: 12210
securedev.blockboardtech.com Failed
secure.blockboardtech.com
2 MB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
cm.adform.net — Cisco Umbrella Rank: 1147
1 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
881 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
1 KB
3 amazonaws.com
ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9228
ams-depr-public.s3.amazonaws.com — Cisco Umbrella Rank: 40587
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5363
2 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
852 B
3 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1144
3 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
1 KB
3 tribdss.com
www.tribdss.com — Cisco Umbrella Rank: 84794
ssor.tribdss.com — Cisco Umbrella Rank: 85192
40 KB
2 emxdgt.com
imp.emxdgt.com
329 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4970
967 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1604
835 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1397
685 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
1011 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1811
beacon.krxd.net — Cisco Umbrella Rank: 784
557 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1105
540 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
62 KB
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3182
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
804 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1908
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
470 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
730 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
2 KB
2 brealtime.com
js.brealtime.com — Cisco Umbrella Rank: 20111
biddr.brealtime.com
57 KB
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 973
1 KB
2 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1149
646 B
2 flipp.com
p.flipp.com — Cisco Umbrella Rank: 13262
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1798
19 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
34 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
25 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3040
p1.parsely.com — Cisco Umbrella Rank: 2229
21 KB
2 blueconic.net
tribune.blueconic.net — Cisco Umbrella Rank: 58677
2 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4149
71 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1389
c.go-mpulse.net — Cisco Umbrella Rank: 624
50 KB
2 zephr.com
assets.zephr.com — Cisco Umbrella Rank: 14965
16 KB
2 htlbid.com
htlbid.com — Cisco Umbrella Rank: 7889
146 KB
1 ispot.tv
pi.ispot.tv
315 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
287 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2704
201 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
592 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1716
425 B
1 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 5981
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1913
4 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
127 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
650 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
659 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
282 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
518 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1353
609 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1803
273 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 1841
587 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 731
350 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
828 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
66 KB
1 dotomi.com
direct.ad.cpe.dotomi.com — Cisco Umbrella Rank: 14413
319 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
441 B
1 ads-flipp.com
cdn.ads-flipp.com — Cisco Umbrella Rank: 20928
649 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 790
632 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4356
559 B
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 12883
35 KB
1 stnvideo.com
playlist.stnvideo.com — Cisco Umbrella Rank: 19298
65 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5856
277 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
12 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2653
41 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3637
164 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
104 KB
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com Failed
542 127
Domain Requested by
31 www.chicagotribune.com www.chicagotribune.com
26 cs.minutemedia-prebid.com sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cdn.undertone.com
25 s.amazon-adsystem.com 2 redirects cmp.osano.com
s.amazon-adsystem.com
google-bidout-d.openx.net
u.openx.net
match.sharethrough.com
sync-amz.ads.yieldmo.com
rtb.gumgum.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cdn.undertone.com
ce.lijit.com
ads.pubmatic.com
21 cm.g.doubleclick.net 15 redirects google-bidout-d.openx.net
sync-amz.ads.yieldmo.com
rtb.gumgum.com
www.chicagotribune.com
s.amazon-adsystem.com
16 match.adsrvr.org 14 redirects js-sec.indexww.com
htlbid.com
14 pixel.rubiconproject.com 9 redirects s.amazon-adsystem.com
14 usersync.gumgum.com rtb.gumgum.com
s.amazon-adsystem.com
ads.pubmatic.com
14 r610.chicagotribune.com www.chicagotribune.com
r610.chicagotribune.com
cmp.osano.com
13 cdn.taboola.com www.chicagotribune.com
cmp.osano.com
12 token.rubiconproject.com 7 redirects eus.rubiconproject.com
12 www.gstatic.com cmp.osano.com
www.google.com
www.gstatic.com
news.google.com
11 pixel.tapad.com 8 redirects s.amazon-adsystem.com
11 image2.pubmatic.com 5 redirects s.amazon-adsystem.com
ads.pubmatic.com
11 image8.pubmatic.com 11 redirects cs-tam.minutemedia-prebid.com
11 us-u.openx.net 5 redirects google-bidout-d.openx.net
u.openx.net
s.amazon-adsystem.com
11 www.google-analytics.com cmp.osano.com
www.google-analytics.com
www.chicagotribune.com
p.ad.gt
10 id5-sync.com 8 redirects cdn.id5-sync.com
www.chicagotribune.com
10 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
cs-server-s2s.yellowblue.io
cdn.undertone.com
cs-tam.minutemedia-prebid.com
9 simage2.pubmatic.com 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
9 ids.ad.gt 1 redirects www.chicagotribune.com
9 d29xw9s9x32j3w.cloudfront.net www.chicagotribune.com
embed.sendtonews.com
9 fonts.gstatic.com fonts.googleapis.com
www.google.com
8 match.prod.bidr.io 8 redirects
8 play.google.com www.gstatic.com
8 usr.undertone.com 1 redirects cdn.undertone.com
s.amazon-adsystem.com
8 sync.1rx.io 8 redirects
8 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
8 ce.lijit.com 2 redirects s.amazon-adsystem.com
ce.lijit.com
8 ups.analytics.yahoo.com 7 redirects u.openx.net
8 ib.adnxs.com 7 redirects htlbid.com
7 x.bidswitch.net 7 redirects
7 pr-bh.ybp.yahoo.com 5 redirects google-bidout-d.openx.net
s.amazon-adsystem.com
7 sync.taboola.com imprchmp.taboola.com
ch-match.taboola.com
7 ch-trc-events.taboola.com www.chicagotribune.com
7 news.google.com cmp.osano.com
news.google.com
www.chicagotribune.com
www.gstatic.com
6 bh.contextweb.com 6 redirects
6 match.sharethrough.com 2 redirects s.amazon-adsystem.com
match.sharethrough.com
6 s2l.sendtonews.com embed.sendtonews.com
6 ecollector-tribune.sophi.io cdn.sophi.io
6 c.amazon-adsystem.com cmp.osano.com
embed.sendtonews.com
c.amazon-adsystem.com
5 ad.turn.com 5 redirects
5 idsync.rlcdn.com 3 redirects u.openx.net
s.amazon-adsystem.com
5 vidstat.taboola.com cmp.osano.com
5 ads.yieldmo.com 2 redirects htlbid.com
sync-amz.ads.yieldmo.com
5 trc.taboola.com cdn.taboola.com
www.chicagotribune.com
imprchmp.taboola.com
ch-match.taboola.com
5 securepubads.g.doubleclick.net cmp.osano.com
securepubads.g.doubleclick.net
tagan.adlightning.com
5 zephr.chicagotribune.com assets.zephr.com
5 www.google.com www.chicagotribune.com
cmp.osano.com
www.gstatic.com
www.google.com
5 embed.sendtonews.com 1 redirects www.chicagotribune.com
embed.sendtonews.com
5 fonts.googleapis.com www.chicagotribune.com
embed.sendtonews.com
client
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 cs.yellowblue.io cs-server-s2s.yellowblue.io
s.amazon-adsystem.com
4 secure-assets.rubiconproject.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 secure.adnxs.com 4 redirects
4 cs.media.net 4 redirects
4 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
4 lexicon.33across.com 1 redirects www.chicagotribune.com
cdn-ima.33across.com
4 tagan.adlightning.com cmp.osano.com
tagan.adlightning.com
3 simage4.pubmatic.com ads.pubmatic.com
3 px.moatads.com www.chicagotribune.com
3 pixel-us-east.rubiconproject.com 3 redirects
3 dpm.demdex.net 3 redirects
3 opps.taboola.com vidstat.taboola.com
3 pixel-sync.sitescout.com 3 redirects
3 ssum-sec.casalemedia.com 2 redirects cdn.undertone.com
3 ads.stickyadstv.com 3 redirects
3 creativecdn.com 3 redirects
3 tpc.googlesyndication.com tagan.adlightning.com
3 ssbsync.smartadserver.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 eb2.3lift.com 2 redirects s.amazon-adsystem.com
3 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
3 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
3 onetag-sys.com s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
3 px.ads.linkedin.com 1 redirects www.chicagotribune.com
s.amazon-adsystem.com
3 player-files.remixd.com www.chicagotribune.com
3 cdn-ima.33across.com cmp.osano.com
www.chicagotribune.com
3 www.i.matheranalytics.com www.chicagotribune.com
3 accounts.google.com cmp.osano.com
accounts.google.com
3 jadserve.postrelease.com cmp.osano.com
www.chicagotribune.com
3 sb.scorecardresearch.com 1 redirects www.chicagotribune.com
3 cmp.osano.com www.chicagotribune.com
cmp.osano.com
2 imp.emxdgt.com 1 redirects www.chicagotribune.com
2 secure.blockboardtech.com www.chicagotribune.com
2 ch-vid-events.taboola.com vidstat.taboola.com
www.chicagotribune.com
2 pmp.mxptint.net 1 redirects s.amazon-adsystem.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 thrtle.com 1 redirects s.amazon-adsystem.com
2 cm.adgrx.com 2 redirects
2 ice.360yield.com 2 redirects
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 static.criteo.net cmp.osano.com
static.criteo.net
2 cs.krushmedia.com 1 redirects ce.lijit.com
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 rtb.mfadsrvr.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ssc-cms.33across.com cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
2 csync.loopme.me 2 redirects
2 sync.go.sonobi.com 2 redirects
2 c1.adform.net 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.srv.stackadapt.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 id.hadron.ad.gt cdn.hadronid.net
2 ap.lijit.com 2 redirects
2 crb.kargo.com s.amazon-adsystem.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 p.flipp.com cdn-gateflipp.flippback.com
2 cdn.hadronid.net www.chicagotribune.com
a.ad.gt
2 ch-match.taboola.com cmp.osano.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
s.amazon-adsystem.com
2 oajs.openx.net 1 redirects www.chicagotribune.com
2 secure.cdn.fastclick.net cmp.osano.com
www.chicagotribune.com
2 trc-events.taboola.com www.chicagotribune.com
2 config.aps.amazon-adsystem.com cmp.osano.com
c.amazon-adsystem.com
2 cdnjs.cloudflare.com cmp.osano.com
embed.sendtonews.com
2 consent.api.osano.com cmp.osano.com
2 pm-widget.taboola.com cmp.osano.com
2 js.matheranalytics.com 1 redirects www.chicagotribune.com
2 tribune.blueconic.net cmp.osano.com
2 cdn.onesignal.com www.chicagotribune.com
cmp.osano.com
2 www.tribdss.com www.chicagotribune.com
cmp.osano.com
2 tags.remixd.com www.chicagotribune.com
tags.remixd.com
2 assets.zephr.com www.chicagotribune.com
2 htlbid.com www.chicagotribune.com
1 biddr.brealtime.com www.chicagotribune.com
1 pi.ispot.tv www.chicagotribune.com
1 rtb.adentifi.com s.amazon-adsystem.com
1 synchroscript.deliveryengine.adswizz.com s.amazon-adsystem.com
1 dis.criteo.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 sync.bfmio.com s.amazon-adsystem.com
1 a.clickcertain.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 beacon.krxd.net www.chicagotribune.com
1 usermatch.krxd.net 1 redirects
1 pagead2.googlesyndication.com tagan.adlightning.com
1 pixels.ad.gt p.ad.gt
1 prebid.a-mo.net s.amazon-adsystem.com
1 hb.yahoo.net s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 cds.taboola.com cdn.taboola.com
1 image4.pubmatic.com s.amazon-adsystem.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com s.amazon-adsystem.com
1 pips.taboola.com cdn.taboola.com
1 ad.360yield.com www.chicagotribune.com
1 p.ad.gt a.ad.gt
1 edge.blockboardtech.com www.chicagotribune.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 z.moatads.com www.chicagotribune.com
1 t.adx.opera.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 pixel.advertising.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 contextual.media.net cs-server-s2s.yellowblue.io
1 cm.adform.net cs-server-s2s.yellowblue.io
1 tg.socdm.com 1 redirects
1 www.googletagservices.com tagan.adlightning.com
1 r.bidswitch.net 1 redirects
1 js.brealtime.com vidstat.taboola.com
1 direct.ad.cpe.dotomi.com vidstat.taboola.com
1 id.rlcdn.com 1 redirects
1 ats-wrapper.privacymanager.io cmp.osano.com
1 vidstatb.taboola.com www.chicagotribune.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 cdn.undertone.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 cs-tam.minutemedia-prebid.com s.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 cdn.ads-flipp.com cdn-gateflipp.flippback.com
1 google-bidout-d.openx.net cmp.osano.com
1 pippio.com 1 redirects
1 imprchmp.taboola.com cmp.osano.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 player.sendtonews.com embed.sendtonews.com
1 9516acb358add85bb1d82b0bdd5c0756.safeframe.googlesyndication.com cmp.osano.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 cdn-gateflipp.flippback.com cdn.taboola.com
1 mng-trib-tagan.adlightning.com tagan.adlightning.com
1 cdn.id5-sync.com cmp.osano.com
1 playlist.stnvideo.com embed.sendtonews.com
1 c.go-mpulse.net s.go-mpulse.net
1 ams-depr-public.s3.amazonaws.com htlbid.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 ams-pageview-public.s3.amazonaws.com www.chicagotribune.com
1 d15kdpgjg3unno.cloudfront.net cmp.osano.com
1 tags.crwdcntrl.net cmp.osano.com
1 cdn.prod.uidapi.com cmp.osano.com
1 invstatic101.creativecdn.com cmp.osano.com
1 oa.openxcdn.net cmp.osano.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 htlb.casalemedia.com htlbid.com
1 bidder.criteo.com htlbid.com
1 hbopenbid.pubmatic.com htlbid.com
1 tlx.3lift.com htlbid.com
1 fastlane.rubiconproject.com htlbid.com
1 direct.adsrvr.org htlbid.com
1 hb.yellowblue.io htlbid.com
1 dyv1bugovvq1g.cloudfront.net htlbid.com
1 launchpad.privacymanager.io cmp.osano.com
1 imasdk.googleapis.com cmp.osano.com
1 js-sec.indexww.com cmp.osano.com
1 cdn.jwplayer.com tags.remixd.com
1 p1.parsely.com www.chicagotribune.com
1 gum.criteo.com cmp.osano.com
1 stats.g.doubleclick.net www.google-analytics.com
1 launchpad-wrapper.privacymanager.io cmp.osano.com
1 d1y4ng3lozj2yp.cloudfront.net cmp.osano.com
1 authenticate.chicagotribune.com cmp.osano.com
1 cdn.parsely.com cmp.osano.com
1 cdn.sophi.io cmp.osano.com
1 pubcast-files.remixd.com tags.remixd.com
1 embedcdn.sendtonews.com www.chicagotribune.com
1 dynpaywall-api-chicagotribune.ml.sophi.io www.chicagotribune.com
1 s.ntv.io www.chicagotribune.com
1 ssor.tribdss.com www.chicagotribune.com
1 s.go-mpulse.net www.chicagotribune.com
1 www.googletagmanager.com www.chicagotribune.com
0 securedev.blockboardtech.com Failed www.chicagotribune.com
0 sync-dmp.mobtrakk.com Failed match.sharethrough.com
542 229
Subject Issuer Validity Valid
tronc.web.arc-cdn.net
R3
2024-01-16 -
2024-04-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.osano.com
Amazon RSA 2048 M03
2023-10-18 -
2024-11-15
a year crt.sh
htlbid.com
Amazon RSA 2048 M01
2023-09-21 -
2024-10-18
a year crt.sh
r610.chicagotribune.com
Amazon RSA 2048 M03
2023-12-26 -
2025-01-24
a year crt.sh
assets.zephr.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-26
a year crt.sh
*.remixd.com
Amazon RSA 2048 M03
2024-01-10 -
2025-02-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2023-04-05 -
2024-04-04
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
www.trbimg.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-24 -
2024-05-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-03 -
2024-05-02
a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1
2023-08-28 -
2024-08-28
a year crt.sh
dynpaywall-api-chicagotribune.ml.sophi.io
Amazon RSA 2048 M01
2023-04-30 -
2024-05-28
a year crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
pubcast-files.remixd.com
GTS CA 1D4
2024-01-12 -
2024-04-11
3 months crt.sh
*.blueconic.net
Amazon RSA 2048 M01
2023-06-08 -
2024-07-06
a year crt.sh
cdn.sophi.io
Amazon RSA 2048 M01
2023-09-17 -
2024-10-15
a year crt.sh
*.parsely.com
Amazon RSA 2048 M02
2023-05-06 -
2024-06-03
a year crt.sh
zephr.sun-sentinel.com
Amazon RSA 2048 M02
2023-12-08 -
2025-01-05
a year crt.sh
sendtonews.com
Amazon RSA 2048 M02
2023-10-22 -
2024-11-19
a year crt.sh
authenticate.baltimoresun.com
Amazon RSA 2048 M01
2023-08-11 -
2024-09-07
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-10-27 -
2024-11-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01
2023-07-08 -
2024-08-05
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01
2023-07-27 -
2024-08-24
a year crt.sh
accounts.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.news.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M03
2023-11-15 -
2024-12-14
a year crt.sh
*.api.osano.com
Amazon RSA 2048 M03
2023-09-27 -
2024-10-25
a year crt.sh
*.sophi.io
Amazon RSA 2048 M01
2023-04-11 -
2024-05-10
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02
2023-10-27 -
2024-11-23
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-16
a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02
2023-04-18 -
2024-05-16
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01
2023-08-14 -
2024-09-12
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-11-24 -
2024-02-22
3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-12-23 -
2024-03-22
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
player-files.remixd.com
GTS CA 1D4
2024-01-18 -
2024-04-17
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-03
9 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
rkdms.com
Amazon RSA 2048 M03
2023-10-04 -
2024-11-01
a year crt.sh
*.stnvideo.com
Amazon RSA 2048 M02
2023-03-01 -
2024-03-29
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
*.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
flippback.com
Amazon RSA 2048 M01
2023-09-18 -
2024-10-16
a year crt.sh
esp.rtbhouse.com
GTS CA 1D4
2024-01-05 -
2024-04-04
3 months crt.sh
lexicon.33across.com
GTS CA 1D4
2023-11-27 -
2024-02-25
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-01 -
2024-12-21
a year crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01
2024-01-18 -
2024-12-28
a year crt.sh
hadronid.net
GTS CA 1P5
2023-12-03 -
2024-03-02
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
flipp.com
Amazon RSA 2048 M01
2023-07-31 -
2024-08-28
a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02
2023-11-17 -
2024-12-15
a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01
2023-05-01 -
2024-05-29
a year crt.sh
*.undertone.com
Amazon RSA 2048 M01
2023-09-11 -
2024-10-08
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01
2023-03-26 -
2024-04-23
a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03
2023-12-11 -
2025-01-08
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-01-10 -
2024-06-26
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-12-26 -
2024-06-19
6 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-06-09 -
2024-07-10
a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2
2023-01-23 -
2024-02-24
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2023-12-01 -
2025-01-01
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03
2023-12-12 -
2025-01-09
a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-25 -
2024-06-18
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
a.ad.gt
E1
2023-12-12 -
2024-03-11
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-15 -
2024-03-10
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
*.eu-1-id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.blockboardtech.com
Sectigo RSA Organization Validation Secure Server CA
2023-10-13 -
2024-10-13
a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3
2023-11-09 -
2024-11-07
a year crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-13
a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA
2023-04-03 -
2024-04-02
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-13 -
2024-12-22
a year crt.sh
*.id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02
2023-03-31 -
2024-04-28
a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02
2023-07-04 -
2024-08-01
a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-18 -
2024-09-17
a year crt.sh
adentifi.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-03
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2023-06-14 -
2024-06-14
a year crt.sh
*.ispot.tv
R3
2024-01-09 -
2024-04-08
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh

This page contains 60 frames:

Primary Page: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Frame ID: B306B4BEE63CC48F6824B1ABA0F2E8B2
Requests: 238 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 2F0DFF2E2C7E7BFCFF0DF62A9A1EBD2D
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: C9CBC9068540CE69B46EAC7730A9D522
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
Frame ID: EC65E08872359F3A15CD057871A1DA7B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: 95D4F11529BF0E1DD5DBC38291116807
Requests: 7 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 2CC7764AC105F5B1B4F3677AB5ACCAD4
Requests: 30 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1705672139463&sut=Ab9pFDazi%2FD0MePXw8tdcNNnsYxA16R9qGYo%2FgOeLRBUxSNfrIzji%2Btv6BB%2Buy49QYiHQjtZCoqxRSbmDY69%2BNrt9BEWAjdRGk5EjXKKodZOAyMm&publicationId=chicagotribune.com
Frame ID: DDB7213C020808B99301E554540F2CC7
Requests: 15 HTTP requests in this frame

Frame: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Frame ID: AF8E7DDF1146DCF9D4415FDFBA8FE545
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&dcc=t
Frame ID: B64BB7C84A8F13D8C722EE33FB7EB1F2
Requests: 1 HTTP requests in this frame

Frame: https://9516acb358add85bb1d82b0bdd5c0756.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0291C7B2C2B5E3BFBFD13458CA55C0B
Requests: 1 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&cmcv=&pix=undefined&cb=1705672139910&uv=3373&tms=1705672139910&abt=adxsub-out_vA!adxsub-out_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=17e8c5c3-4098-446f-8a2c-888aaf2bc091&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 14B6E924A58D9DD6FDAD3AFCE806D99B
Requests: 4 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E352E73FCEE4E57BD6FAA1AD7EFEC959
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: DA53AA164FC342A9CD34D34DE0CCD6B5
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 00CED341DD38CB714726A234C912F2D3
Requests: 6 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E403FCB6A04151C51D3B951D240347CE
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: E2601958E251358C9ED979F4D7E17BCC
Requests: 12 HTTP requests in this frame

Frame: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Frame ID: 198234AD5A2AFD4777673976BEC588D5
Requests: 24 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: A9D025588952D9F762E02B7B35BCD7CE
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747110656901291457&gdpr=0&gdpr_consent=
Frame ID: BFBC7006692E21893BF2A7573B5B4B5B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Frame ID: C317BDC82C123873E0085CCF560D093D
Requests: 9 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: C088E52E450B46C4FB90D243DF21D7C7
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 275A5E2EB3398B5ADC928B88EFEBFB14
Requests: 18 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 38B1FC31A30623BD49078E5A2A4328DB
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: B94F331E959947D314D08E81B7B519A3
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11RWc0X0YxRTJ1SVZnc3lQUnBRNk91RHYxS29jT05VR35B&gdpr=0
Frame ID: 3BE168BC170E8A5467181B68007BD17F
Requests: 1 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/dinitsync?partners=A9
Frame ID: D18CF54B18EE2AF960A6E0288D9AA148
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7519615932400280823&ex=appnexus.com&gdpr=0
Frame ID: D7E6E201C5A82B6D5183D8A181183FC4
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Frame ID: 20F09BF10BCD4D75276B545F585F20B7
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Frame ID: 1B26535211AA4184EC3826B97DED42DD
Requests: 17 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=807143988169548681215
Frame ID: 76B9EC7923AB2B0427B829BD1B608D7B
Requests: 1 HTTP requests in this frame

Frame: https://js.brealtime.com/ovvbundle_moat.js
Frame ID: E66F2C14CD222C8B794400E1D450604F
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Frame ID: FB3D2187146CD0B926E61E0DF9B3A070
Requests: 9 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6223903298907341552&gdpr=0&gdpr_consent=
Frame ID: C3154C3EAD05AA4497AD7E4D9932172E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8zNzRkYjllYy0yYTk1LTQ4NWItOTIwZi01M2Y5ZDhlNWQ0MzU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 0A451A17E7BA41F30F1678CA77838B11
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: E9E82285B6F7E550AAC7E1F1D98EE8A5
Requests: 12 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=af5608ad-d911-4701-ba5f-8e2d06b27589
Frame ID: 0A37A4AA96A48D83A38EA5B1E4BC6C9C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Zap9zcCo8YwAAEQRlhgAAAAA
Frame ID: 0305B5918A439A2FE2649B6A851C11ED
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=gumgum&tc=1
Frame ID: B072746323D67C82D620618EFC982887
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 9E131F8DC84DBB83B025A5FA99DD1BFC
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 6F90612287744C1E071C1220BA3AFB3B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: D1BCDC881F8D9DF4FE24894FDF910AAF
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 1E87C5A0F7FFA443CBB6DF222DC8378E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 913E70A6C0BD0758614D924540189719
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: DA2D55EB58F86B7FF8583180491B4175
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 2C6E818454350ABBE1015C813102109E
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=37262AF7-E53C-4453-8BB4-532914A9A862&redir=true&gdpr=0&gdpr_consent=
Frame ID: 34FE16954482D8BEAD5013F481B8E7AF
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID37262AF7-E53C-4453-8BB4-532914A9A862
Frame ID: 876E05851E78ABD842B8BBC8643BA4CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=82364a3e-b6d1-11ee-89f0-6e5106d24edb
Frame ID: CACB086A5A74E702A7B9A1A01A3C4976
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7519615932400280823&gdpr=0&gdpr_consent=
Frame ID: 82E7982BEEAE47444AC3612C83E242C8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACxkE7LVPwAABLVw2aUYA&gdpr=0
Frame ID: 4B9252AA7F9711EEAD64A461CB61A53A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 18BD078D7340C11B6D780D2CB9AF9C4D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2331364c26194d9eaff1f
Frame ID: 174D58EE187A6DE8C03AEFFAB47A9BF8
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=90b242ee-469b-4129-a6f2-7505dc827c92
Frame ID: 8CB1DF02C44E51689FC14DAD020689B0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID37262AF7-E53C-4453-8BB4-532914A9A862
Frame ID: E0501BA7746219BBDCBE9E8EE156A6F2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw
Frame ID: 584E7D08061BE1DD8D7188F7BED29B14
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ap4GKFcv1RqPf25&gdpr=0&gdpr_consent=
Frame ID: 3882A571BC9BA7E28E3DE53160C9DC75
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
Frame ID: 98A87C208D896258A27D7AA7CF1D7FD7
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=37262AF7-E53C-4453-8BB4-532914A9A862
Frame ID: 04AFBBCCD4D2541A0E1FC93A0A3F6845
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1862C7DF0A881159C8BC4CB80929B342
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=37262AF7-E53C-4453-8BB4-532914A9A862
Frame ID: 5E8C14F38E8CFD3ECF7323812D5AF3EF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Illinois Supreme Court to decide if cops may search vehicles over pot odorClose this dialog

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

542
Requests

75 %
HTTPS

23 %
IPv6

127
Domains

229
Subdomains

159
IPs

10
Countries

8293 kB
Transfer

20003 kB
Size

265
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://embed.sendtonews.com/player3/embedcode.js?fk=7WQ1xQNF-vJYVOHOP&cid=4591 HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.7-Z/embed.js
Request Chain 49
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1705672137715&ns_c=UTF-8&c8=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1705672137715&ns_c=UTF-8&c8=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&c9=
Request Chain 53
  • https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1645 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma89701/fusion/15/ml.br.js
Request Chain 186
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6 HTTP 307
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=PMgHDJHdEi12z53BPb%2FU4GL7sOvcgOwN1csVMi1qGcg%3D&fp=wA7XmPAig4dj%2FKhM9dKnTd3QgyrgCFaQraiFT4ZfBdBEkTQXWWaK1tW9c7ddR4e43zCf0xefr52KHpvG6Yr5Ww%3D%3D
Request Chain 205
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&rid=esp&cc=1
Request Chain 212
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&dcc=t
Request Chain 243
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=af5608ad-d911-4701-ba5f-8e2d06b27589
Request Chain 244
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524188000V10
Request Chain 245
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bDLychtE2oRcsWss8cbcXiKKY2VlEgYq_lcfKQ--~A
Request Chain 246
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=af5608ad-d911-4701-ba5f-8e2d06b27589
Request Chain 247
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-5W77469E2oSRELPifTtpNXQKfSRdpmhxkRvdyg--~A
Request Chain 248
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524113000V10
Request Chain 249
  • https://idsync.rlcdn.com/712559.gif?partner_uid=6b114a43-92be-4fc9-92f5-f8bb09101cdd HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDZiMTE0YTQzLTkyYmUtNGZjOS05MmY1LWY4YmIwOTEwMWNkZBAAGg0IzPuprQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cd2a7a2521e4235ea538efd270eca1ef9edf7e3d9dc8e892bb5bc9e033676f44791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cd2a7a2521e4235ea538efd270eca1ef9edf7e3d9dc8e892bb5bc9e033676f44791426b5417dce21&rand=07509854 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cd2a7a2521e4235ea538efd270eca1ef9edf7e3d9dc8e892bb5bc9e033676f44791426b5417dce21&rand=07509854&expected_cookie=40bcedee-f476-4a75-b08e-3c47ba525c90
Request Chain 256
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3486737401524143000V10
Request Chain 257
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=4245a32d7d
Request Chain 266
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747110656901291457&gdpr=0&gdpr_consent=
Request Chain 272
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11RWc0X0YxRTJ1SVZnc3lQUnBRNk91RHYxS29jT05VR35B&gdpr=0
Request Chain 274
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7519615932400280823&ex=appnexus.com&gdpr=0
Request Chain 275
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Request Chain 279
  • https://match.adsrvr.org/track/cmf/openx?oxid=54b451db-74ef-7788-eb51-90fb46565542&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=af5608ad-d911-4701-ba5f-8e2d06b27589&ttd_puid=54b451db-74ef-7788-eb51-90fb46565542&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzhkYjgyMTEtYmQ5OC0yOTJjLWZlYjEtY2E0MjhjYjQ5YjIy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzhkYjgyMTEtYmQ5OC0yOTJjLWZlYjEtY2E0MjhjYjQ5YjIy&google_tc=
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOKSGjJoo3T6Lwg-RebUVL8&google_cver=1
Request Chain 286
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=807143988169548681215
Request Chain 289
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bDLychtE2oRcsWss8cbcXiKKY2VlEgYq_lcfKQ--~A
Request Chain 290
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E HTTP 302
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524188000V10
Request Chain 291
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-wvgZwI9E2uEVVvIHks1rB9hmVLF96FKJ~A&gdpr_in_effect=0
Request Chain 294
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=01722ebd-b9a8-41e8-b428-10087fcd349a HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=01722ebd-b9a8-41e8-b428-10087fcd349a
Request Chain 295
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7519615932400280823
Request Chain 296
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2329117063689986867&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 297
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Zap9zAAPq4SdnwBH HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zap9zAAPq4SdnwBH&_test=Zap9zAAPq4SdnwBH
Request Chain 304
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MWE5ZTI2YTEtMmI0My00MDc4LWFmMGEtOWNlYzBiNTg2OTMw HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 306
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=sharethrough&bsw=90b242ee-469b-4129-a6f2-7505dc827c92
Request Chain 307
  • https://cs.admanmedia.com/c01d0246d79eba64b8a7cca07e5b7dc7.gif?puid=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DqUVJTHutDLcyGRS8xfsW2M4g%26source_user_id%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=062a562d-3fb0-45aa-8b79-635cfdc66ceb&gdpr=0&gdpr_consent=
Request Chain 310
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VEYw7FFuuwFB2m5r4iEm HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
Request Chain 311
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=HIrK5xuEOPP2&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 312
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1705672140729 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4730692085 HTTP 302
  • https://sync.1rx.io/usersync/turn/2329117063689986867?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
Request Chain 314
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjAwNzlEQzYtOEYwNC00NkQ2LUEzOUMtODY1RTZCMTExMjhD&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
Request Chain 315
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7519615932400280823
Request Chain 316
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=90b242ee-469b-4129-a6f2-7505dc827c92 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=90b242ee-469b-4129-a6f2-7505dc827c92&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dgumgum2%26bsw_param%3D90b242ee-469b-4129-a6f2-7505dc827c92 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=90b242ee-469b-4129-a6f2-7505dc827c92&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dgumgum2%26bsw_param%3D90b242ee-469b-4129-a6f2-7505dc827c92 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=447d9a7f-983b-4e29-8668-10ba39298020%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dgumgum2%252526bsw_param%25253D90b242ee-469b-4129-a6f2-7505dc827c92%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=af5608ad-d911-4701-ba5f-8e2d06b27589&ttd_puid=447d9a7f-983b-4e29-8668-10ba39298020%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dgumgum2%2526bsw_param%253D90b242ee-469b-4129-a6f2-7505dc827c92%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=gumgum2&bsw_param=90b242ee-469b-4129-a6f2-7505dc827c92 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=90b242ee-469b-4129-a6f2-7505dc827c92&gdpr=&gdpr_consent=&us_privacy=
Request Chain 317
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=a389f5ab-5cfa-4fde-8c2a-80168e065404
Request Chain 318
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Request Chain 319
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-4MMKEGhE2peV2mtQNyQUNVmdR24LEioKfIEF~A
Request Chain 320
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=605bf330-bf3d-4752-93c9-9b7b7e088456
Request Chain 322
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_374db9ec-2a95-485b-920f-53f9d8e5d435&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=8XO2cwS9Xd6CkXXX86jl&gdpr=0
Request Chain 323
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=4qaGpP0FfUD5&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 324
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=747110656901291457
Request Chain 333
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6223903298907341552&gdpr=0&gdpr_consent=
Request Chain 336
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=af5608ad-d911-4701-ba5f-8e2d06b27589
Request Chain 337
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Zap9zcCo8YwAAEQRlhgAAAAA
Request Chain 338
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=gumgum&tc=1
Request Chain 339
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 340
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=287aa52e-d3f2-4b01-9350-f76bd692b10a
Request Chain 341
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=36217f6b5d97c296704a5e1a2518c6cf&gdpr_consent=&gdpr=0
Request Chain 342
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=ec0a1a27-977d-423d-abaf-023a5646e079&gdpr_consent=null&gdpr=0
Request Chain 344
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUIwQzQyRkEtNDdBOS00QUE0LUIxNjUtRjc3OTE4MTcyMjE3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
Request Chain 345
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1705672140730 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2925528018 HTTP 302
  • https://sync.1rx.io/usersync/turn/2329117063689986867?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
Request Chain 346
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=bcb44d4d-a300-4acd-a016-cc6967ff8101
Request Chain 347
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7519615932400280823&gdpr=0&gdpr_consent=
Request Chain 348
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=90b242ee-469b-4129-a6f2-7505dc827c92
Request Chain 350
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEYw7FFuuwFB2m5r4iEm&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 351
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=cSRfQsFtSr8C&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 352
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0
Request Chain 353
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=747110656901291457&gdpr=0&gdpr_consent=
Request Chain 356
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=747110656901291457&gdpr=0&gdpr_consent=
Request Chain 357
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=4938548693954675219 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=c1d74cf9-be83-5313-888e-86c8ed24fb04
Request Chain 358
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=8def5c04-5d36-4bff-92b4-d09ac3dffd9c
Request Chain 359
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=4f41ede55d81355272cc99ff46f8a25e
Request Chain 360
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1115412654 HTTP 302
  • https://sync.1rx.io/usersync/turn/2329117063689986867?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
Request Chain 361
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=zeta&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYyAiUGOAE= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6135810188 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/af5608ad-d911-4701-ba5f-8e2d06b27589 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005?redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3DRX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYyAiUGOAE%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=37&buyeruid=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYyAiUGOAE= HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYyAiUGOAI=%26buyeruid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F748%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D95a3a6e1-87ee-4910-9952-760d20b84127%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzA0TldJNFpqUmhNUzFqWTJNeUxUTmxPVGN0WW1WbE9DMWtPRGRrTjJSaU1tWTRZVFlRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwNE5XSTRaalJoTVMxalkyTXlMVE5sT1RjdFltVmxPQzFrT0Rka04yUmlNbVk0WVRZeUFpVUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/748?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=95a3a6e1-87ee-4910-9952-760d20b84127&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzA0TldJNFpqUmhNUzFqWTJNeUxUTmxPVGN0WW1WbE9DMWtPRGRrTjJSaU1tWTRZVFlRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwNE5XSTRaalJoTVMxalkyTXlMVE5sT1RjdFltVmxPQzFrT0Rka04yUmlNbVk0WVRZeUFpVUdPQUk9JmJ1eWVydWlkPQ%3D%3D&uid=7519615932400280823 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F748%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D95a3a6e1-87ee-4910-9952-760d20b84127%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzA0TldJNFpqUmhNUzFqWTJNeUxUTmxPVGN0WW1WbE9DMWtPRGRrTjJSaU1tWTRZVFlRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwNE5XSTRaalJoTVMxalkyTXlMVE5sT1RjdFltVmxPQzFrT0Rka04yUmlNbVk0WVRZeUFpVUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/1/748?us_privacy=1---&gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=95a3a6e1-87ee-4910-9952-760d20b84127&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzA0TldJNFpqUmhNUzFqWTJNeUxUTmxPVGN0WW1WbE9DMWtPRGRrTjJSaU1tWTRZVFlRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwNE5XSTRaalJoTVMxalkyTXlMVE5sT1RjdFltVmxPQzFrT0Rka04yUmlNbVk0WVRZeUFpVUdPQUk9JmJ1eWVydWlkPQ%3D%3D&uid=Zap9zHRhaLqQqx9fV.AJ7QAA%26377 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F748%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D95a3a6e1-87ee-4910-9952-760d20b84127%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzA0TldJNFpqUmhNUzFqWTJNeUxUTmxPVGN0WW1WbE9DMWtPRGRrTjJSaU1tWTRZVFlRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwNE5XSTRaalJoTVMxalkyTXlMVE5sT1RjdFltVmxPQzFrT0Rka04yUmlNbVk0WVRZeUFpVUdPQUk9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/2/748?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=95a3a6e1-87ee-4910-9952-760d20b84127&bidder=sovrn&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzA0TldJNFpqUmhNUzFqWTJNeUxUTmxPVGN0WW1WbE9DMWtPRGRrTjJSaU1tWTRZVFlRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwNE5XSTRaalJoTVMxalkyTXlMVE5sT1RjdFltVmxPQzFrT0Rka04yUmlNbVk0WVRZeUFpVUdPQUk9JmJ1eWVydWlkPQ==&uid=IBIdhPZH0hKsqWxBRTKQ75mx HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F4%252F748%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D95a3a6e1-87ee-4910-9952-760d20b84127%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzA0TldJNFpqUmhNUzFqWTJNeUxUTmxPVGN0WW1WbE9DMWtPRGRrTjJSaU1tWTRZVFlRX19fX19fX19fX19fQVNwWmFIUjBjSE02THk5amN5NXRhVzUxZEdWdFpXUnBZUzF3Y21WaWFXUXVZMjl0TDJOelAyRnBaRDB5TVRRNU5TWnBaRDExWVMwNE5XSTRaalJoTVMxalkyTXlMVE5sT1RjdFltVmxPQzFrT0Rka04yUmlNbVk0WVRZeUFpVUdPQUk9JmJ1eWVydWlkPQ%25253D%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=605bf330-bf3d-4752-93c9-9b7b7e088456&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=11b3d3b7e67807a8&is_secure=true&networkId=17100&version=1&nuid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACeop8ymoQUgMTBeBMAAAAAAA&expiration=1705758542&nuid=37262AF7-E53C-4453-8BB4-532914A9A862&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 362
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26rid%3DFqTke7xzCp_mm%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&rid=FqTke7xzCp_mm&id=cdedb3df-0b7d-48dc-93c9-890c0655dfa7
Request Chain 363
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26rid%3DFqTke7xzCp_mm%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&rid=FqTke7xzCp_mm&uid=VEYw7FFuuwFB2m5r4iEm&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 364
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=cSRfQsFtSr8C&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminutemedia%26bsw_param%3D90b242ee-469b-4129-a6f2-7505dc827c92%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=9ac29e49bd63493f89357e12ffa0fe2a&ssp=minutemedia&bsw_param=90b242ee-469b-4129-a6f2-7505dc827c92&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=90b242ee-469b-4129-a6f2-7505dc827c92
Request Chain 366
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=062a562d-3fb0-45aa-8b79-635cfdc66ceb
Request Chain 367
  • https://csync.loopme.me/?pubid=11555&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=3e4a2752-b04d-4fc8-a873-46c32ad71c72&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 368
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26rid%3DFqTke7xzCp_mm%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&rid=FqTke7xzCp_mm&id=807143988169548681215
Request Chain 369
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzcyNjJBRjctRTUzQy00NDUzLThCQjQtNTMyOTE0QTlBODYy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
Request Chain 371
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26rid%3DFqTke7xzCp_mm%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&rid=FqTke7xzCp_mm&id=Zap9zHRhaLqQqx9fV.AJ7QAA%26377
Request Chain 372
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0
Request Chain 373
  • https://ads.stickyadstv.com/user-matching?id=3686&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21517&id=36217f6b5d97c296704a5e1a2518c6cf&gdpr_consent=&gdpr=0
Request Chain 374
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/minutemedia/?cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__&s=2 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=niZP2cOnYctfUlkXf7DS
Request Chain 375
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=7519615932400280823
Request Chain 376
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=IBIdhPZH0hKsqWxBRTKQ75mx
Request Chain 377
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=287aa52e-d3f2-4b01-9350-f76bd692b10a
Request Chain 385
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 387
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 388
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 389
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=1fd936fc-7440-4beb-81d4-8f3cb1fa7510
Request Chain 390
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-mpE.OqJE2uE.LzSbLfKx1lx9VP523lNY~A
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=af5608ad-d911-4701-ba5f-8e2d06b27589&ttl=1708264140
Request Chain 392
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRKP5HL8-21-EONG
Request Chain 393
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDRFMTVCRjEtNTIzNi00OUY3LUJBMUEtNDFGMUNDOUQ4MzFB&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
Request Chain 394
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Ddcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253Ddcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3Ddcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553
Request Chain 395
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-VzlRv.NE2uGiFlbUgoecV7bp0oHHtEKbiVrDokw-~A
Request Chain 396
  • https://usr.undertone.com/userPixel/syncr?gdpr=&gdprstr=&partnerId=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UIDENC HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=7pa7z5qns7pzxsczj2k0cxbbv
Request Chain 398
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 400
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=cSRfQsFtSr8C&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 401
  • https://ums.acuityplatform.com/tum?umid=27&uid=IBIdhPZH0hKsqWxBRTKQ75mx&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=878771007062
Request Chain 402
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7519615932400280823&gdpr=0&gdpr_consent=
Request Chain 403
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPUa407f7a53dfb4d8499c827d271fbb100&gdpr=0&gdpr_consent=&pid=103
Request Chain 404
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-matching?id=3673&_fw_gdpr=0&_fw_gdpr_consent=[GDPR_CONSENT] HTTP 302
  • https://cs.krushmedia.com/4ac47ff1918c5163a9cce45544663444.gif?puid=[UID]&redir=[RED]&_fw_gdpr=0&_fw_gdpr_consent=%5BGDPR_CONSENT%5D
Request Chain 434
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001705672141-MD84WZAF-R78N&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001705672141-MD84WZAF-R78N&adnxs_id=7519615932400280823&gdpr=0
Request Chain 435
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001705672141-MD84WZAF-R78N&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=af5608ad-d911-4701-ba5f-8e2d06b27589&id=AU1D-0100-001705672141-MD84WZAF-R78N
Request Chain 436
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001705672141-MD84WZAF-R78N HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=37262AF7-E53C-4453-8BB4-532914A9A862&id=AU1D-0100-001705672141-MD84WZAF-R78N
Request Chain 437
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001705672141-MD84WZAF-R78N&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&rub=LRKP5HL8-21-EONG&gdpr=0
Request Chain 438
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001705672141-MD84WZAF-R78N&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001705672141-MD84WZAF-R78N%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=447d9a7f-983b-4e29-8668-10ba39298020%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001705672141-MD84WZAF-R78N%252526tapad_id%25253D447d9a7f-983b-4e29-8668-10ba39298020%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=af5608ad-d911-4701-ba5f-8e2d06b27589&ttd_puid=447d9a7f-983b-4e29-8668-10ba39298020%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001705672141-MD84WZAF-R78N%2526tapad_id%253D447d9a7f-983b-4e29-8668-10ba39298020%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&tapad_id=447d9a7f-983b-4e29-8668-10ba39298020
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001705672141-MD84WZAF-R78N HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&google_gid=CAESEIQWoHn_yufeVJtagXkGNKA&google_cver=1&google_ula=450542624,0
Request Chain 440
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001705672141-MD84WZAF-R78N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNTY3MjE0MS1NRDg0V1pBRi1SNzhO
Request Chain 442
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001705672141-MD84WZAF-R78N&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001705672141-MD84WZAF-R78N HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001705672141-MD84WZAF-R78N&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001705672141-MD84WZAF-R78N HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=33291684567316088793167227619002512227&id=AU1D-0100-001705672141-MD84WZAF-R78N
Request Chain 445
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRKP5HL8-21-EONG&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NyYq9-U8RFOLtFMpFKmoYg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 452
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=37262AF7-E53C-4453-8BB4-532914A9A862 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D447d9a7f-983b-4e29-8668-10ba39298020%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7519615932400280823&pt=447d9a7f-983b-4e29-8668-10ba39298020%2C%2C
Request Chain 455
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENIkkqNdnwkk2cUXFSEgClA&google_cver=1
Request Chain 456
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:59189B2565E24ADCAE4730FDBB2E3D3F
Request Chain 457
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=
Request Chain 459
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37262AF7-E53C-4453-8BB4-532914A9A862&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-duyRdvlE2uUxiz6a5k_nMels1al28ts-~A&gdpr=0
Request Chain 466
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 467
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRKP5HL8-21-EONG&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJvQvr9jlvGzaMAxNpgN1fM&google_cver=1
Request Chain 469
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=&expires=30
Request Chain 470
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTRkNDAwNmNjZGE2OWUxZGRiNmNlYTk2MTdmODNiYzk0NDlkNWE5ZQ&gdpr=0&us_privacy=1---
Request Chain 471
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Request Chain 472
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nN4cfbW_SUGfswErL7kjFw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nN4cfbW_SUGfswErL7kjFw&gdpr=0
Request Chain 473
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJLUDVITDgtMjEtRU9ORw==&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEECwWMyPBRsI0bl6FqzWFKA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJLUDVITDgtMjEtRU9ORw==&google_push=&gdpr=0
Request Chain 475
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MWyuOLyLPJNaD9RCRcGzwcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-q_w71YNE2oIRN2ot4H4iSdEpQ9GRHp5zkAH5fg--~A
Request Chain 476
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACxkE7LVPwAABLVw2aUYA&expires=30&gdpr=0
Request Chain 477
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Request Chain 478
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRKP5HL8-21-EONG&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRKP5HL8-21-EONG&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---&final=true
Request Chain 479
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Request Chain 480
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRKP5HL8-21-EONG&redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRKP5HL8-21-EONG&gdpr=0&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1MQXU1amNoRTJ1RncybGNWbVUyWEZtb25xWm9LSkVxbH5B&gdpr=0&ovsid=LRKP5HL8-21-EONG&dpid=58160&us_privacy=1---
Request Chain 481
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Request Chain 482
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=605bf330-bf3d-4752-93c9-9b7b7e088456&expires=30&gdpr=0&us_privacy=1---
Request Chain 486
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 487
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 490
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 491
  • https://id5-sync.com/i/687/8.gif?id5id=ID5*hlJctxOhXRu9lN4a2aGKu4RcJTXEbRmPUCePvO51hoN9sYdDK3nTQDN75lV-IBBLfbJIQU8FFAk2jQbp58CgEA&o=api&gdpr_consent=undefined&gdpr=false&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/687/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://id5-sync.com/c/687/2/7/2.gif?puid=7519615932400280823&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9419rMcwlQLys5Rmx-c1OzpIu3sLdAHvQeIyURPrDQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F687%2F124%2F6%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9419rMcwlQLys5Rmx-c1OzpIu3sLdAHvQeIyURPrDQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F687%2F124%2F6%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/687/124/6/3.gif?puid=893fb143-6f14-4a23-b02a-d8908ef24d63&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7519615932400280823&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F1246%2F5%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&s=id5 HTTP 302
  • https://id5-sync.com/c/687/1246/5/4.gif?puid=IBIdhPZH0hKsqWxBRTKQ75mx&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F796%2F4%2F5.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/796/4/5.gif?puid=605bf330-bf3d-4752-93c9-9b7b7e088456&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/108/3/6.gif?puid=447d9a7f-983b-4e29-8668-10ba39298020&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AACxkE7LVPwAABLVw2aUYA&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/687/429/1/8.gif?puid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6 HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F441%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-%3A%26gpp_sid%3D6&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/687/441/0/9.gif?puid=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6
Request Chain 495
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=af5608ad-d911-4701-ba5f-8e2d06b27589 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
Request Chain 498
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=82364a3e-b6d1-11ee-89f0-6e5106d24edb
Request Chain 499
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7519615932400280823&gdpr=0&gdpr_consent=
Request Chain 500
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDeGtFN0xWUHdBQUJMVncyYVVZQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACxkE7LVPwAABLVw2aUYA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=747110656901291457&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACxkE7LVPwAABLVw2aUYA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D747110656901291457%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=747110656901291457&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACxkE7LVPwAABLVw2aUYA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D747110656901291457%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=747110656901291457&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACxkE7LVPwAABLVw2aUYA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACxkE7LVPwAABLVw2aUYA&gdpr=0
Request Chain 502
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2331364c26194d9eaff1f
Request Chain 503
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=90b242ee-469b-4129-a6f2-7505dc827c92
Request Chain 505
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=37262AF7-E53C-4453-8BB4-532914A9A862&vxii_pid=12&vxii_pid1=10067&vxii_rcid=93d726f6-3f2a-4267-9597-4923a394c210
Request Chain 510
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw
Request Chain 511
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ap4GKFcv1RqPf25&gdpr=0&gdpr_consent=
Request Chain 512
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
Request Chain 513
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=33e1254d-caa0-4405-a119-9cb59ec5fc6e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=37262AF7-E53C-4453-8BB4-532914A9A862
Request Chain 517
  • https://idsync.rlcdn.com/712188.gif?partner_uid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPJNvf2-1HThgUkjPOTm5-A&google_cver=1
Request Chain 520
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&gdpr=0&gdpr_consent=
Request Chain 522
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2329117063689986867&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 523
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10F892F7D_208C4158&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 524
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=pubmatic&gdpr=0&gdpr_consent=
Request Chain 537
  • https://imp.emxdgt.com/imp/?cp=2.00000&ts=1705672138&seat=Blockboard_EMX&w=5&h=5&pb=1.4&sid=16810&tid=173339&pid=1643&uid=77551705672138307897e1&wid=58&dom=chicagotribune.com&tp=2.00000&mt=2&dt=2&st=1&os=windows&ip=38.132.118.73&sz=&country=US&region=NY&city=new%20york&zip=10025&dma=&agency_id=&cluster=east-hb&browser=chrome&rf=www.chicagotribune.com&data_fee_type=&data_fee=0&clstr_nm=header-bidding-east-1&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&make=Google&ifa=&adom=balanceofnature.com&cat=&us_privacy=1---&crid=11848&deal=emx104224 HTTP 302
  • https://biddr.brealtime.com/check_gdpr.js

542 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
www.chicagotribune.com/marijuana/illinois/
190 KB
44 KB
Document
General
Full URL
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a2b6f5da3d243d7c21c75017ec2b82047f3b9a0bc63e9d5eb7224b361d8cdee6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

akamai-true-ttl
3600
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 19 Jan 2024 13:48:56 GMT
etag
W/"2e435-DWcC2dOl57FxMI/lQG9Gtzk1KaY"
expires
Fri, 19 Jan 2024 13:49:56 GMT
last-modified
Fri, 19 Jan 2024 13:33:00 GMT
prerender-cache-tag
prerender-tronc-chicago-tribune-prod-1785f48d
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=2 origin; dur=0 ak_p; desc="1705672136678_389524314_48450786_178_7596_53_113_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-cf-id
aksVHHT7zw2uTq8HruezJUcnXxj0-T2_Q5kmBV8wL59sTkOT6mRObg==
x-amz-cf-pop
ORD52-C1
x-arc-pb-request-id
aa8b449c-58b0-4b8e-b9d8-42b94fa43cf0
x-arc-request-id
0.5aab3717.1705672136.2e34ce2
css
fonts.googleapis.com/
6 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 13:48:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 13:47:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jan 2024 13:48:56 GMT
Menu_Icon.svg
www.chicagotribune.com/pf/resources/icons/
1 KB
1 KB
Image
General
Full URL
https://www.chicagotribune.com/pf/resources/icons/Menu_Icon.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 13:48:56 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.5aab3717.1705672136.2e34f5d
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672136901_389524314_48451421_346_5318_53_0_219";dur=1
content-length
505
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"3078b03aa176e280460db6374ed5934b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
LPCD3kaAoR-PoF9goxiDX9kvm_6PLuUgfe_Gwyi-n5h6OpWTWX5pLw==
expires
Sat, 18 Jan 2025 13:48:56 GMT
Search_Icon.svg
www.chicagotribune.com/pf/resources/icons/
1 KB
1 KB
Image
General
Full URL
https://www.chicagotribune.com/pf/resources/icons/Search_Icon.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 13:48:56 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD52-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.5aab3717.1705672136.2e34f5e
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672136901_389524314_48451422_349_5272_53_0_219";dur=1
content-length
700
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"d947de375e50e50a1aa4f7951e3c56b0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
1QptNB4oA7cn69H6IsSXFOlZE8TC8x5X4F4lbSi8FcQbjmy-FcWFYQ==
expires
Sat, 18 Jan 2025 13:48:56 GMT
Chicago_Tribune-chiblue.svg
www.chicagotribune.com/pf/resources/logo/
13 KB
6 KB
Image
General
Full URL
https://www.chicagotribune.com/pf/resources/logo/Chicago_Tribune-chiblue.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 13:48:56 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD52-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.5aab3717.1705672136.2e34f5f
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672136901_389524314_48451423_353_5237_53_0_219";dur=1
content-length
5118
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"71456cc06238c3a185cccb135bec0329"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
Eidf9M1c83d8Ow7RnOxj2EXH4praYLVuNV181x2IW74m8boff6ZANA==
expires
Sat, 18 Jan 2025 13:48:56 GMT
6IG35TUUQBC45MDCBFKEC5QSLM.JPG
www.chicagotribune.com/resizer/xXftPiyEb3JIxgc4iObuG-nJLrk=/400x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/
18 KB
19 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/xXftPiyEb3JIxgc4iObuG-nJLrk=/400x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/6IG35TUUQBC45MDCBFKEC5QSLM.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
742448ea31bdb64f0f8b8fbd4ba6cbdcd52918345e3dabbcd211107ad8d9b8bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 19 Jan 2024 13:48:56 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 19 Jan 2024 00:46:47 GMT
x-serial
1074
server
Akamai Image Manager
x-check-cacheable
YES
etag
"6a6f34fe65e0d012900d34d5d6082cc7a1376e5a"
x-arc-request-id
0.5aab3717.1705672136.2e34f60
content-type
image/avif
cache-control
private, no-transform, max-age=31488986
server-timing
cdn-cache; desc=HIT, edge; dur=19, ak_p; desc="1705672136901_389524314_48451424_2287_8059_58_0_219";dur=1
content-length
18510
expires
Sat, 18 Jan 2025 00:45:22 GMT
6IG35TUUQBC45MDCBFKEC5QSLM.JPG
www.chicagotribune.com/resizer/gncyuifIkq4rfHJx0kwbTOx868I=/1024x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/
111 KB
111 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/gncyuifIkq4rfHJx0kwbTOx868I=/1024x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/6IG35TUUQBC45MDCBFKEC5QSLM.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
dd54a7a394c63521472537a1acb1676439548119d0f575b78b5cf47f38cc5fc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 19 Jan 2024 00:46:47 GMT
server
Akamai Image Manager
etag
"9d5e7db0d5636b379f6c5f218a38b9a4f5cbbcc5"
x-arc-request-id
0.5aab3717.1705672137.2e35445
content-type
image/avif
cache-control
private, no-transform, max-age=31488985
server-timing
cdn-cache; desc=HIT, edge; dur=10, ak_p; desc="1705672137114_389524314_48452677_986_9187_52_0_146";dur=1
content-length
113539
expires
Sat, 18 Jan 2025 00:45:22 GMT
osano.js
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/
434 KB
119 KB
Script
General
Full URL
https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:bc00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
39418a8ea55e8f834cc763a97291657a316eb88dd4791a1d4e5e6a8664ebc427
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:57 GMT
content-encoding
gzip
via
1.1 1a0361f1d6eeb33d623d41bfabfa3e8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
YUL62-C1
age
6702
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
120970
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Jan 2024 21:53:41 GMT
server
CloudFront
etag
"8c0b258702758d08965f40497fafa6d0"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
uzqo4hqBNUF5o_LvuvwFUmaOt_wHpzDNRGqaWoDc88s3yN7Kfu3bPg==
htlbid.css
htlbid.com/v3/chicagotribune.com/
470 B
859 B
Stylesheet
General
Full URL
https://htlbid.com/v3/chicagotribune.com/htlbid.css
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-91.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
def6a9d822627b0ea4a61278103db2436736304a64d6c3efb2557984528f8f25

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:47:30 GMT
via
1.1 aeb5666323839aae474c4500b3f9dd82.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 15:05:52 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
88
x-amz-server-side-encryption
AES256
etag
"2052e0db26785bd18c4db0edc6ca8eee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=600
accept-ranges
bytes
content-length
470
x-amz-cf-id
9Hy112tmnl0WsAxEb9JVXVgIyLgYaDVrLDkoPGbtSGm4IhT3lCOgCw==
htlbid.js
htlbid.com/v3/chicagotribune.com/
498 KB
145 KB
Script
General
Full URL
https://htlbid.com/v3/chicagotribune.com/htlbid.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-91.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e5288a134354c7941b7c097a89643675fb87515e89e772a7727f89dabf599cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:41:50 GMT
content-encoding
gzip
via
1.1 aeb5666323839aae474c4500b3f9dd82.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 15:05:52 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
427
etag
W/"85b315d9bb67d74ed71a6612bd60e1ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600
x-amz-cf-id
M9sJIYzp0ztP2FhhJTzv_SMQydDExgADqvcHuGOep9HVG1rYgB9Iig==
script.js
r610.chicagotribune.com/
136 KB
41 KB
Script
General
Full URL
https://r610.chicagotribune.com/script.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
5686bcb387468aa4aee44c7777977fb187f48cd6c324171647e2342ebfac423b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
age
344
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
41846
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jan 2024 13:40:56 GMT
server
-
etag
2fd7d8ab5ca09052f21fa4dc48385200
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
1h1Ci5ZDtXxl4ZTnPrPXFMdN4QhPbMjrZPCNjlaT3gD9EzrKszSsDg==
expires
Fri, 19 Jan 2024 13:53:13 GMT
react.js
www.chicagotribune.com/pf/dist/engine/
338 KB
100 KB
Script
General
Full URL
https://www.chicagotribune.com/pf/dist/engine/react.js?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b96832ee49d210ef7b2adf148c33b05b9cf79278df177af263e13731769fa352
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.5aab3717.1705672137.2e35484
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137125_389524314_48452740_203_5496_52_0_146";dur=1
content-length
102205
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"4bf4f75bce01baf4a560525cc04dc5a0"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
gKKkSes49eg5D83OqT1tMf1QF4Dnu45zJqSkuoYC53FS6US9W9OpIQ==
expires
Sat, 18 Jan 2025 13:48:57 GMT
default.js
www.chicagotribune.com/pf/dist/components/combinations/
844 KB
222 KB
Script
General
Full URL
https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
cc0c1be5c480b126b4c776ad4c2b29bee9663e1da188a965f2c0beea327dc558
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
x-edgeconnect-origin-mex-latency
94
date
Fri, 19 Jan 2024 13:48:57 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P6
x-edgeconnect-midmile-rtt
20
x-amz-server-side-encryption
AES256
x-arc-request-id
0.5aab3717.1705672137.2e35486
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137125_389524314_48452742_205_5351_52_0_146";dur=1
content-length
226879
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"3a3e929fab77bfc141aac4307736bffc"
x-edgeconnect-cache-status
3
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
NarwxUC1rHcGAO9_7sU_UmDD3CU8Ty4XWxJroPpZmJ6eE_dWSYtH1w==
expires
Sat, 18 Jan 2025 13:48:57 GMT
default.css
www.chicagotribune.com/pf/dist/components/output-types/
38 KB
6 KB
Stylesheet
General
Full URL
https://www.chicagotribune.com/pf/dist/components/output-types/default.css?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1d94c96db9e0666e51f97a821f8d812010b44ae4d25683c25ba71d45ae622f70
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 13:48:56 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.5aab3717.1705672136.2e34f5b
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672136901_389524314_48451419_347_5289_53_0_255";dur=1
content-length
5521
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"ba3f67fe84a7b88db84d9999b442383f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
4MNr5Qj1prdKAD8e0tpRyhprAv3kWOr7_HncR8WvoTVyyc4bodz0bw==
expires
Sat, 18 Jan 2025 13:48:56 GMT
default.css
www.chicagotribune.com/pf/dist/components/combinations/
66 KB
11 KB
Stylesheet
General
Full URL
https://www.chicagotribune.com/pf/dist/components/combinations/default.css?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
af4566bb9dc17bbdac65cb62445451255ccec18c0698ac5d04c825ccb1b12e24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 13:48:56 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.5aab3717.1705672136.2e34f5c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672136901_389524314_48451420_348_5372_53_0_255";dur=1
content-length
10944
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"5ab617761b4ac7c27746fc4b6890a219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
Tv7qB4Cnie-b4zA8VsqNNCrL1xdJcOsssELrbMfLFcNMK4tOHYMAiQ==
expires
Sat, 18 Jan 2025 13:48:56 GMT
zephr-browser.umd.js
assets.zephr.com/zephr-browser/1.3.9/
39 KB
16 KB
Script
General
Full URL
https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-55.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 07:58:07 GMT
content-encoding
gzip
via
1.1 e9a168a45c0ab7eaab33378bf01e941c.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 11:02:55 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
21051
etag
W/"c531ce77a9ff6380e9671dee680a2102"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
09XXDx7coyGi4YGnUB1y_N54xse0S0fWT2wnLZ5Fy9Mo7kmDAZcP0A==
zephr-minify.1.0.1.js
assets.zephr.com/tribune/
1 KB
954 B
Script
General
Full URL
https://assets.zephr.com/tribune/zephr-minify.1.0.1.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-55.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:22:01 GMT
content-encoding
br
via
1.1 e9a168a45c0ab7eaab33378bf01e941c.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 11:32:39 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
16017
etag
W/"d9f4fec80c2b61c13ef9d38b99f5708c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
h3NlVxY6WOOVQItaRlvUhb-R6ugjdUJHVG9Xo0I07amOXsKJxTP0fQ==
index.js
tags.remixd.com/player/v5/
34 KB
10 KB
Script
General
Full URL
https://tags.remixd.com/player/v5/index.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-29.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:05 GMT
content-encoding
gzip
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
53
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
10041
last-modified
Tue, 31 Oct 2023 15:34:26 GMT
server
AmazonS3
etag
"57b6f8ad4125903b7e06bb427c232d10"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=1800
accept-ranges
bytes
x-amz-cf-id
fTbBH3SaG1MLozVLPT2hXOMjbtDZd96kIsydeEFhjlQ_CFTR9ItXUA==
gtm.js
www.googletagmanager.com/
381 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5853ec4c84ebfe02e00df7f648a94bc665aa0122de1fb8913b9ea22f33c80ddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106373
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Jan 2024 13:48:57 GMT
DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
s.go-mpulse.net/boomerang/
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:5400:489::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:57 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Sat, 06 Jan 2024 06:05:22 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:26:35 GMT
x-content-type-options
nosniff
age
62542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:26:35 GMT
ZYFW3OEPDZEF3P5LGUKHA7Y62A.jpg
www.chicagotribune.com/resizer/SAV122LbpoMnxhx78zfVsiobxcM=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/
9 KB
9 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/SAV122LbpoMnxhx78zfVsiobxcM=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ZYFW3OEPDZEF3P5LGUKHA7Y62A.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cc23c5ade7aec2044bf18d58a59e25695b11c9ff084cb8e3d9ef55ee05fca7a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 19 Jan 2024 13:20:44 GMT
x-serial
1836
server
Akamai Image Manager
x-check-cacheable
YES
etag
"b330c1ede8ea00ebdfd0b851e862c7848224d73b"
x-arc-request-id
0.5aab3717.1705672137.2e35586
content-type
image/avif
cache-control
private, no-transform, max-age=31534229
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137169_389524314_48452998_29_8169_52_0_146";dur=1
content-length
8768
expires
Sat, 18 Jan 2025 13:19:26 GMT
W7KDB546EBBEXC3NOGAL2JTDKA.jpg
www.chicagotribune.com/resizer/VEChANALoViZtV419TPjJ12f9aU=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/
7 KB
7 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/VEChANALoViZtV419TPjJ12f9aU=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/W7KDB546EBBEXC3NOGAL2JTDKA.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
af8901207a222a14c439b55f98ce12946fe2e5c8a2848d01a0fa614c5dd0d52b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 19 Jan 2024 12:00:41 GMT
x-serial
347
server
Akamai Image Manager
x-check-cacheable
YES
etag
"ea6569981d4af5794ab7b91bab6c8568c6c02618"
x-arc-request-id
0.5aab3717.1705672137.2e35587
content-type
image/avif
cache-control
private, no-transform, max-age=31529515
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137169_389524314_48452999_31_8078_52_0_146";dur=1
content-length
6822
expires
Sat, 18 Jan 2025 12:00:52 GMT
5QQ6BU5RTN6DHJQ5L3Y3MNFOPE.jpg
www.chicagotribune.com/resizer/dhYlURfuezNifNl7FnXvn5zfvcQ=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/
9 KB
10 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/dhYlURfuezNifNl7FnXvn5zfvcQ=/274x206/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/5QQ6BU5RTN6DHJQ5L3Y3MNFOPE.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
02f54d4307de45883a6ec5a914c1c0c939e210b1139cd04a7dded2a08e47b92b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 19 Jan 2024 12:00:40 GMT
server
Akamai Image Manager
etag
"4c5623354607d59c09681f093cd43f9eac693222"
x-arc-request-id
0.5aab3717.1705672137.2e35588
content-type
image/avif
cache-control
private, no-transform, max-age=31529488
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137169_389524314_48453000_32_8040_52_0_146";dur=1
content-length
9308
expires
Sat, 18 Jan 2025 12:00:25 GMT
ERKVMG563JCDXKVLFKJ2SIMYEE.png
www.chicagotribune.com/resizer/xv1PCXqQ89afpw1HgZbx9uqBI7w=/84x84/www.chicagotribune.com/resizer/h2hDxEP8skEZF09PEtuUEa6I44A=/1200x630/filters:format(png):quality(70)/cloudfront-us-east-1.images.ar...
1 KB
2 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/xv1PCXqQ89afpw1HgZbx9uqBI7w=/84x84/www.chicagotribune.com/resizer/h2hDxEP8skEZF09PEtuUEa6I44A=/1200x630/filters:format(png):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ERKVMG563JCDXKVLFKJ2SIMYEE.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f858ae5e5c135532fcf7416e240b27352ce451f1ddc83523b6e8ad747c14030f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 11 Jan 2024 15:59:53 GMT
server
Akamai Image Manager
etag
"9791e0366d38691df5e9b0ebb73c2ce9aec13b79"
x-arc-request-id
0.5aab3717.1705672137.2e35b96
content-type
image/avif
cache-control
private, no-transform, max-age=30852587
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137430_389524314_48454550_28_9445_52_0_146";dur=1
content-length
1034
expires
Fri, 10 Jan 2025 15:58:44 GMT
R4WWIZBBDNGUTAEHKZURVEOJIA.JPG
www.chicagotribune.com/resizer/RDt1QoITEVfN_sEVfPdijJiiypw=/84x84/www.chicagotribune.com/resizer/FczAFnDExI6upc86pyjZVvwRzdk=/1200x630/filters:format(jpg):quality(70):focal(2895x1895:2905x1905)/clo...
2 KB
2 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/RDt1QoITEVfN_sEVfPdijJiiypw=/84x84/www.chicagotribune.com/resizer/FczAFnDExI6upc86pyjZVvwRzdk=/1200x630/filters:format(jpg):quality(70):focal(2895x1895:2905x1905)/cloudfront-us-east-1.images.arcpublishing.com/tronc/R4WWIZBBDNGUTAEHKZURVEOJIA.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
76ca11ae21d918eccd53e6128283a0e7e8a84a2cb528a092e7be0ce31934b345
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 18 Jan 2024 16:07:04 GMT
server
Akamai Image Manager
etag
"f2860719bbf01d6629228dd7de8f04faf1e8ba32"
x-arc-request-id
0.5aab3717.1705672137.2e35be0
content-type
image/avif
cache-control
private, no-transform, max-age=31457879
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137442_389524314_48454624_169_8523_52_0_146";dur=1
content-length
1893
expires
Fri, 17 Jan 2025 16:06:56 GMT
XE6U5OREJ5A7JFEYKX5GF22LSM.jpg
www.chicagotribune.com/resizer/YRys2DTKrzSvbeiOdToQ7ByJhA4=/84x84/www.chicagotribune.com/resizer/dDWo2TSw4oM9On1A6xZ4w3khZZ0=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.ar...
3 KB
3 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/YRys2DTKrzSvbeiOdToQ7ByJhA4=/84x84/www.chicagotribune.com/resizer/dDWo2TSw4oM9On1A6xZ4w3khZZ0=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/XE6U5OREJ5A7JFEYKX5GF22LSM.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c3c7807a63bfb99c4cd39153c49a80faab37763222231c7ec804944d6b621c7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 18 Jan 2024 13:57:13 GMT
x-serial
1759
server
Akamai Image Manager
x-check-cacheable
YES
etag
"191aa783ee049d0a0e5219f896f337c9195b6c14"
x-arc-request-id
0.5aab3717.1705672137.2e35be1
content-type
image/avif
cache-control
private, no-transform, max-age=31450295
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137442_389524314_48454625_204_8380_52_0_146";dur=1
content-length
2806
expires
Fri, 17 Jan 2025 14:00:32 GMT
LGAVSJNGFNHZHD2U3P3G27VDYQ.JPG
www.chicagotribune.com/resizer/Q51oK2nk4yjLsdqJ7n1Yf1DgVjc=/84x84/www.chicagotribune.com/resizer/XABDRKSNyXYoEAyhqW92tF72ZE0=/1200x630/filters:format(jpg):quality(70):focal(1725x1505:1735x1515)/clo...
2 KB
3 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/Q51oK2nk4yjLsdqJ7n1Yf1DgVjc=/84x84/www.chicagotribune.com/resizer/XABDRKSNyXYoEAyhqW92tF72ZE0=/1200x630/filters:format(jpg):quality(70):focal(1725x1505:1735x1515)/cloudfront-us-east-1.images.arcpublishing.com/tronc/LGAVSJNGFNHZHD2U3P3G27VDYQ.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b21e569b1ca6bf7d2bcfde00202b46f8dd9aa4fc41857959656f3b9dae8e1351
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 17 Jan 2024 01:09:37 GMT
x-serial
823
server
Akamai Image Manager
x-check-cacheable
YES
etag
"b1cf009496502aba9337c7eb39fdd8ae1c6ed51d"
x-arc-request-id
0.5aab3717.1705672137.2e35be2
content-type
image/avif
cache-control
private, no-transform, max-age=31317507
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137442_389524314_48454626_176_8575_52_0_146";dur=1
content-length
2090
expires
Thu, 16 Jan 2025 01:07:24 GMT
5IJBYQM2JRDVZB5OJVVQHUG3ZM.JPG
www.chicagotribune.com/resizer/Z63qrqXHdLnOzDjOvJ7UCanhe_o=/84x84/www.chicagotribune.com/resizer/dxonpioNehz07Ia73hhkM3yf7sE=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.ar...
2 KB
2 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/Z63qrqXHdLnOzDjOvJ7UCanhe_o=/84x84/www.chicagotribune.com/resizer/dxonpioNehz07Ia73hhkM3yf7sE=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/5IJBYQM2JRDVZB5OJVVQHUG3ZM.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
20d80aac4798ea300bc6b175a2f5d16c01fd17ca0156449c6f9587053be9889f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 19 Jan 2024 03:55:31 GMT
server
Akamai Image Manager
etag
"5b59fdf0868df3872c46ec89dbd4fa76bd72c1fb"
x-arc-request-id
0.5aab3717.1705672137.2e35be3
content-type
image/avif
cache-control
private, no-transform, max-age=31500503
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137442_389524314_48454627_189_8352_52_0_146";dur=1
content-length
2141
expires
Sat, 18 Jan 2025 03:57:20 GMT
GP3EZEN6G5BCZMP2AS7YHCRPL4.JPG
www.chicagotribune.com/resizer/cljTOkZX9hQ4ULSAFU6G9bL5zLw=/84x84/www.chicagotribune.com/resizer/eo3XMIihOPQrvrzglm-x_5fTkyo=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.ar...
1 KB
2 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/cljTOkZX9hQ4ULSAFU6G9bL5zLw=/84x84/www.chicagotribune.com/resizer/eo3XMIihOPQrvrzglm-x_5fTkyo=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/GP3EZEN6G5BCZMP2AS7YHCRPL4.JPG
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2effac50ad5a154ab9945476113a5608cded0f8b3d60804b84bd84dacc1cd9c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 18 Jan 2024 07:07:06 GMT
x-serial
451
server
Akamai Image Manager
x-check-cacheable
YES
etag
"6b908ca1ca52731b8bc0fe3d018f328a70f1887a"
x-arc-request-id
0.5aab3717.1705672137.2e35be4
content-type
image/avif
cache-control
private, no-transform, max-age=31425498
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137442_389524314_48454628_178_8468_52_0_146";dur=1
content-length
1154
expires
Fri, 17 Jan 2025 07:07:15 GMT
EYA654NH7QBIU6GFJKINM7C3HY.jpg
www.chicagotribune.com/resizer/r-ttwAk_PsOgdhbgbKK0yU4yxkE=/84x84/www.chicagotribune.com/resizer/hpt6LrKi8P0W8mVWNGgnc2gxGgo=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.ar...
2 KB
2 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/r-ttwAk_PsOgdhbgbKK0yU4yxkE=/84x84/www.chicagotribune.com/resizer/hpt6LrKi8P0W8mVWNGgnc2gxGgo=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/EYA654NH7QBIU6GFJKINM7C3HY.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
44d6b391dd5b74340f595ae2281740da78b8373ab78173f51112e3aef23d3011
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 18 Jan 2024 15:27:35 GMT
x-serial
1066
server
Akamai Image Manager
x-check-cacheable
YES
etag
"9d9dcb0f1c7b807403ed5b3639b49d59a76e7748"
x-arc-request-id
0.5aab3717.1705672137.2e35be5
content-type
image/avif
cache-control
private, no-transform, max-age=31455535
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137476_389524314_48454629_5806_11601_52_0_146";dur=1
content-length
1547
expires
Fri, 17 Jan 2025 15:27:52 GMT
V77OXLORDI7CWJJJLRMRS2YQUY.jpg
www.chicagotribune.com/resizer/7PpkgevxwdL4_WSH5ie4iWz-A2A=/84x84/www.chicagotribune.com/resizer/tynkt__iDx0G_GGyxTXrW9mOk5E=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.ar...
2 KB
2 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/7PpkgevxwdL4_WSH5ie4iWz-A2A=/84x84/www.chicagotribune.com/resizer/tynkt__iDx0G_GGyxTXrW9mOk5E=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/V77OXLORDI7CWJJJLRMRS2YQUY.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7a8c3a779627c3f4bae104822dc8c1012abe052e23f952f437dfa4465777a30e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 18 Jan 2024 18:42:25 GMT
x-serial
1823
server
Akamai Image Manager
x-check-cacheable
YES
etag
"a897367489036dee08f564aed3fbafbed2f148dd"
x-arc-request-id
0.5aab3717.1705672137.2e35be7
content-type
image/avif
cache-control
private, no-transform, max-age=31467202
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137472_389524314_48454631_5118_10209_52_0_146";dur=1
content-length
1757
expires
Fri, 17 Jan 2025 18:42:19 GMT
XIF5QTT4HZEESXFBPRS55MEODU.jpg
www.chicagotribune.com/resizer/GUqZtuAlp5jEI0Qe1m3LFp1zfEc=/84x84/www.chicagotribune.com/resizer/rXr1zJqWPUKN42eUgj0kzVcpBLg=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.ar...
2 KB
2 KB
Image
General
Full URL
https://www.chicagotribune.com/resizer/GUqZtuAlp5jEI0Qe1m3LFp1zfEc=/84x84/www.chicagotribune.com/resizer/rXr1zJqWPUKN42eUgj0kzVcpBLg=/1200x630/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/XIF5QTT4HZEESXFBPRS55MEODU.jpg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0434876e7d92bffd1b52b92c701b8b3e582e5a828a3671107a902f168e6f8b6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 17 Jan 2024 23:35:36 GMT
server
Akamai Image Manager
etag
"fc7809b061353d84944ded5d7770d054cd112767"
x-edgeconnect-cache-status
1
x-arc-request-id
0.5aab3717.1705672137.2e35be8
content-type
image/avif
cache-control
private, no-transform, max-age=31398502
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137472_389524314_48454632_5155_9842_52_0_146";dur=1
content-length
1731
expires
Thu, 16 Jan 2025 23:37:19 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b452c0f212e8bf33965905032f5ba1fae29cd6f9539dcbc673704e66ce943b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:31:44 GMT
x-content-type-options
nosniff
age
62233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15368
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:31:44 GMT
parsely-most-read-by-category
www.chicagotribune.com/pf/api/v3/content/fetch/
6 KB
3 KB
Fetch
General
Full URL
https://www.chicagotribune.com/pf/api/v3/content/fetch/parsely-most-read-by-category?query=%7B%22feature%22%3A%22news-ticker%22%2C%22feedSize%22%3A10%2C%22parselyCategory%22%3A%22sports%3Abreaking%2C%20news%3Abreaking%2C%20entertainment%2C%20investigations%2C%20politics%2C%20nation-world%2C%20business%2C%20dining%2C%20business%3Atransportation%2C%20education%2C%20opinion%3Aeditorials%2C%20opinion%3Acommentary%2C%20real-estate%2C%20news%3Aenvironment%2C%20travel%2C%20history%2C%20weather%2C%20entertainment%3Amusic%2C%20news%3Acriminal-justice%2C%20sports%3Abears%2C%20sports%3Acubs%2C%20%20sports%3Acollege%2C%20sports%3Awhite-sox%2C%20%20sports%3Ablackhawks%2C%20sports%3Abulls%2C%20sports%3Asky%2C%20sports%3Asoccer%2C%22%7D&filter=%7Bcontent_elements%7B_id%2Ccanonical_url%2Cheadlines%7Bbasic%7D%2Cpromo_items%7Bbasic%7Bresized_params%7B84x84%2CresizeType%7D%2Ctype%2Curl%7D%7D%7D%7D&d=226&_website=chicago-tribune
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=226
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f687aa3c27e9693d1f4c151ea2c0ebdf3638c6319dc8b490a7ec9f57ecfcee9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
If-Modified-Since
1705671022069
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
228, 228
x-arc-pb-request-id
7178c2ed-1812-4828-9b34-1889188623f2
content-encoding
gzip
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL59-P4
x-arc-request-id
0.5aab3717.1705672137.2e35cd0
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672137484_389524314_48454864_44_6593_52_0_219";dur=1
content-length
2090
last-modified
Fri, 19 Jan 2024 13:45:23 GMT
server
openresty
etag
W/"179a-B0XFn60T1nWcpSifcgpznfleKFc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=86
x-amz-cf-id
H19fS2dAGXwtKX-VIcgdvYljbF130SMnZDf_UEhAS4aAuOKEao9PlQ==
expires
Fri, 19 Jan 2024 13:50:23 GMT
newsletter-promo-info
www.chicagotribune.com/pf/api/v3/content/fetch/
936 B
967 B
Fetch
General
Full URL
https://www.chicagotribune.com/pf/api/v3/content/fetch/newsletter-promo-info?query=%7B%22getNewsletterURL%22%3A%22https%3A%2F%2Fapi.nlr.tronc.com%2Fv3%2Fnewsletters%2Faffiliate%22%2C%22newsletterId%22%3A%2291%22%2C%22siteAbbreviation%22%3A%22chinews%22%7D&d=226&_website=chicago-tribune
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=226
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6160a40c7dd384878881cbdddbc1b39feb9b61922a7618a1644592ad46543635
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
If-Modified-Since
1705671092110
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
203
x-arc-pb-request-id
1dd86493-a6d0-4ebd-8931-2b68aa13c254
content-encoding
gzip
date
Fri, 19 Jan 2024 13:48:57 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P6
x-arc-request-id
0.5aab3717.1705672137.2e35cd1
server-timing
cdn-cache; desc=HIT, edge; dur=33, origin; dur=0, ak_p; desc="1705672137484_389524314_48454865_3380_6543_52_0_219";dur=1
content-length
421
last-modified
Fri, 19 Jan 2024 13:47:04 GMT
server
openresty
etag
W/"3a8-Yv0B9p8pXw2fFufXXPx20p6tbrw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=187
x-amz-cf-id
YEgGdXuhcyUmMFLGyDakeCWxG1FbNeokE-zeJyaC9_4zeiBq4fBT2A==
expires
Fri, 19 Jan 2024 13:52:04 GMT
loader.js
cdn.taboola.com/libtrc/tribunedigital-network/
847 KB
90 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d91fbcc8e4a27568606581483913e6e04b5bae65e14cc762e92548a869c92f9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
EMgrS7UbHfsS7oZym9G05FxzvPaUOHvu
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:57 GMT
x-amz-request-id
RFD7FGJP78VA32KY
age
103
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
91621
x-amz-id-2
QGmApnk/x7PZm+kjTcSdqXPoC9fP/Bbn2sEUp96Syjw9xUoC0Env0qcqlIHsDDtuLLkJDujZqF0=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 18 Jan 2024 20:51:51 GMT
server
AmazonS3
x-timer
S1705672137.492421,VS0,VE0
etag
"3c8adfdbbe3f9e734604c4ad2da27aa5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
46
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
4
chiarc.min.js
www.tribdss.com/meter/
40 KB
13 KB
Script
General
Full URL
https://www.tribdss.com/meter/chiarc.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.7.73.96 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-73-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c76875c22e10441844237aa49697e7e41574fc3e908b234284b5cb1d751bff75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:48:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
12317
X-Request-Id
7862c792d3867f06466351f772f64da4
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.008801
X-Content-Digest
7104ec9f303e57f7cb93497f813cb9e878323c75
Last-Modified
Tue, 05 Dec 2023 11:35:11 GMT
Server
Apache
X-Host-Info
9e2bf43382ee,; 0b042392306259fe3b65b42be279193e6d53dcbe (HEAD -> refs/heads/release/2311.1.0, refs/remotes/origin/release/2311.1.0) dsub 1195 postgresql adapter issue
ETag
12857682144216439628
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, must-revalidate, max-age=144
Httpd-Identifier
9e2bf43382ee
X-Rack-Cache
fresh
chiarc.min.js
ssor.tribdss.com/reg/tribune/
37 KB
13 KB
Script
General
Full URL
https://ssor.tribdss.com/reg/tribune/chiarc.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.7.73.96 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-73-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af23b8f21cea418d2f5e814675580bb5ab5b5215dad3aa741ee42f8725c9b70c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:48:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
12230
X-Request-Id
b88e2763ca8ad601c8cd04f8fd8f3864
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.007636
X-Content-Digest
0faed5453d2a10c593fde5733cec8f39e8b38ff9
Last-Modified
Tue, 12 Dec 2023 10:52:02 GMT
Server
Apache
X-Host-Info
76d9392d18a8,; c1868610bf6e00aff964d92259894aabbee1f364 (HEAD -> refs/heads/release/2312.1.0, refs/remotes/origin/release/2312.1.0) delete _sp_uid cookie when user logout
ETag
10092305475230148034
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, must-revalidate, max-age=244
Httpd-Identifier
febb9e450ce4
X-Rack-Cache
fresh
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:57 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
634
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
847f89cb59578da2-MIA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Jan 2024 13:48:57 GMT
load.js
s.ntv.io/serve/
621 KB
164 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.7.17.42 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-17-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:48:57 GMT
Content-Encoding
gzip
x-amz-request-id
90ASPYK6Q4PZHY05
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
PgNAiVwsoi/fnoWUNeLqMkbGnIVl4GoYgXFjcSR4Mn9ff2IgXWMSmvdvIt/hMobQOFk4LPhTDVg=
Last-Modified
Wed, 17 Jan 2024 18:43:59 GMT
Server
AmazonS3
ETag
"84c06ac06d449c75d911853d474891fa"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
dynpaywall-api-chicagotribune.ml.sophi.io/v1//
50 B
322 B
XHR
General
Full URL
https://dynpaywall-api-chicagotribune.ml.sophi.io/v1//?domain_userid=&content_id=KMMOS37SFFEINL2PL24RBB3BZM&user_id=&localtime=2024-01-19%203:48:57%20GMT6100&section=/marijuana/illinois&referrer=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-104.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
69676c18aa998429f13027fc42adf38f122e3c1fbcc2e1bd36e3b39372eb79bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:43:46 GMT
via
1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C1
age
311
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
50
x-amz-cf-id
A8mCJ6KCM2R4AEUS_TetfF4xVQQ2MDFzMuFsN4oQxbffvWNV4LTjJQ==
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.29.7-Z/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=7WQ1xQNF-vJYVOHOP&cid=4591
  • https://embedcdn.sendtonews.com/easy-stn-player/7.29.7-Z/embed.js
7 KB
3 KB
Script
General
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.29.7-Z/embed.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
3.161.213.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-40.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b85b06dca3cce8ec606cb50ebeba6a38e08afd939ef539ca2bae0d9fa663da5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:27 GMT
x-amz-version-id
gho.HtuVRKja6ObskrYqZcZqEnPugp9q
content-encoding
br
last-modified
Fri, 12 Jan 2024 23:03:03 GMT
server
AmazonS3
via
1.1 27b17699925096cc4791dc388c9d01d8.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
etag
W/"462c210a6cc5656489b0fa8586a74e22"
age
31
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
HO9COGHwP7rCM4-pvdet71CeoCaD2f8T7bF2LU_ZC-QSC0wvk7M28g==

Redirect headers

date
Fri, 19 Jan 2024 13:48:57 GMT
via
1.1 27b17699925096cc4791dc388c9d01d8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-P1
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.29.7-Z/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
cruz3vXeub0A39cdB-BI13azBlpk0jUJ8a9XNsOxRA74Ze4RrdkKkA==
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8526d182c11b6c19f332b046c999f09f0c142e41356638b924b138240870c328
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 19 Jan 2024 13:48:57 GMT
/
cmp.osano.com/ Frame 2F0D
4 KB
1 KB
Document
General
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:bc00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
6081
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Fri, 19 Jan 2024 12:07:37 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 1a0361f1d6eeb33d623d41bfabfa3e8e.cloudfront.net (CloudFront)
x-amz-cf-id
ixghmD2gbP8uuZ58S9UjNP30bye8HXySK8JpiwEGXBSLsBAkKO4Q6Q==
x-amz-cf-pop
YUL62-C1
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
2486b1f6-0bd7-4b39-94f0-d37d895880e9
https://www.chicagotribune.com/
390 B
0
Other
General
Full URL
blob:https://www.chicagotribune.com/2486b1f6-0bd7-4b39-94f0-d37d895880e9
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
chicagotribune.com
pubcast-files.remixd.com/player-configs/
41 KB
42 KB
Fetch
General
Full URL
https://pubcast-files.remixd.com/player-configs/chicagotribune.com
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f486dcad1402002af6f9fee8cbe1f301710b828ea0740abfe8672137ef6e02f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:40:25 GMT
age
512
x-guploader-uploadid
ABPtcPpjdkiCnRFVE351wQdyQpvT2wUV2tQOJQCgjWl_HuXccxECK34w4OsDcvEhA2PuN0ZkxbmQY5EwbA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41910
last-modified
Wed, 04 Oct 2023 08:40:02 GMT
server
UploadServer
etag
"5a254665d4a4c7aceb33b05d7ef91bd9"
x-goog-generation
1696408802012869
x-goog-hash
crc32c=5ElQGQ==, md5=WiVGZdSkx6zrM7Bdfvkb2Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-meta-cache-control
public, no-cache, must-revalidate
x-goog-stored-content-length
41910
accept-ranges
bytes
content-type
application/json
expires
Fri, 19 Jan 2024 14:40:25 GMT
cs
tribune.blueconic.net/DG/DEFAULT/
16 B
699 B
Script
General
Full URL
https://tribune.blueconic.net/DG/DEFAULT/cs?&callback=bc_json418
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.205.148.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-148-211.compute-1.amazonaws.com
Software
- /
Resource Hash
80d40cf8e722e9c6e8a441de6f1d8dbebf07a901f460df19101d07230a8a143b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 12:13:53 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5704
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 19 Jan 2024 14:13:53 GMT
sophi.min.js
cdn.sophi.io/latest/
124 KB
42 KB
Script
General
Full URL
https://cdn.sophi.io/latest/sophi.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-106.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f965e488c6facd9314e8f10cf2c0602d17013476800678e32cd6914d76e342b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:52:46 GMT
x-amz-version-id
46ENB5HKi.FICL56j5fKwj0zSdCmV1tM
content-encoding
br
last-modified
Thu, 18 Jan 2024 18:52:19 GMT
server
AmazonS3
via
1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
etag
W/"6a4595b5f066213fd6eaeef02092f4d6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
68172
x-amz-cf-id
xGmQ_A7CpHVIwLNQJN3DcUsx14CYbtbM4xCDtm0dJRvp1fjfVXxTfg==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1705672137715&ns_c=UTF-8&c8=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&c7=https%3A%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1705672137715&ns_c=UTF-8&c8=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&c7=https%3A%...
0
226 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036462&ns__t=1705672137715&ns_c=UTF-8&c8=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&c9=
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
3.161.213.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-103.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 7211dc525b86f4a3fdf1dbeb59791392.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-amz-cf-id
ZbuntA9UjnFqW8nIzyXYjRwTM83lGHAp789jRdkahQO8aRqBnQ5xYg==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 19 Jan 2024 13:48:57 GMT
via
1.1 7211dc525b86f4a3fdf1dbeb59791392.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6036462&ns__t=1705672137715&ns_c=UTF-8&c8=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&c9=
content-length
0
x-amz-cf-id
33MTHILt_YMBYajPNiliTilaCpSwlkvBmGMhjGIhmfgQs4GMaj6D1g==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:57 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1710
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
847f89cd0b908da2-MIA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Jan 2024 13:48:57 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/
503 KB
202 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206076
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:05:18 GMT
p.js
cdn.parsely.com/keys/chicagotribune.com/
56 KB
21 KB
Script
General
Full URL
https://cdn.parsely.com/keys/chicagotribune.com/p.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-60.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 07:59:25 GMT
content-encoding
gzip
via
1.1 0012c469abc357ca0c936faaf17aa31a.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jan 2022 19:15:41 GMT
server
nginx
x-amz-cf-pop
YUL62-C2
age
20972
etag
W/"61d5ee5d-df47"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
eGJVKIoxLiv96Gf5LVBFKdoDnwFO49jsWyV-0olhlckCB-XC_1Kekw==
expires
Sat, 20 Jan 2024 07:59:25 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma89701/fusion/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1645
  • https://js.matheranalytics.com/static/ltm/ma89701/fusion/15/ml.br.js
153 KB
44 KB
Script
General
Full URL
https://js.matheranalytics.com/static/ltm/ma89701/fusion/15/ml.br.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
94f21bce369a8f9527205fdbdd4d7a310695cd522d20af1c189768865b41737c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 15:35:23 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:30:35 GMT
server
nginx
age
80014
etag
"bce5326199ddbc98e2a76bc534fc850b"
vary
Accept-Encoding
x-cache
HIT Tue, 21 Nov 2023 17:39:09 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45175

Redirect headers

date
Fri, 19 Jan 2024 13:48:57 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma89701/fusion/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-served-by
0-gc-useast1-22ng1031
features
zephr.chicagotribune.com/zephr/
3 KB
1 KB
Fetch
General
Full URL
https://zephr.chicagotribune.com/zephr/features
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-102.yul62.r.cloudfront.net
Software
/
Resource Hash
65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
br
via
1.1 f084ab450a6c71ebe23f8602cefd27ae.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
public, max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
qy3vJufiePSQTCjwTn5_K0XFgq9Kz0r4ijPxfLsRf_6E15KUHTU5Tw==
x-blaize-request
ffffffffd699ab23
standard-player.html
tags.remixd.com/player/v5/players/
130 KB
30 KB
Fetch
General
Full URL
https://tags.remixd.com/player/v5/players/standard-player.html
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-29.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
818b515528e75d20a6c1714a3b808a2877a724d51c984a0bd9e8c244ce9ce3d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
via
1.1 421f55bf919c48fdb315cf78c5d6e1dc.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
29827
last-modified
Tue, 31 Oct 2023 15:34:26 GMT
server
AmazonS3
etag
"1a9dd5e9554676ab1900727441a87258"
access-control-max-age
60
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
cache-control
public,max-age=1800
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
Ag7i4aDmulDZkt153MzgGBvysPIAH6SDcO1jROpwTLAQf9ne7jpGFw==
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.29.7-Z/
684 KB
191 KB
Script
General
Full URL
https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.213.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-40.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
201b758435c1faa868c18c76b7d1c360244286af8360726c47e68f4bdf8e72ed

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
GOaF_.JkXtVqSGp3ZaTZtdevvUmR_UC_
content-encoding
br
via
1.1 fbdc01f132101cb05310363b09502a86.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 13:48:21 GMT
last-modified
Fri, 12 Jan 2024 23:03:04 GMT
server
AmazonS3
age
38
x-amz-cf-pop
YUL62-P1
etag
W/"ee19cf536789eb6404c3cf86ded31b2c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
rvlLRJk-puA8p3OnMLxP-D7Cv_XiqlLawt-FJM3sWx1dMcEdYRjAwQ==
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
70 KB
14 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-19T03%3A48%3A57-10%3A00&ts=1705672137898
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
f98b6ba4ba3ea18e7befc51c3a053323486afd895074632aa8e19e178a928a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
13230
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
G2h2ctSXOos5A5_WJCE5LM8_1cyIxciAZogFRMqePH2aVUr_3l4tWw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
read_auth
authenticate.chicagotribune.com/
101 B
666 B
Script
General
Full URL
https://authenticate.chicagotribune.com/read_auth?product_code=chiarc&master_id=&callback=jQuery679824398130844700_367090654268734900
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.223.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-223-115.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
cf31b0ede186f90ce285c23edb0f0ce01017b8c0ea6d84704ead5e3d0c458472
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-request-id
b14f06656527299d81b1a2057cc28e84
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.006258
server
Apache
x-host-info
76d9392d18a8,; c1868610bf6e00aff964d92259894aabbee1f364 (HEAD -> refs/heads/release/2312.1.0, refs/remotes/origin/release/2312.1.0) delete _sp_uid cookie when user logout
etag
"1e7670ccef02a9f70cc3dd5cdb0cfa3b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, private, max-age=0
httpd-identifier
76d9392d18a8
x-rack-cache
miss
newsletter_sign_up.js
d1y4ng3lozj2yp.cloudfront.net/automatic_signups/v1/
2 KB
2 KB
Script
General
Full URL
https://d1y4ng3lozj2yp.cloudfront.net/automatic_signups/v1/newsletter_sign_up.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-133.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0ef3c7799e3c9c428e77633c733c2ba9eee2abb80a35284bdeaeb47650b7afd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 09:10:42 GMT
Via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
Last-Modified
Tue, 16 Aug 2022 14:45:31 GMT
Server
AmazonS3
X-Amz-Cf-Pop
YUL62-C2
Age
16697
ETag
"508c4a3d84c260589666d872bf03f49f"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2027
X-Amz-Cf-Id
SW10NNef9U0mHCXDvfx1AbreeDaTcgB4cJH9kLaHlRLunkIXFnSdPQ==
chiarc-reaction-1q2w3-1580939748189956228.min.js
www.tribdss.com/meter/assets/
64 KB
15 KB
Script
General
Full URL
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.7.73.96 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-73-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:48:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Status
200 OK
Connection
keep-alive
Content-Length
14251
X-Request-Id
6b0a956c7d20ac67cd30de7a5e1bbe27
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.007906
X-Content-Digest
c9ca80d4d04a3c68e0ddbe3fb7bf02448f0875e0
Last-Modified
Tue, 27 Sep 2022 09:54:52 GMT
Server
Apache
X-Host-Info
70ba8f1b7165,; 6bc1041e00adf70b2570b8110e71a863d7d26646 (HEAD -> refs/heads/release/2208.1.0, refs/remotes/origin/release/2208.1.0, refs/remotes/origin/release/2207.1.0) dss-17031 added service account for health check app
ETag
1580939748189956228
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=22252336
Httpd-Identifier
70ba8f1b7165
X-Rack-Cache
fresh
t
jadserve.postrelease.com/
2 KB
2 KB
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ntv_mvi&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c030976160d2f94ee3af14a29df23f12d62e14fb9c9864e0078b69e7628eea82

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1146
expires
Mon, 1 Jan 1990 12:00:00 GMT
collect
www.google-analytics.com/j/
4 B
152 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=223028646&t=pageview&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ul=en-us&de=UTF-8&dt=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=682617495&gjid=1193891013&cid=806039224.1705672138&tid=UA-6459251-3&_gid=1851462749.1705672138&_r=1&_slc=1&gtm=45He41h0n815K8DK4Vv843672834&cd1=chicagotribune&cd2=marijuana%3Aillinois&cd3=%2F4011%2Ftrb.chicagotribune%2Fmarijuana&cd5=arc%20fusion&cd6=story&cd7=story&cd8=story&cd9=ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm&cd10=ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm&cd12=Illinois%20Supreme%20Court%20to%20decide%20if%20police%20may%20search%20vehicles%20based%20on%20smell%20of%20marijuana%20or%20if%20it%E2%80%99s%20an%20%E2%80%98aroma%20of%20legality%E2%80%99&cd13=Robert%20McCoppin&cd14=Robert%20McCoppin&cd15=2024-01-19%2005%3A00&cd16=2024-01-19%2005%3A00&cd17=chicago-tribune&cd18=Chicago%20Tribune&cd19=KMMOS37SFFEINL2PL24RBB3BZM&cd20=KMMOS37SFFEINL2PL24RBB3BZM&cd21=(none)&cd22=(none)&cd29=(none)&cd30=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&cd44=1025%7C%7C1223&cd95=(none)&cd96=signed-out&cd97=0&cd98=(none)&cd99=(none)&cd100=(none)&cd102=(none)&cd103=(none)&cd119=metered&cd123=no%20subtype&cd124=(none)&cd127=image&cd135=stories&cd139=&cd162=951&cd163=%2Fmarijuana%2Fillinois&cm81=1&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&z=285550379
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=223028646&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ul=en-us&de=UTF-8&dt=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ARC%20Sophi%20Rec~paywall~anonymous&ea=Sophi%20Response%20recieved%20after%20325ms%20&el=false%2C&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=806039224.1705672138&tid=UA-6459251-3&_gid=1851462749.1705672138&gtm=45He41h0n815K8DK4Vv843672834&cd1=chicagotribune&cd2=marijuana%3Aillinois&cd3=%2F4011%2Ftrb.chicagotribune%2Fmarijuana&cd5=arc%20fusion&cd6=story&cd7=story&cd8=story&cd9=ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm&cd10=ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm&cd12=Illinois%20Supreme%20Court%20to%20decide%20if%20police%20may%20search%20vehicles%20based%20on%20smell%20of%20marijuana%20or%20if%20it%E2%80%99s%20an%20%E2%80%98aroma%20of%20legality%E2%80%99&cd13=Robert%20McCoppin&cd14=Robert%20McCoppin&cd15=2024-01-19%2005%3A00&cd16=2024-01-19%2005%3A00&cd17=chicago-tribune&cd18=Chicago%20Tribune&cd19=KMMOS37SFFEINL2PL24RBB3BZM&cd20=KMMOS37SFFEINL2PL24RBB3BZM&cd21=(none)&cd22=(none)&cd29=(none)&cd30=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&cd44=1025%7C%7C1223&cd95=(none)&cd96=signed-out&cd97=0&cd98=(none)&cd99=(none)&cd100=(none)&cd102=(none)&cd103=(none)&cd119=metered&cd123=no%20subtype&cd124=(none)&cd127=image&cd135=stories&cd139=&cd162=951&cd163=%2Fmarijuana%2Fillinois&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&z=1635743854
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 20:35:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62021
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
cmp.osano.com/ Frame C9CB
4 KB
1 KB
Document
General
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21a2:bc00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
6082
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Fri, 19 Jan 2024 12:07:37 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 36310ef8e99083d179b2b187554670de.cloudfront.net (CloudFront)
x-amz-cf-id
fZ21i9Ne7MehCngEma3JCRxvnM2UHEL3f56Eg96nR5XpI_gfDZkPXg==
x-amz-cf-pop
YUL62-C1
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c18c7f74402ed48d7965211e912562fe04fd341627655f10f481071fe7fe2339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29880
x-xss-protection
0
server
cafe
etag
189 / 19741 / m202401110101 / config-hash: 4827389799172652304
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 13:48:58 GMT
op.js
tagan.adlightning.com/mng-trib/
20 KB
9 KB
Script
General
Full URL
https://tagan.adlightning.com/mng-trib/op.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-4.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d457248269e139ab67869b96c91f7fc79743b4f588c4528ae933ccfdea3d491c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
1stylGb.TXf62Yxy19yUWQMljMU7BJIF
content-encoding
gzip
via
1.1 bd11fded4d6f93b0bab101b7e46c968c.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 13:47:33 GMT
x-amz-cf-pop
YUL62-P1
age
86
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8929
x-amz-meta-git_commit
2805e46
last-modified
Fri, 19 Jan 2024 02:40:45 GMT
server
AmazonS3
etag
"cc4b8515f44dbb5fd2d2730962801077"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
q7c8gAwl7JF3F-i_JE6I2-XDVp3PXm4jnZAr3HBJVQoJvtnW3uPj-w==
apstag.js
c.amazon-adsystem.com/aax2/
282 KB
70 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:10:12 GMT
content-encoding
gzip
via
1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront), 1.1 49a31eb192d176b36bdbd7d7f218656a.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, YUL62-C2
age
2327
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
z9GZ19FpKhJYGxcKeqJMc-5fQVy0GS-6IBSZkfzPEvJFW5Ey1XIgYA==
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/
17 KB
3 KB
Script
General
Full URL
https://launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/launchpad-liveramp.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-51.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f35a7a3eb28e1da39e87276b8f75d6203b808e26b63218ffb0be3fd62e0de605

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
0wgTlvozKv_yHsVhsA.bHuhm0r2Cnphv
content-encoding
gzip
via
1.1 9ea08c3a2524e99d2bb42ac613eb89a2.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 12:50:47 GMT
x-amz-cf-pop
YUL62-C2
age
3492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Sun, 27 Aug 2023 22:55:22 GMT
server
AmazonS3
etag
W/"e1e9408aa4a994afbbb535269e3387fb"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
NL5PNTppO7qI6LzBHx1B_IxrXsR_jPlXUbfIveYNjAj88CqbYURPQg==
impl.20240118-41-RELEASE.js
cdn.taboola.com/libtrc/
841 KB
174 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
804c82c1f71019d6f077585d76d632a0359fffe3ef1c5b3a3cbfc80319b4aff3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
lUKCNR44Ng8MmlKaJQZn9W2VI8BuGtQM
content-encoding
br
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
39ZMK056B7ZDCQCP
age
5491
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
177634
x-amz-id-2
nd/kWZjJyTEan1pwRWOnWiewBc/kAbns3PtkgwZCIjDjMYYguLcDmeq2qfiErxTDHid1vZk2vhQ=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 18 Jan 2024 20:17:15 GMT
server
AmazonS3-br
x-timer
S1705672138.002995,VS0,VE0
etag
"cd33b4a66bfc73e151bf02608aef3fbb"
vary
Accept-Encoding
content-type
application/javascript
abp
3
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12088
load.js
pm-widget.taboola.com/tribunedigital-network/
4 KB
2 KB
Script
General
Full URL
https://pm-widget.taboola.com/tribunedigital-network/load.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a67fe1e3752a0a0fa3db75543bb7eaa6acc2e9627f903967e93225e205eb987

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
vF2T8aSXjRlxqWyMzT2Z0V0wy42_Z.Xk
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
SG6NTQKW5Y89WHWA
age
778
x-cache
HIT
content-length
1509
x-amz-id-2
8DWJC4QK1h0xRY0evECwdPMid1xh2/w5B7xDsfPVdj/dISdeLvhWjzDG+6B6LM0XzhN0qPzlcsU=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 28 Sep 2023 13:46:10 GMT
server
AmazonS3
x-timer
S1705672138.059835,VS0,VE0
etag
"b70dde6d8e1125cd827915529558b476"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
6
client
accounts.google.com/gsi/
207 KB
80 KB
Script
General
Full URL
https://accounts.google.com/gsi/client?ver=6.1.1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae425bb9fff120229fc66feeaee0d88d697f13d2b29bf148f539861917d4ff6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eBzdtwzFv_o08EVL89IaUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-eBzdtwzFv_o08EVL89IaUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 19 Jan 2024 13:48:58 GMT
swg.js
news.google.com/swg/js/v1/
206 KB
60 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5409ed14e9dff7a05818b8dbedd143cf9dbfb9dafc9cb643c7c8b7b75ed94d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60638
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 19:56:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 14:37:00 GMT
i
www.i.matheranalytics.com/
43 B
245 B
Image
General
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&artid=KMMOS37SFFEINL2PL24RBB3BZM&artpubt=1705662003&artsrc=Chicago%20Tribune&artupt=1705662000&auth=Robert%20McCoppin&cms=fusion&hier=marijuana%7Cillinois&ptype=story&prem=metered&pubname=chicagotribune&sec=marijuana&wrdcnt=951&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=fusion&tid=21c31d84-a19b-420b-87f5-2ed1c9a3772f&pid=5e865060-1c61-4e45-a930-a7624a692e88&dtm=1705672138018&qnm=_matherq&visible=1&tabid=82fcaf5f-5ef4-49f3-b389-132a21545f04&url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&vp=1600x1200&ds=1600x6569&tofa=1705672138&vid=1&lvidt=1705672138&duid=5456eb42-3e36-438e-bc0c-62e5bed2414b&fp=3413462137&cid=ma89701&mrk=197837611&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwNTY3MjEzNjU4MSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNy4xbWIiLCJoZWFwVCI6IjI0LjVtYiIsImZzdFBhaW50IjoiNTU0IiwiZmV0Y2hTIjoiMCIsImRvbWFpblMiOiIyMSIsImRvbWFpbkUiOiIyMSIsImNvbm5TIjoiMjEiLCJjb25uRSI6IjE4OCIsInNzbFMiOiI3NCIsInJlcXVTIjoiMTkwIiwicmVzcFMiOiIyNjEiLCJyZXNwRSI6IjI3NSIsImRvbUxvYWQiOiIyNjUiLCJkb21JbnRlciI6IjU2NCIsImRvbUxvYWRTIjoiNzcwIiwiZG9tTG9hZEUiOiI4NTkifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiI4MDYwMzkyMjQiLCJyZWZUaW1lIjoiMTcwNTY3MjEzODAxNyJ9XSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiNWU4NjUwNjAtMWM2MS00ZTQ1LWE5MzAtYTc2MjRhNjkyZTg4In0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiNWU4NjUwNjAtMWM2MS00ZTQ1LWE5MzAtYTc2MjRhNjkyZTg4In1dfQ
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.159.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-159-66.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 19 Jan 2024 13:48:58 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
record
consent.api.osano.com/
0
438 B
XHR
General
Full URL
https://consent.api.osano.com/record
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-126.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 b7f480ddbe20bc339525f8e43ddce81a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amzn-trace-id
Root=1-65aa7dca-0437ccc8466b607714fafae9
x-amzn-requestid
dfed9514-6a80-4790-86c3-2b69c43b7fc7
x-cache
Miss from cloudfront
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id
RyiXqEq2IAMEuBA=
x-amz-cf-id
gH564CVufRksvfpaWsUJSE81H5Y6UE4FCtup51F8UxjHLqvfql0CMw==
record
consent.api.osano.com/ Frame
0
0
Preflight
General
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-126.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 b7f480ddbe20bc339525f8e43ddce81a.cloudfront.net (CloudFront)
x-amz-apigw-id
RyiXpErCIAMEl7Q=
x-amz-cf-id
oAfwGPQ30fjayNYlJd5hhyLSUCBfvv-w5IeMMR1KRH0gYiVUwgQy7A==
x-amz-cf-pop
YUL62-C1
x-amzn-requestid
ae53d120-d1a3-4019-9b0a-d5c0fc572963
x-cache
Miss from cloudfront
collect
stats.g.doubleclick.net/j/
2 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6459251-3&cid=806039224.1705672138&jid=682617495&gjid=1193891013&_gid=1851462749.1705672138&_u=YEBAAEAAAAAAACAAI~&z=1581833315
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 19 Jan 2024 13:48:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
2718b839b82afa71593fccf034755174
r610.chicagotribune.com/plugin/plugin/
150 KB
37 KB
Script
General
Full URL
https://r610.chicagotribune.com/plugin/plugin/2718b839b82afa71593fccf034755174
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
5c7c5fa13d5a9b7c3d11627a2c19cd4f84fbb489180c121d7d84a00f8efd344e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 20:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
age
149994
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
37703
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 20:09:04 GMT
server
-
etag
2718b839b82afa71593fccf034755174
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
m7c7BFQfjC5F1V7r3V3Uo-bfZvshq4ID_m_K41pdJgBmoHt9FKxjHw==
expires
Thu, 16 Jan 2025 20:09:04 GMT
tp2
ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
600
content-length
0
date
Fri, 19 Jan 2024 13:48:58 GMT
server
nginx
tp2
ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/
2 B
228 B
XHR
General
Full URL
https://ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:48:58 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
spa-detector.20240118-41-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20240118-41-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58fbc2127a1f3c82b13902836898549eb42d325f23e6c662d886ad7a160d3ebf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
3tp.5802GrO1s.LOPtFy1kukekKe7JdE
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
RXC4MJYDV1AW085W
age
63061
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
780
x-amz-id-2
wNrPkHHRWzCqWuHv/vAsdMx9tYVs0mMTgFJee/HO1GABfwplvkxweUyioP8/6DD6WdlUYy27TVU=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 18 Jan 2024 20:17:56 GMT
server
AmazonS3
x-timer
S1705672138.133832,VS0,VE0
etag
"52cc4889d5f65889a3afb63fb011158e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
29678
card-interference-detector.20240118-41-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20240118-41-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f73b7bd2f95f7f086c8fd4b30dd9319cae31317d20ac4a8a72ebc36f8735337

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
VpCVRiYpaqbUsByT8PkDnzceadUsg0qM
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
566WVFVH2Y3R36X8
age
63012
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2181
x-amz-id-2
5MQNGrnZI9AiW8U+QjVm4m5z98j+ywnDcOQ2VDOPC+HqjZMKECCz9TweG0BTMjIYg8X9Fyca2cs=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 18 Jan 2024 20:18:36 GMT
server
AmazonS3
x-timer
S1705672138.134739,VS0,VE0
etag
"df8ca5fc3b909694a8641899f0c7eb74"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15956
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
340818
expires
60
json
trc.taboola.com/tribunedigital-chicagotribune/trc/3/
173 KB
57 KB
XHR
General
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/trc/3/json?tim=03%3A48%3A58.131&lti=deflated&data=%7B%22id%22%3A45%2C%22ii%22%3A%22%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1705611103710%2C%22vi%22%3A1705672138128%2C%22cv%22%3A%2220240118-41-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html%22%2C%22vpi%22%3A%22%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6569%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22below-article-thumbs_ARC%22%2C%22orig_uip%22%3A%22below-article-thumbs_ARC%22%2C%22cd%22%3A5832.15625%2C%22mw%22%3A952%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22orig_uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22cd%22%3A2881.65625%2C%22mw%22%3A464%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html%2Cbelow-article-thumbs_ARC%3Dthumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%2C%2Ctaboola-right-rail-thumbnails_arc%3Dthumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dacd4dfdb76f7718da8064f80da26c4e441a0a200849023714dcb3ac7e300d33

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
491
date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.6925
x-fastly-to-nlb-rtt
34020
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760033-MIA
x-log-content-encoding
gzip
server
nginx
x-timer
S1705672138.148038,VS0,VE491
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
p1.parsely.com/plogger/
43 B
257 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1705672138151&plid=86040966&idsite=chicagotribune.com&url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&sref=&sts=1705672138144&slts=0&title=Illinois+Supreme+Court+to+decide+if+cops+may+search+vehicles+over+pot+odor&date=Fri+Jan+19+2024+03%3A48%3A58+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=22931753&u=pid%3D8ecb5200a2e43769754453f202e47928
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:48:58 GMT
Cache-Control
no-cache
Last-Modified
Friday, 19-Jan-2024 13:48:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pmk-20220605.30.js
pm-widget.taboola.com/tribunedigital-network/
102 KB
29 KB
Script
General
Full URL
https://pm-widget.taboola.com/tribunedigital-network/pmk-20220605.30.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9f892139e697bb9ea1db18fdec0a6ec24e17e388e833963adfcc783bb110d4f

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
iBWJKgsdDrDzTdDwSqgLFpn6ZkEF0wrY
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
EC0MZA9N1GS5FKSQ
age
1410198
x-cache
HIT
content-length
28809
x-amz-id-2
j75SqPeKIQZqr4kVaaUMLmuaB3CeW3I7MTFEFs1wFL4+N+AX7XY0cR6OZB08SjkpFWT2onjqtK8=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Thu, 28 Sep 2023 13:46:09 GMT
server
AmazonS3
x-timer
S1705672138.280890,VS0,VE0
etag
"47dd4e4fdd87733a0f1a1e1b829ed2a4"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1492
feature-decisions
zephr.chicagotribune.com/zephr/ Frame
0
0
Preflight
General
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-102.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://www.chicagotribune.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 f084ab450a6c71ebe23f8602cefd27ae.cloudfront.net (CloudFront)
x-amz-cf-id
CM-_ciM6Ncafknj-3sexpGCOsSYup14VO27l9TwncSHCAWs9gckOhw==
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
feature-decisions
zephr.chicagotribune.com/zephr/
25 KB
6 KB
Fetch
General
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.213.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-102.yul62.r.cloudfront.net
Software
/
Resource Hash
a8d71dfa24aafe0bf43ab5e34305a2985b03aed36cefc87083d200a38258564e

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
br
via
1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
t3xB1MgWCjULv6F1UavsQBnhYpDIDcwZ2Anw0PqGtuW5RCeyB3nBQQ==
x-blaize-request
ffffffff8486e318
anchor
www.google.com/recaptcha/api2/ Frame EC65
44 KB
28 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9cc5780a760ef346eca5cdb510b313cb32c6de66fa7f850d94defc49171c764
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jyublyBwQDz4gLNYY-2ilQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jyublyBwQDz4gLNYY-2ilQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 13:48:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
trk.gif
jadserve.postrelease.com/
43 B
618 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3161486&ntv_pl=1109781
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:58 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
618 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=e87cd35e-1ff8-41b6-b9e9-06bed5eff2d4&ntv_fl=gyQeoCxsdUW3yyQqNDXuD0CBMdz34Q97kTZYxDsRYQGILCBBvpTFvq_fYwFp_EijONrjok1-k2cV8M_VR6qvt0gJxCcPNx4IbRG5C9j5jV_bsA7drTYRlberiXiwIbLzgUTib_uqfTjR_lURSbP-ko3jeG9BZRxAeHCA2s6I49Vpy2uijbyGUFMEpfUmuDcVDTlidOVWAfbAz2WjTAisx5jEbkQtDYoX4oSpUbVUWHGrsrsvLpg0HyqrCHPaG4QbLbk96rVQYxeedQ7RqsQ5kRNzZCZBlJcWyR30ot9AeqAWd3JcMAp42MA6LFZWWUX6mORS-8hqYxLHZho16Rg-r1crbGqeldmIMyL4V2WKeV1kdogsDT3CipbJkwWQv0YU2LScuwYbsI2RVi1XHNFoVkxBd7U-wFN41c9vbU45mOw8fiGhyJRVwWGYziXWLoDI59qbzD9zA229au9OLLUAIp3suKlvKTQBP27KpvSH397aC8Gyum-5uo4-ICphSOTjfjNKiSUrKzAnr7Aft0HIYsKv4toJKSPM-Dc1L720_Dg2JWdihGoGOsdVmfQN_JOZ26rhWiGspcZHCyW6MVayizXTGn0v7cN674Krcvg47s9tfoNCScJlh7KqC4uh0BDp&ntv_ht=yn2qZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAFe8QA&ord=1705672138277&ntv_it
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:58 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
FUtg69tL.js
cdn.jwplayer.com/libraries/ Frame 95D4
108 KB
41 KB
Script
General
Full URL
https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:ec00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
61fb9ecb56528cc228f4d64f01e4318c7810d78466892c55b741832d53452468

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:46:33 GMT
content-encoding
gzip
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
YUL62-C2
age
145
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41171
x-amz-cf-id
soh0mVwFUcvRvg-WreOD4GKcU7_81rHCmwS6zn1XNv-wSOst3Sn88w==
4271bd877997374149bf277d8710bacf
r610.chicagotribune.com/plugin/library/
408 KB
131 KB
Script
General
Full URL
https://r610.chicagotribune.com/plugin/library/4271bd877997374149bf277d8710bacf
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
b0cafd16bf0a7c3f7217d764a4d01f1394bc19052eb6b2cef6ff6800ef7e9459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
age
3216904
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
133359
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 08:13:54 GMT
server
-
etag
4271bd877997374149bf277d8710bacf
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
R449-6xE05WX6SK3qutohQy-wQQBkQJ2P8UayIHIx6W1QMnnrl8NHA==
expires
Thu, 12 Dec 2024 08:13:54 GMT
LB-Zone-2
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417/
2 KB
2 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417/LB-Zone-2?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=&bctempid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&overruleReferrer=&time=2024-01-19T03%3A48%3A58-10%3A00&ts=1705672138306
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
a429760b51e3faf5f09115441a59177dd751344d10ee2b71c1d4196657ba6072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
851
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ayUZJ3nEPQZ-yDWYnysqN16idc2wq9AzJmWbW2zxKmhPWiua4nj4wA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
283 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6459251-3&cid=806039224.1705672138&jid=682617495&_u=YEBAAEAAAAAAACAAI~&z=45278008
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 21:50:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
57490
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138464
x-xss-protection
0
server
cafe
etag
13337571285874554267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 17 Jan 2025 21:50:48 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/
33 KB
12 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 13:30:34 GMT
server
cloudflare
age
1005
etag
W/"9018c4-856b-60f4c7c16f467"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
847f89d16859daed-MIA
expires
Fri, 19 Jan 2024 17:48:58 GMT
css
fonts.googleapis.com/
6 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 12:16:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jan 2024 13:48:58 GMT
icon
fonts.googleapis.com/
569 B
462 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 13:48:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jan 2024 13:48:58 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/
20 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4242021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEmIaKT83wtnbkXX%2FjiGJVysv7VLBg1z6JaavjC368q9vS4ymK6cr9ruI0hdi6ITIBFisV1nbYFTWcpsAq0XKWujY%2BQWn%2FRWjhYexQMUDFq%2FBLRZkezM4nTbCWU3fIPHIiYuKaOeP%2BM0IuOw4SXwFdKF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
847f89d19e885d0e-MIA
expires
Wed, 08 Jan 2025 13:48:58 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 2CC7
53 KB
20 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4247538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft96JwSYrDUW7KtiDwY5XfbygzMKXqPEzmua8dqL42QByPdO%2BTFv1QlvBBGmB1eoIXmzFOHzRHY%2FqT9LN6s4yw9gfzfn8y3UIM48jYDtw7cWXQ%2B7EOvkW5oMraCFiTSqJZE6KwZzsxa960BAIUg1rFYJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
847f89d19e8b5d0e-MIA
expires
Wed, 08 Jan 2025 13:48:58 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
377 KB
130 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b69084537e14d513867b7fb87e613b80d41f7ba755043e42884a2b3a2054412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132426
x-xss-protection
0
expires
Fri, 19 Jan 2024 13:48:58 GMT
prebid.js
embed.sendtonews.com/library/prebid/8.6.0/ Frame 2CC7
443 KB
123 KB
Script
General
Full URL
https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.213.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-40.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
i3B_jjvrdw.lF4dn27SHtSate1_g8CWu
content-encoding
br
via
1.1 fbdc01f132101cb05310363b09502a86.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 09:43:34 GMT
last-modified
Wed, 29 Nov 2023 21:48:59 GMT
server
AmazonS3
age
14725
x-amz-cf-pop
YUL62-P1
etag
W/"4b9ce2a8c4f2b111ada55ff0f82ba870"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ElZae19HJ2vcuSSPvalnqp8O4F1ej_F7IukEzXTrBoG8g4i-Yie9eg==
ppid.js
cdn-ima.33across.com/
10 KB
4 KB
Script
General
Full URL
https://cdn-ima.33across.com/ppid.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:46 GMT
server
cloudflare
age
150213
etag
W/"65833eca-2947"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
847f89d1de9967b7-MIA
expires
Mon, 22 Jan 2024 13:48:58 GMT
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame 2CC7
335 KB
59 KB
Script
General
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.213.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-40.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
gzip
via
1.1 fbdc01f132101cb05310363b09502a86.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 11:35:00 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
8039
x-amz-cf-pop
YUL62-P1
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
w8uV35QzeWnG1IqQCGRvVBDzssGOLA4k66psmaijTPSBls8-MWd2xQ==
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/
1 KB
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:09:06 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
16793
etag
"cb93bb50e5d021cc38de445a672c18a2"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
5fydcWTMWZSu8JQu0st0gME20qpH2ctlnKg0sdD5o1nUgxASArKRQQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/
322 B
639 B
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:09:06 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
16793
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
I4BAyXDVQ7D6xbBPvrptX4H0NjrL27uKUjmUe1Q_NAgDEAJUe5UwPw==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/
832 B
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:09:06 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
16793
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
ViNXOO8o_zTh9qcO3N500oSt2xd_LeZKz15gRJLKN-YdW7QsQxaJQQ==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/
773 B
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:09:06 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
16793
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
lU2-fYVq7qS--oSM6HDqwmV2NjXry0Gk1sahqhskojOamCdjBDlkWg==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2CC7
282 KB
70 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:10:12 GMT
content-encoding
gzip
via
1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront), 1.1 49a31eb192d176b36bdbd7d7f218656a.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, YUL62-C2
age
2327
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
fxk6bUidSDUse1QpqORNvXc8kK9W1MmjhRJV8uQG_tT0H2Rrz_GKpw==
stn_trk.gif
s2l.sendtonews.com/
26 B
187 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=uBLNlZNf7btMf9rt&instance=239442&version=7.29.7-Z&age=240119&cmd=PRE_INIT&key=7WQ1xQNF-vJYVOHOP&seq=1&order=1&vIndex=0&absoluteTime=1869.3&relativeTime=0.3&canonical=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&EXTREF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&REF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.242.242.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-242-79.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/
6 KB
2 KB
Fetch
General
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=uBLNlZNf7btMf9rt&instance=239442&version=7.29.7-Z&age=240119&ESG_key=7WQ1xQNF&PL_key=vJYVOHOP&type=FULL&EXTREF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&REF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.213.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-40.yul62.r.cloudfront.net
Software
Apache /
Resource Hash
59a12246a69e87f41550d1ed2ba66ba5b2554fe02422f9c2a4efe1543d1cf055

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
via
1.1 fbdc01f132101cb05310363b09502a86.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
YUL62-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
1862
x-amz-cf-id
SCsNTvHBLE2IpnBEdo3OsiBg_n-ifmWN8rSPUqN5K-BihFfQ_hvU_g==
expires
Fri, 19 Jan 2024 13:48:59 GMT
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/
67 KB
26 KB
Script
General
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-4.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 18:13:18 GMT
content-encoding
gzip
via
1.1 bd11fded4d6f93b0bab101b7e46c968c.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
YUL62-P1
age
1971341
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Mrqfcfqop6kmEu49vAP3av-kIM1NN4n3qnC1BlKt3ZSzqQKHp3AAlQ==
bl-250cc79-aa556ca6.js
tagan.adlightning.com/mng-trib/
92 KB
39 KB
Script
General
Full URL
https://tagan.adlightning.com/mng-trib/bl-250cc79-aa556ca6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-4.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f05d0ca07142e2322ffc74112922cd44ee6b77ea348b8904694f81d1633aff69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 02:41:21 GMT
content-encoding
gzip
via
1.1 bd11fded4d6f93b0bab101b7e46c968c.cloudfront.net (CloudFront)
x-amz-version-id
uCNa1g186wJ7J1cDrccGIOiqNenwaBla
x-amz-cf-pop
YUL62-P1
age
40058
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39144
x-amz-meta-git_commit
250cc79
last-modified
Fri, 19 Jan 2024 02:40:20 GMT
server
AmazonS3
etag
"7b704ab4e707499a74f07c2b57ef9a4e"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
KlSXgyNpAFvzUWkhpbrTlW1Q41HKzpYVMsIAgaSHMoS0wtWxhkYDuQ==
launchpad.bundle.js
launchpad.privacymanager.io/latest/
126 KB
26 KB
Script
General
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-122.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding
br
via
1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 13:43:32 GMT
last-modified
Tue, 12 Dec 2023 13:01:22 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
327
x-amz-server-side-encryption
AES256
etag
W/"6f5acc886b373331d622309f643f2f89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
Fk7_fcsrTPJ43Wgim4HUZMgjYkILYWlfmO1ZnBGv0sodQm5KKinR0w==
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame EC65
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:05:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame EC65
503 KB
201 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206076
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:05:18 GMT
swg-button.css
news.google.com/swg/js/v1/
18 KB
5 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:07:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5195
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 13:57:10 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:34:13 GMT
x-content-type-options
nosniff
age
62085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:34:13 GMT
loader.svg
news.google.com/swg/js/v1/
0
1 KB
Other
General
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 12:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 13:49:40 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 08:27:27 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0df778cadb5eaa000de4f1d7838b16e0.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
19292
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
33n6pIBDd4bE0G_q1Mj3p0nrK3S_zGzU4rULok61Q-PKr1XAkwyjnw==
cs
tribune.blueconic.net/DG/DEFAULT/
66 B
862 B
Script
General
Full URL
https://tribune.blueconic.net/DG/DEFAULT/cs?bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&&callback=bc_json419
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.205.148.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-148-211.compute-1.amazonaws.com
Software
- /
Resource Hash
03aa4e15ede6121b5ed04c6895a07077a1305750e4c347b3e8b620fde78446dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
article
news.google.com/swg/_/api/v1/publication/chicagotribune.com/
552 B
1 KB
Fetch
General
Full URL
https://news.google.com/swg/_/api/v1/publication/chicagotribune.com/article
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d29bc0e97e4af8d4ed85e818acc3ae8d8925cdbaa49b8fd1156e55301a1311f2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
stats
r610.chicagotribune.com/rest/v2/recommendations/
57 B
890 B
Script
General
Full URL
https://r610.chicagotribune.com/rest/v2/recommendations/stats?storeId=699df7a9-502c-4c05-85b0-78cce8b0f987&action=view&itemId=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&profileId=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&isEntrypage=true&hash=9ffa57bb4f6f04e1c29466d874040a8a&lastmodified=1705662000000&referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&&callback=bc_json420
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
169bfb3e9a6215130ace91e9402ba1ff5b9febd7698423f90b81138055b8e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
77
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
x-amz-cf-id
ZEb3AeiReYiR0cWs09saW0_kvaUj9IX0jlHQ5h28-1f5dS_W6CI4ow==
expires
Thu, 01 Jan 1970 00:00:00 GMT
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
574 B
1 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&bctempid=&overruleReferrer=&time=2024-01-19T03%3A48%3A58-10%3A00&ts=1705672138699
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
436945ce21d8665b3ab00705d2f41902ab5f361898b4b20c848ece6cf54d3add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
183
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
aKoBddBk1ztPq4kEvFAPA_f2bXaNArIAzrCGtFirrcdU0GDIX-xi0w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
192 B
1 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&bctempid=&overruleReferrer=&time=2024-01-19T03%3A48%3A58-10%3A00&ts=1705672138701
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
3fc4c29adc43c41f1e51626a3303ac4167de485cff7944b8da081c594dcb52b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
tqa6gj-1zjgMVur_ib7mv2TTqVVAIF3w_tOisRClsj4P3t5mlpy5cA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
192 B
1 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&bctempid=&overruleReferrer=&time=2024-01-19T03%3A48%3A58-10%3A00&ts=1705672138710
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
33f14ae9673d45e6bbb13b1ba87ad7c921a94aac50a784ada02492975b9af009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
YdN1jOx9n0k-gkZnjrwEoVxKSzjZV8LPAMySrNzemb3r8LRX9Qj2ZA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=223028646&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ul=en-us&de=UTF-8&dt=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blueconic&ea=connection&el=dimensions&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=806039224.1705672138&tid=UA-6459251-3&_gid=1851462749.1705672138&gtm=45He41h0n815K8DK4Vv843672834&cd1=chicagotribune&cd2=marijuana%3Aillinois&cd3=%2F4011%2Ftrb.chicagotribune%2Fmarijuana&cd5=arc%20fusion&cd6=story&cd7=story&cd8=story&cd9=ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm&cd10=ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm&cd12=Illinois%20Supreme%20Court%20to%20decide%20if%20police%20may%20search%20vehicles%20based%20on%20smell%20of%20marijuana%20or%20if%20it%E2%80%99s%20an%20%E2%80%98aroma%20of%20legality%E2%80%99&cd13=Robert%20McCoppin&cd14=Robert%20McCoppin&cd15=2024-01-19%2005%3A00&cd16=2024-01-19%2005%3A00&cd17=chicago-tribune&cd18=Chicago%20Tribune&cd19=KMMOS37SFFEINL2PL24RBB3BZM&cd20=KMMOS37SFFEINL2PL24RBB3BZM&cd21=(none)&cd22=(none)&cd29=(none)&cd30=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&cd44=1025%7C%7C1223&cd95=(none)&cd96=signed-out&cd97=0&cd98=(none)&cd99=(none)&cd100=(none)&cd102=(none)&cd103=(none)&cd119=metered&cd123=no%20subtype&cd124=(none)&cd127=image&cd135=stories&cd139=&cd162=951&cd163=%2Fmarijuana%2Fillinois&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cd164=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&cd166=no&z=300759360
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 20:24:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62661
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html.js
dyv1bugovvq1g.cloudfront.net/3/www.chicagotribune.com/marijuana/illinois/
871 B
861 B
Fetch
General
Full URL
https://dyv1bugovvq1g.cloudfront.net/3/www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html.js
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:4200:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4636bd76eb8e4327db8ed5adb0c85f9b56b70bceae25d6c8559ff583c0eee8ba

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
via
1.1 90afcdb26518f969b68e124515efb74c.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
224
x-amz-expiration
expiry-date="Wed, 20 Mar 2024 00:00:00 GMT", rule-id="cleanup"
last-modified
Fri, 19 Jan 2024 13:38:23 GMT
server
AmazonS3
etag
"152619890a440bda7728758062b77c37"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=300
access-control-allow-credentials
true
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
7OnLWrXOZo0vI_iPaMGTVxeRC8msfEaDWfbTVQwH_JL5uF7pQITrdw==
hb-multi
hb.yellowblue.io/
83 B
435 B
Fetch
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.233.23.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-23-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
dbdbcd8746cbfdf2ad800f09c5e6ef1e9d0047aca8418beb8dc8d37f37900ee6

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.chicagotribune.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
41
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
tribune
direct.adsrvr.org/bid/bidder/
0
406 B
Fetch
General
Full URL
https://direct.adsrvr.org/bid/bidder/tribune
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/
523 B
1 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7476&site_id=469092&zone_id=2767822&size_id=2&alt_size_ids=55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&tg_i.domain=chicagotribune.com&tg_i.page=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&tg_i.pbadslot=%2F4011%2Ftrb.chicagotribune%2Fmarijuana%231&tk_flint=pbjs_lite_v8.24.0&x_source.tid=857ad4df-84b2-44bc-ae53-d34e1ae6d1d3&l_pb_bid_id=6a2e177f1d79fe&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=87c4e94f-309c-49f8-8677-fb19bf9666b1&rp_maxbids=1&p_gpid=%2F4011%2Ftrb.chicagotribune%2Fmarijuana%231&m_ch_mobile=%3F0&slots=1&rand=0.6906413602351775
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2d4d2bd4e48ab5e89d0a54696735152558f0ab07ad226d992afe385b40615f6d

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
523
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/
0
230 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.24.0&p=%5B%7B%22placement_id%22%3A%22htlad-1-gpt%22%2C%22callback_id%22%3A%22823b9323a91a0e%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223261757601171317071%22%2C%22gpid%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fmarijuana%231%22%2C%22tid%22%3A%2287c4e94f-309c-49f8-8677-fb19bf9666b1%22%2C%22auctionId%22%3A%22857ad4df-84b2-44bc-ae53-d34e1ae6d1d3%22%7D%5D&page_url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bust=1705672138754&dnt=false&description=The%20justices%20will%20consider%20two%20cases%20that%20had%20opposite%20appellate%20court%20rulings.&tmax=2000&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&w=1600&h=1200
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-229-2.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
pragma
no-cache
date
Fri, 19 Jan 2024 13:48:58 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/
19 B
586 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
an-x-request-uuid
fcfc75f6-2f8b-4a9b-866d-018bba2fdeca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.73; 38.132.118.73; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/
19 B
825 B
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.24.0&referrer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&tmax=2000&us_privacy=1---
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.215.250.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-250-220.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:58 GMT
accept-ch
sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/
0
121 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:48:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/
0
201 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=43752950241&lsavail=1
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:48:58 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/
37 B
672 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=948352
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa2ab5be05560c78bf62374a8810f6d11a44dc50a8764840f2616f2c70d6610

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To88VlT6wlvE1dmu9J%2B0wsh8qEANz2ZPrqz8nO6wpNhEvxCM9oF5Lv9H65zCkciIaw00tqVPI7SW5FN6HATzcOe8%2B0oQTWNr7ehX3NLhVpJE7n9MfLzX7Ld%2Bz19qY5yo0K1GFzSL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
847f89d3ba700a12-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
3503
config.aps.amazon-adsystem.com/configs/
532 B
808 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3503
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-94.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
d9e057fabfeefd905697e28192598d51e244a2f91caa08593ff51d120628c108

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:18:19 GMT
via
1.1 757f53a116e3bce1cfc7655bc6b1ae8e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
1840
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
FO1eNsGL_dDIXZ9UujOPn1XONWuR3E_PTJtu6o99DgTtKsPnD66muw==
config
c.amazon-adsystem.com/cdn/prod/
925 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
Server /
Resource Hash
780c6bbb6af26bfd0e7fe7d36eab7dd6cfe905656061f72763a54719834afef0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 11:28:45 GMT
via
1.1 49a31eb192d176b36bdbd7d7f218656a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
age
8413
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
925
x-amz-cf-id
ZSdia1oa3SAGxgGNfCgWvgX536s7fiAV_tbg_lwOoY2tI6wgRV5yjw==
bid
aax.amazon-adsystem.com/e/dtb/
276 B
616 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3503&u=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&pid=tNA8lfmXQzZ9G&cb=0&ws=1600x1200&v=24.116.2102&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4011%2Ftrb.chicagotribune%2Fmarijuana%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-&gpp_sid=%5B6%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
c0517007ea2c25cd1f1638d862e7640c7e5ae5221670a65c9f47f413933a9d75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
276
x-amz-cf-id
1iouqF81aY1iSMrQrjNs6ghv6nPJZ1xCzFlApcuNTjROG4SYc-Z8Yw==
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:06:46 GMT
content-encoding
gzip
age
423732
x-guploader-uploadid
ABPtcPo-Nnc_L1KAyEpPPVUv5vwCRMRk402c2xMZ8RDapzyXrt417SxU0ZSnklO1feNd-W0PQzNuKA5BfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 13 Jan 2025 16:06:46 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
4894bad4469576c34de3eefdb4e774bf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:7800:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 18 Jan 2024 14:22:48 GMT
Via
1.1 c0216388ff1632eb6c4704890b01eee4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YUL62-C1
Age
84372
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
8cJN_aKyKpQuNavll-K-S3MprNfEEqI1M1I2xcO8pTniOFWOHbno3A==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-59.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 22:47:33 GMT
content-encoding
gzip
via
1.1 1a0361f1d6eeb33d623d41bfabfa3e8e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
54087
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
3ywMSUmlbA9sJOUttUWMjsiXxbLBII9JqgpW_M6XIGe-fjBjMCIkpg==
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
150213
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
847f89d3aa2067b7-MIA
expires
Mon, 22 Jan 2024 13:48:58 GMT
css2
fonts.googleapis.com/ Frame 95D4
3 KB
528 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
933ff38629199ba200d23e1a3afda3ca9cae06352169926a4609942ab4d3742b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 12:48:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jan 2024 13:48:58 GMT
ping.gif
player-files.remixd.com/ Frame 95D4
43 B
172 B
Image
General
Full URL
https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=0&sessionId=6dccecce-3921-411a-a994-030c2606cd4e&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
x-guploader-uploadid
ABPtcPrUJRHVmhs2-1_31Fln0kYi5PiStfWRL-lgP4xhtZTyr8d1ijXIgV_cB7L4qxRbQ6NaJL5N2zIJ6w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:48:59 GMT
ping.gif
player-files.remixd.com/ Frame 95D4
43 B
183 B
Image
General
Full URL
https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=6dccecce-3921-411a-a994-030c2606cd4e&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
x-guploader-uploadid
ABPtcPqlk7gt4PjFLE_T5Gwm4jAKQzegMTx22hWm1P09RRl5tlVRnLXT1jwaSHydF--TvItzwMh-iHhHMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:48:59 GMT
ping.gif
player-files.remixd.com/ Frame 95D4
43 B
573 B
Image
General
Full URL
https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=6dccecce-3921-411a-a994-030c2606cd4e&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
x-guploader-uploadid
ABPtcPqDPPfpz6wJMKpOYcGDFKfp00LQOL5Na2vVhqgU8UcDcQDjFbsl5CZ7gOcIj9vk6R2vxBd5h74_3g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Sat, 18 Jan 2025 13:48:59 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/
122 KB
25 KB
Script
General
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:bc00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 02:12:20 GMT
x-amz-version-id
vJGOPXg55Eg10ePpe.oKRR8kUd73XmCz
content-encoding
gzip
last-modified
Wed, 03 Jan 2024 22:00:33 GMT
server
AmazonS3
via
1.1 22068bada9db7a55ac57b9824fe6f9b4.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
etag
W/"89881b677e6e0a30830bf701b3bc6cbe"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
age
41800
x-amz-cf-id
CSZXdD5WxMMwb3pS14oSNG5sgEhOibPo5Qb5emk5YiuK74KUnmTiZA==
1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/
68 B
460 B
Image
General
Full URL
https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=b82feaa73aa9
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.9.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:00 GMT
Last-Modified
Mon, 26 Oct 2020 16:52:19 GMT
Server
AmazonS3
x-amz-request-id
AMBGKSQSP0QRR4WN
ETag
"91e42db1c66c0b276abf6234dc50b2eb"
Content-Type
image/png
Cache-Control
no-store
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
5v9PncSFYgGg3bPxePnNe5sRdJd7kzxOqLVk2oBv2tBZOnz67fVzS0P13YFsk64nbMnXpNlyvQscSRX3n90NiQ==
identity
api.rlcdn.com/api/
0
284 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
id.sv.rkdms.com/identity/
2 B
277 B
XHR
General
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.chicagotribune.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.99.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-99-162.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:48:59 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
2
vary
Accept-Encoding
content-type
application/json
rid
match.adsrvr.org/track/
109 B
572 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e20265ee3992793f8dc4bf778201758df1125d7f930a5dc3419942caea567563

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 18 Feb 2024 13:48:59 GMT
device-uda.png
www.chicagotribune.com/subscriptions/modal-ad-lite/img/
4 KB
5 KB
Image
General
Full URL
https://www.chicagotribune.com/subscriptions/modal-ad-lite/img/device-uda.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db605a80bbf93129d351ebc9ef9e229f9534e541f32790d61a22d17331d1888c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
120
x-amz-version-id
9RmypjIe.FBYXfXks424Wwt9OyGtpQwh
date
Fri, 19 Jan 2024 13:48:58 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 27 Jul 2022 21:30:42 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P3
etag
"32908f365df877d7d0c2b98e21294b21"
x-arc-request-id
0.5aab3717.1705672138.2e37f82
content-type
image/png
cache-control
private, max-age=1
server-timing
ak_p; desc="1705672138907_389524314_48463746_981_7736_52_0_146";dur=1
content-length
4563
x-amz-cf-id
lpZbiAOXIrSYHINoAsnw2of8opvEwDnOSsiOXxKv8auC-jxklXuHbA==
expires
Fri, 19 Jan 2024 13:48:59 GMT
arrow.svg
www.chicagotribune.com/subscriptions/modal-ad-lite/img/
862 B
1 KB
Image
General
Full URL
https://www.chicagotribune.com/subscriptions/modal-ad-lite/img/arrow.svg
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e032575ce4b515c457c0cf6c2dc05a33265351dfc72365e353669418cfc047d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
120
x-amz-version-id
bBeIjehHnjm2b3ZbXdA98wFaXuesup2T
content-encoding
gzip
date
Fri, 19 Jan 2024 13:48:58 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P3
x-arc-request-id
0.5aab3717.1705672138.2e37f84
server-timing
ak_p; desc="1705672138906_389524314_48463748_3642_8470_52_0_146";dur=1
content-length
544
last-modified
Wed, 27 Jul 2022 21:30:41 GMT
server
AmazonS3
etag
"961aedd1fed3b3c87e42a9b9f48e8975"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=1
x-amz-cf-id
NQegxyfdyi63xx_dogKMJmIRIWais0mF0DgikFKX_Jac-GEEbg2vhg==
expires
Fri, 19 Jan 2024 13:48:59 GMT
icon-laptop.png
www.chicagotribune.com/subscriptions/modal-ad-lite/img/
4 KB
5 KB
Image
General
Full URL
https://www.chicagotribune.com/subscriptions/modal-ad-lite/img/icon-laptop.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc96ea6e178463aae045454a8bb583cb8678f20c922a20723bbcdb0b0f242816
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
120
x-amz-version-id
nZKmU8UtrAwwbmt3fmAbffEt1q7jYU3B
date
Fri, 19 Jan 2024 13:48:58 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 27 Jul 2022 21:30:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P3
etag
"10c5ddda2dce705aa29de726fdd86de3"
x-arc-request-id
0.5aab3717.1705672138.2e37f85
content-type
image/png
cache-control
private, max-age=1
server-timing
ak_p; desc="1705672138906_389524314_48463749_895_8524_52_0_146";dur=1
content-length
4400
x-amz-cf-id
UQjfbbBN9EwXUmngU9lLl7qVDay-oplYaSgwxRPTckFgypZ_2xXjnA==
expires
Fri, 19 Jan 2024 13:48:59 GMT
icon-noads.png
www.chicagotribune.com/subscriptions/modal-ad-lite/img/
3 KB
3 KB
Image
General
Full URL
https://www.chicagotribune.com/subscriptions/modal-ad-lite/img/icon-noads.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ff4bae221a902760c0269d72a02a8e7abdb54597f9a1872a4212f4a5a463ed5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
120
x-amz-version-id
gk7I.M5qTpK3qLSS4K.Rc.UdmAbVES47
date
Fri, 19 Jan 2024 13:48:58 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 27 Jul 2022 21:30:43 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P3
etag
"4e1d08e642478b4ec71c8fd0b9c256a2"
x-arc-request-id
0.5aab3717.1705672138.2e37f87
content-type
image/png
cache-control
private, max-age=1
server-timing
ak_p; desc="1705672138906_389524314_48463751_689_8585_52_0_146";dur=1
content-length
2577
x-amz-cf-id
kYcNxEKAK9FKsl4raoQ_bo-IGkmPv8SJK7FzJ5SDALh_lxrS55mT3w==
expires
Fri, 19 Jan 2024 13:48:59 GMT
icon-tablet.png
www.chicagotribune.com/subscriptions/modal-ad-lite/img/
2 KB
2 KB
Image
General
Full URL
https://www.chicagotribune.com/subscriptions/modal-ad-lite/img/icon-tablet.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20d36b1439759089674dc4d2a6bc17436719a75911b63398b54772458dc709c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
120
x-amz-version-id
oT4p6r.aMkI9gbAogsPJBklu1vuNd.fZ
date
Fri, 19 Jan 2024 13:48:58 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 27 Jul 2022 21:30:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P3
etag
"f30c900e60e4064f42517091db8b501b"
x-arc-request-id
0.5aab3717.1705672138.2e37f88
content-type
image/png
cache-control
private, max-age=1
server-timing
ak_p; desc="1705672138907_389524314_48463752_1426_8408_52_0_146";dur=1
content-length
1911
x-amz-cf-id
gpspaK3mmUUpbh6qYkbE1TfUlztn4A4jQDocqWw86F_iokBiwV-KPw==
expires
Fri, 19 Jan 2024 13:48:59 GMT
icon-phone.png
www.chicagotribune.com/subscriptions/modal-ad-lite/img/
4 KB
5 KB
Image
General
Full URL
https://www.chicagotribune.com/subscriptions/modal-ad-lite/img/icon-phone.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3298bdfdcf3cc6b8bac3088bb71036c0be9eba411cff6c6902b1d53e63124adc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
120
x-amz-version-id
CiLOHUo2TF2fLVeOU8W81hCE2Ma5XSQ7
date
Fri, 19 Jan 2024 13:48:58 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 27 Jul 2022 21:30:42 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P3
etag
"9a86e435cce562f363835eb199472583"
x-arc-request-id
0.5aab3717.1705672138.2e37f8a
content-type
image/png
cache-control
private, max-age=1
server-timing
ak_p; desc="1705672138906_389524314_48463754_842_8440_52_0_146";dur=1
content-length
4359
x-amz-cf-id
UblzVq3GycEnp0ixqXy2Zr7jf7f_ha8HEYXigK1os4DtojUfZfVzMQ==
expires
Fri, 19 Jan 2024 13:48:59 GMT
feature-decisions
zephr.chicagotribune.com/zephr/
29 KB
6 KB
Fetch
General
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.213.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-102.yul62.r.cloudfront.net
Software
/
Resource Hash
c552d48560eff4890e02cf29c6f7cdb7ebebfcabaa47e11fa8c6545bfcad677c

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
br
via
1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
_vkKnUlQjeR-0lI4pullEN4kG6EQpSZvAGG9e5zqaz2Vh3PSUEO4mQ==
x-blaize-request
ffffffffb2759637
feature-decisions
zephr.chicagotribune.com/zephr/ Frame
0
0
Preflight
General
Full URL
https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.161.213.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-102.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://www.chicagotribune.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 fbdc01f132101cb05310363b09502a86.cloudfront.net (CloudFront)
x-amz-cf-id
NnWs68zSBtupZ12Yw9cRh-NH0lowQtm3T9xpDOm9G_URzzfvq8biLQ==
x-amz-cf-pop
YUL62-P1
x-cache
Hit from cloudfront
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.5/
121 KB
34 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 177fd0f8c3e2c78883d72714aa07183a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MIA3-C3
age
186467
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34238
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Sun, 31 Dec 2023 10:01:09 GMT
server
AmazonS3
x-timer
S1705672139.918013,VS0,VE0
etag
"cf9f8c79c74a3093183012fb770abf82"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Yt53WturBIqs4_spLp6yGzj5uLstl0PFiZLu5F07pTL4F1aXtuv3DQ==
x-cache-hits
13788
feed-card-placeholder.20240118-41-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240118-41-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b5c370454ff106b1643e3455112829656290a3990a42d23f2d4fcf77d903771

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
a0mUw1qzhOOMDJHYWayov1LNOrNISJUp
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
7PB86FCYPG9TTDW4
age
63037
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
Ff8eglOLKLxy8QnZBvUFShi9PXxgtcn5SSRNpUzznjbnZpgPtP7qfJcSY3vMKF4jHi5oXyd+DVI=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 18 Jan 2024 20:18:22 GMT
server
AmazonS3
x-timer
S1705672139.901810,VS0,VE0
etag
"91d3081a92e303cfd7944f79a0b4275b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
63189
distance-from-article.20240118-41-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240118-41-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b59d95c1e06a1f6e95dc2866e03eb15bc1b7aba96f38dbd418eea32922d941b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
tA4s3WTaEMTG6f2NfakaQKtC3P3A53EC
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
BPGXEM7FX1CE4GQ8
age
63026
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
Dxn9Qyn7OriBT6cAa2lYjV8YA/WqT9z3kvJ8UsrrIFxbkhf4ytk6dHkwRE6Iyh92l4QTMo9AihM=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 18 Jan 2024 20:18:30 GMT
server
AmazonS3
x-timer
S1705672139.908032,VS0,VE0
etag
"0f17bf8624b50fa8a693124fa26b6c82"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
89
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
61944
article-detection.20240118-41-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240118-41-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c86a31c37afcc73acab5acf33237be17ed5b6ccf524fb37cddfd91a75a523d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
Q7dh08rVTzpjQ7eL0y9HG3PzL6z8J8UX
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
566RW78CR08RDJ3K
age
63014
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
1+bnmAHZftr0oLD9O5A4GePKpLCSK6xwQ5lnZHCJaliX4lkF2adiK/msmnYt2J9OJIUJfkXGWgs=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 18 Jan 2024 20:18:41 GMT
server
AmazonS3
x-timer
S1705672139.911160,VS0,VE0
etag
"21009a8c6710a476fe270d3dda0e7104"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
62001
userx.20240118-41-RELEASE.es6.js
cdn.taboola.com/libtrc/
18 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20240118-41-RELEASE.es6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3328466a419a882471ab33ac36e8340f1ec0cb1da5589a4cd9667d738799c3c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
b_DpxyvCQmUbMVbb08jixtgxC.VmmdC8
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:48:58 GMT
x-amz-request-id
WS6M361HT0D8NFE4
age
63040
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5540
x-amz-id-2
TGhQPgPh//oQi5vXZ1MQi0VILaVxXyNzFpdoJWyUIDRYmSIjdyCy7Mie+lB4VfIp0piOG378ilk=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 18 Jan 2024 20:17:37 GMT
server
AmazonS3
x-timer
S1705672139.927636,VS0,VE0
etag
"da5621964acc3405908bd904ad8b966f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
93
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9097
debug
trc-events.taboola.com/tribunedigital-chicagotribune/log/2/
0
90 B
Image
General
Full URL
https://trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=03%3A48%3A58.871&type=warn&msg=Delta%20mode%20replace%3A%20placement%20below-article-thumbs_ARC%20%7C%20Card%206%20is%20missing%20from%20preloadRequest&llvl=2&id=6163&cv=20240118-41-RELEASE&lt=deflated&pct=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61991
debug
trc-events.taboola.com/tribunedigital-chicagotribune/log/2/
0
89 B
Image
General
Full URL
https://trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=03%3A48%3A58.871&type=warn&msg=Delta%20mode%20replace%3A%20placement%20below-article-thumbs_ARC%20%7C%20Card%207%20is%20missing%20from%20preloadRequest&llvl=2&id=2190&cv=20240118-41-RELEASE&lt=deflated&pct=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61991
1x1-pixel.png
ams-depr-public.s3.amazonaws.com/
68 B
423 B
Fetch
General
Full URL
https://ams-depr-public.s3.amazonaws.com/1x1-pixel.png?fn=removeDomElement&publisher=www.chicagotribune.com
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.199.129 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:00 GMT
Last-Modified
Tue, 27 Oct 2020 15:04:29 GMT
Server
AmazonS3
x-amz-request-id
AMBH7R0RJM5SPJ5P
ETag
"91e42db1c66c0b276abf6234dc50b2eb"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68
x-amz-id-2
xIbKwPC1wqKAXNBq3GZxOPDNeA9vuSyVM/6kPEkvhsFLhVOfquYIzrmdSVF9s+GZuOCxivgzcRY=
debug
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/
0
90 B
Image
General
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=03%3A48%3A58.882&type=warn&msg=TRC.extractValidContainer%3A%20Could%20not%20find%20any%20valid%20container%20when%20trying%20to%20move%20widget&llvl=2&id=8474&cv=20240118-41-RELEASE&lt=deflated&pct=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60963
debug
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/
0
89 B
Image
General
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=03%3A48%3A58.882&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20undefined%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=3251&cv=20240118-41-RELEASE&lt=deflated&pct=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60963
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/
0
506 B
Image
General
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi2=9516&tvi48=-48&tvi50=13622&lti=deflated&ri=8b76f5fcd1533b74464634f03e435965&sd=v2_aad985a32244cd3bb055add9b6408a67_9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a_1705672138_1705672138_CNawjgYQrco9GJC77Y_SMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGibw5uko5yDwdIBcAE&ui=9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a&pi=/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&wi=4349999135296815436&pt=text&vi=1705672138128&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1705672138904%7D&tim=03%3A48%3A58.905&id=8489&llvl=2&cv=20240118-41-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/
0
89 B
Image
General
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=03%3A48%3A58.945&type=info&msg=Load%20publisher%20card%3A%20%23taboola-skip%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23taboola-skip%20succeed&llvl=2&id=6876&cv=20240118-41-RELEASE&lt=deflated&idx=pc&pc=%23taboola-skip&st=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60963
abtests
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/
0
506 B
Image
General
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=US:CH:V&tvi2=9516&tvi48=-48&tvi50=13622&lti=deflated&ri=8b76f5fcd1533b74464634f03e435965&sd=v2_aad985a32244cd3bb055add9b6408a67_9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a_1705672138_1705672138_CNawjgYQrco9GJC77Y_SMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGibw5uko5yDwdIBcAE&ui=9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a&pi=/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&wi=4349999135296815436&pt=text&vi=1705672138128&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3Anull%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1705672138947%7D&tim=03%3A48%3A58.947&id=2753&llvl=2&cv=20240118-41-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
trc.taboola.com/tribunedigital-chicagotribune/log/3/
0
592 B
Image
General
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/log/3/pubs-generic?route=US:CH:V&tvi2=9516&tvi48=-48&tvi50=13622&lti=deflated&ri=8b76f5fcd1533b74464634f03e435965&sd=v2_aad985a32244cd3bb055add9b6408a67_9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a_1705672138_1705672138_CNawjgYQrco9GJC77Y_SMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGibw5uko5yDwdIBcAE&ui=9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a&pi=/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&wi=4349999135296815436&pt=text&vi=1705672138128&d=%7B%22data%22%3A%22%7B%5C%22isSpa%5C%22%3Atrue%2C%5C%22isAngularJs%5C%22%3Afalse%2C%5C%22isAngular%5C%22%3Afalse%2C%5C%22isReact%5C%22%3Atrue%2C%5C%22isVue%5C%22%3Afalse%7D%22%2C%22type%22%3A%22spa-measurements%22%7D&tim=03%3A48%3A58.948&id=6066&llvl=2&cv=20240118-41-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
32
date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
30518
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-mia-kmia1760033-MIA
pragma
no-cache
server
nginx
x-timer
S1705672139.158926,VS0,VE32
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ct.svg
www.chicagotribune.com/pf/resources/images/stacked/
727 B
1012 B
Image
General
Full URL
https://www.chicagotribune.com/pf/resources/images/stacked/ct.svg?d=226
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:22::b819:7f9a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4de3df3f8c41b969312c7f8fb0ec105ca4ceebfeff99e9c4c6552f017c8aeb2e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 13:48:58 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD52-C1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.5aab3717.1705672138.2e38146
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705672138982_389524314_48464198_31_10545_52_0_146";dur=1
content-length
460
last-modified
Wed, 06 Dec 2023 18:29:48 GMT
server
openresty
etag
W/"95a011625b282ce688af84fdec6cf2ed"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
fBd-LFm9FQUUN0T_8I97IMtPYDadvK-amok-ky21vC5uT25B9WoqSA==
expires
Sat, 18 Jan 2025 13:48:58 GMT
config.json
c.go-mpulse.net/api/
51 B
323 B
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=DA9NK-5NF4A-5FWA6-EFVPV-RL87Z&d=www.chicagotribune.com&t=5685574&v=1.720.0&sl=0&si=e3ff8da8-ab7f-4e7c-b29a-4769951bcfa2-s7ih1l&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=544467
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1408:20:381::11a6 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
385b775f1349e9d369a6c6f63a0aafc11c22515ca8c97f2303038a2c6cdaf858

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 Jan 2024 13:48:59 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
style
accounts.google.com/gsi/
533 B
608 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-GRN5Bhnn1TS-OiDif-yoLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-GRN5Bhnn1TS-OiDif-yoLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 19 Jan 2024 13:48:59 GMT
status
accounts.google.com/gsi/
40 B
531 B
XHR
General
Full URL
https://accounts.google.com/gsi/status?client_id=702688468841-a25742v8teenpthkvm42dij472hejio6.apps.googleusercontent.com&as=0xNZ1z72sOREvyuoZRm3kQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47a91e2c6b3a88f4bd6b4ac87812b75db9ccd280c8086cd6389985572083ff9e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6oOS0JrIZsyzJXoUVcTh5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-6oOS0JrIZsyzJXoUVcTh5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
Chicago_Tribune_Logo.png
cdn.taboola.com/static/impl/png/
5 KB
5 KB
Image
General
Full URL
https://cdn.taboola.com/static/impl/png/Chicago_Tribune_Logo.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26810bf3a8e82eb81590c8a3cd0b8d92a0c0b1d36edfe083aa0031713629a6f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
oYxugj_0wupWVeEeIdawKD1k8i8rQli.
date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 varnish
x-amz-request-id
1KDJ75JHJKPH1Y4J
age
13955
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5294
x-amz-id-2
taJ98eN+KCsR+wyPIhO6akwHe0rhBhPUUc3fVXxd5o1TpdMKJPcweY8IBe/ZLWySoO99HFqFWAU=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Tue, 24 Sep 2019 15:17:21 GMT
server
AmazonS3
x-timer
S1705672139.001595,VS0,VE1
etag
"524109aed0725d4dab25ad2e29a5dec8"
content-type
image/png
abp
7
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=uBLNlZNf7btMf9rt&instance=298239442&version=7.29.7-Z&age=240119&cmd=GET&key=7WQ1xQNF-vJYVOHOP&c_id=4591&seq=1&order=2&vIndex=0&absoluteTime=2473.5&relativeTime=604.5&canonical=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&EXTREF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&REF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.242.242.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-242-79.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=uBLNlZNf7btMf9rt&instance=298239442&version=7.29.7-Z&age=240119&cmd=RTP&key=7WQ1xQNF-vJYVOHOP&c_id=4591&seq=1&order=3&vIndex=0&absoluteTime=2474.6&relativeTime=605.6&EXTREF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&REF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&playerCfg=FL&playerType=FLOAT&DS=null&eg.enabled=false&eg.delay=15&eg.ctdwn=5&eg.vl=30&eg.mid=rm&eg.source=p6&eg.time=false
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.242.242.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-242-79.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=uBLNlZNf7btMf9rt&instance=298239442&version=7.29.7-Z&age=240119&cmd=PRE_INIT&key=7WQ1xQNF-vJYVOHOP&c_id=4591&seq=1&order=4&vIndex=0&absoluteTime=2475.6&relativeTime=606.6&canonical=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&EXTREF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&REF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.242.242.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-242-79.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
index.php
playlist.stnvideo.com/player/data/
65 KB
65 KB
Fetch
General
Full URL
https://playlist.stnvideo.com/player/data/index.php?cmd=loadInitial&session=uBLNlZNf7btMf9rt&instance=298239442&version=7.29.7-Z&age=240119&ESG_key=7WQ1xQNF&PL_key=vJYVOHOP&type=FULL&EXTREF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&REF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.154.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-154-144.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9cc3e2b1b1eb51fd9db6b68802f83503494da68bfc842c7ec252a2d7a599cc19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 Jan 2024 13:48:59 GMT
server
Apache
content-type
text/html; charset=UTF-8
ppid
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZA...
  • https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZA...
42 B
138 B
XHR
General
Full URL
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=PMgHDJHdEi12z53BPb%2FU4GL7sOvcgOwN1csVMi1qGcg%3D&fp=wA7XmPAig4dj%2FKhM9dKnTd3QgyrgCFaQraiFT4ZfBdBEkTQXWWaK1tW9c7ddR4e43zCf0xefr52KHpvG6Yr5Ww%3D%3D
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 19 Jan 2024 13:48:58 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.chicagotribune.com
location
https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&gpp=DBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6&b=1&g=PMgHDJHdEi12z53BPb%2FU4GL7sOvcgOwN1csVMi1qGcg%3D&fp=wA7XmPAig4dj%2FKhM9dKnTd3QgyrgCFaQraiFT4ZfBdBEkTQXWWaK1tW9c7ddR4e43zCf0xefr52KHpvG6Yr5Ww%3D%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2CC7
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 08:27:27 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0df778cadb5eaa000de4f1d7838b16e0.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
19293
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
mhK7GQeoU9qcynl0oj7l2R37TOP3RsoRrGngua4j3_ZOhuPMPwkCUw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 19 Jan 2024 14:03:59 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/
113 KB
28 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
J52V4KDNC3S0G40G
age
104
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
847f89d67a324958-MIA
x-amz-id-2
0sGZS9MPH/9Q/q9fVKSDYBsKOt6Q7pJYOBgHseHPdLRtz30rL+shC2QInjaVZ5beEfze/nJFzqYjemPO6ccSOA==
social
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/
0
506 B
Image
General
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/social?route=US:CH:V&tvi2=9516&tvi48=-48&tvi50=13622&lti=deflated&ri=8b76f5fcd1533b74464634f03e435965&sd=v2_aad985a32244cd3bb055add9b6408a67_9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a_1705672138_1705672138_CNawjgYQrco9GJC77Y_SMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGibw5uko5yDwdIBcAE&ui=9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a&pi=/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&wi=4349999135296815436&pt=text&vi=1705672138128&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Illinois%20Supreme%20Court%20to%20decide%20if%20police%20may%20search%20vehicles%20based%20on%20smell%20of%20marijuana%20or%20if%20it%E2%80%99s%20an%20%E2%80%98aroma%20of%20legality%E2%80%99%22%2C%22sec%22%3A%22marijuana%3Aillinois%22%2C%22aut%22%3A%5B%22Robert%20McCoppin%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fresizer%2F53CtCxQRFyfzlr2bdQ3Hs_dqW08%3D%2F630x630%2Fcloudfront-us-east-1.images.arcpublishing.com%2Ftronc%2F6IG35TUUQBC45MDCBFKEC5QSLM.JPG%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A48%3A59.193&id=5777&llvl=2&cv=20240118-41-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
i
www.i.matheranalytics.com/
43 B
245 B
Image
General
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=fusion&tid=ddba50ff-2ac2-40c1-9da9-7909c87fbe4e&pid=5e865060-1c61-4e45-a930-a7624a692e88&dtm=1705672139224&qnm=_matherq&visible=1&tabid=82fcaf5f-5ef4-49f3-b389-132a21545f04&url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&vp=1600x1200&ds=1600x4894&tofa=1705672138&vid=1&lvidt=1705672138&duid=5456eb42-3e36-438e-bc0c-62e5bed2414b&fp=3413462137&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsidHlwZSI6InBheXdhbGwiLCJjYXRlZ29yeSI6ImJsb2NrIiwiYWN0aW9uIjoic3RvcCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJQcm9kIENUIE1ldGVyIiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vNTMiLCJvdXRjb21lTGFiZWwiOiJTb3BoaSBCQVUgUGF5d2FsbCBNRzIgQW5vbiJ9XSwibWV0ZXIiOnt9LCJ0cmlhbFRyYWNraW5nRGV0YWlsIjp7fSwidmVuZG9yIjoiemVwaHIiLCJmbG93cmVmIjp7ImRheTAiOnsiZmxvdyI6InBheXdhbGwiLCJ0aWQiOiJkZGJhNTBmZi0yYWMyLTQwYzEtOWRhOS03OTA5Yzg3ZmJlNGUiLCJ0aW1lIjoiMTcwNTY3MjEzOSJ9LCJkYXk1Ijp7InRpbWUiOiIxNzA1NjcyMTM5In0sImRheTMwIjp7InRpbWUiOiIxNzA1NjcyMTM5In19fSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiI4MDYwMzkyMjQiLCJyZWZUaW1lIjoiMTcwNTY3MjEzOTIyMyJ9XSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiNWU4NjUwNjAtMWM2MS00ZTQ1LWE5MzAtYTc2MjRhNjkyZTg4In0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiNWU4NjUwNjAtMWM2MS00ZTQ1LWE5MzAtYTc2MjRhNjkyZTg4In1dfQ
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.159.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-159-66.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 19 Jan 2024 13:48:59 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=223028646&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ul=en-us&de=UTF-8&dt=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SendtoNews%20Player&ea=readyToPlay&el=7WQ1xQNF-vJYVOHOP&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=806039224.1705672138&tid=UA-6459251-3&_gid=1851462749.1705672138&gtm=45He41h0n815K8DK4Vv843672834&cd1=chicagotribune&cd2=marijuana%3Aillinois&cd3=%2F4011%2Ftrb.chicagotribune%2Fmarijuana&cd5=arc%20fusion&cd6=story&cd7=story&cd8=story&cd9=ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm&cd10=ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm&cd12=Illinois%20Supreme%20Court%20to%20decide%20if%20police%20may%20search%20vehicles%20based%20on%20smell%20of%20marijuana%20or%20if%20it%E2%80%99s%20an%20%E2%80%98aroma%20of%20legality%E2%80%99&cd13=Robert%20McCoppin&cd14=Robert%20McCoppin&cd15=2024-01-19%2005%3A00&cd16=2024-01-19%2005%3A00&cd17=chicago-tribune&cd18=Chicago%20Tribune&cd19=KMMOS37SFFEINL2PL24RBB3BZM&cd20=KMMOS37SFFEINL2PL24RBB3BZM&cd21=(none)&cd22=(none)&cd29=(none)&cd30=(none)&cd34=(none)&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&cd44=1025%7C%7C1223&cd95=(none)&cd96=signed-out&cd97=0&cd98=(none)&cd99=(none)&cd100=(none)&cd102=(none)&cd103=(none)&cd119=metered&cd123=no%20subtype&cd124=(none)&cd127=image&cd135=stories&cd139=&cd162=951&cd163=%2Fmarijuana%2Fillinois&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cm26=1&z=1850431917
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 20:24:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62662
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 95D4
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:24:01 GMT
x-content-type-options
nosniff
age
62698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20960
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:24:01 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 95D4
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:24:01 GMT
x-content-type-options
nosniff
age
62698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:24:01 GMT
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
11 KB
3 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&bctempid=&overruleReferrer=&time=2024-01-19T03%3A48%3A59-10%3A00&ts=1705672139257
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
5434522c8761b36afc7dcb489bee6c4a3e76aae979f038b208cde46dc266880e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1570
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
iRNOHFn3WSPAqt79U5aUJYVV1HD1MFdr0Nu6IteonXRLoOaRhWShEQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tag
mng-trib-tagan.adlightning.com/
0
445 B
Ping
General
Full URL
https://mng-trib-tagan.adlightning.com/tag?s=bl&d=eyJzaXRlSWQiOiJtbmctdHJpYiIsInVybCI6Imh0dHBzOi8vd3d3LmNoaWNhZ290cmlidW5lLmNvbS9tYXJpanVhbmEvaWxsaW5vaXMvY3QtaWxsaW5vaXMtbWFyaWp1YW5hLW9kb3Itc3VwcmVtZS1jb3VydC1kZWNpZGUtdmVoaWNsZS1zZWFyY2gtMjAyNDAxMTkta21tb3MzN3NmZmVpbmwycGwyNHJiYjNiem0tc3RvcnkuaHRtbCIsImFkVW5pdCI6InRibC1vYnNlcnZlLTE5IHRibC1vYnNlcnZlLTIxIiwiYWRTZXJ2ZXJEZXRhaWxzIjp7ImFkdmVydGlzZXJJZCI6Im4vYSIsImNhbXBhaWduSWQiOiJuL2EiLCJjcmVhdGl2ZUlkIjoibi9hIiwibGluZWl0ZW1JZCI6Im4vYSIsImFkU2VydmVyIjoiVGFib29sYSJ9LCJ3diI6IjEuMC4wKzI4MDVlNDYiLCJidiI6InVuZGVmaW5lZDt1bmRlZmluZWQiLCJibGFja2xpc3REYXRhIjp7ImFjdGlvbiI6MTAsImFjdGlvbkRldGFpbHMiOiJoZWFsdGgtaGVhZGxpbmUuY29tIiwicmVwb3J0UmF0aW8iOjEsInJlcG9ydE1hcmt1cCI6dHJ1ZSwiaXRlbXMiOlt7Imhvc3RuYW1lIjoiaGVhbHRoLWhlYWRsaW5lLmNvbSIsInRva2VuIjoiIiwiYWN0aW9uIjoxMH0seyJob3N0bmFtZSI6ImhlYWx0aC1oZWFkbGluZS5jb20iLCJ0b2tlbiI6IiIsImFjdGlvbiI6MTB9XSwibWFya3VwIjoiPGRpdiBvYnNlcnZlaWQ9XCJ0Ymwtb2JzZXJ2ZS0xOSB0Ymwtb2JzZXJ2ZS0yMVwiIGRhdGEtaXRlbS1pZD1cIn5%2BVjF%2Bfi03Nzc4MDMzNzI3NzkyNjMzMTJ%2BflNndnlZc1ZoU25NQ01laXZkWWtzd25hMHNCLWk1S0lKcDBna21LTDh4QXpub1p1ZUFzbk0wVVRrcVJpei1vOHV1S2EyX3J1cEw5STBrdngxWFZ1ZnV0MnFLSUpyU05KX0luV0tQVGZZY2d6aThROXhyd0NSVjkxVGlEMzBKaUxuQ1QxY2ZMaDNYLUZnQWR6akR2Ti1aZzRWX25DSXQxZ0FxLUxWWXBNRS1DeWFpUElOUHNCVktmLWU1MDdBNlMxVVRTOE1hdXgyaldDMWdSVTNueDVBN3JFVnh1T1dLV2hyUXp2WEhnUUVyNnZvWUQ2MHFWWXpLQl85dVpxY0hsd0hcIiBkYXRhLWl0ZW0tdGl0bGU9XCJEb2N0b3JzIFN0dW5uZWQ6ICZhbXA7IzM5O0FudGktTGF6eSZhbXA7IzM5OyBEcm9wcyBBcmUgTm93IFNvbGQgV2l0aG91dCBSeFwiIGRhdGEtaXRlbS10aHVtYj1cImh0dHA6Ly9jZG4udGFib29sYS5jb20vbGlidHJjL3N0YXRpYy90aHVtYm5haWxzLzc1MWZjMmExODM0MDUzMDc3ODY0NzgxZjYzMjYwODc1LmpwZ1wiIGRhdGEtaXRlbS1zeW5kaWNhdGVkPVwidHJ1ZVwiIGNsYXNzPVwidmlkZW9DdWJlIHRyY19zcG90bGlnaHRfaXRlbSBvcmlnaW4tdW5kZWZpbmVkIHRodW1ibmFpbF90b3Agc3luZGljYXRlZEl0ZW0gdGV4dEl0ZW0gdmlkZW9DdWJlXzFfY2hpbGQgdHJjLWZpcnN0LXJlY29tbWVuZGF0aW9uIHRyYy1zcG90bGlnaHQtZmlyc3QtcmVjb21tZW5kYXRpb24gXCIgYWRsLWNoZWNrPVwidHJ1ZVwiPjxhIGF0dHJpYnV0aW9uc3JjPVwiXCIgdGl0bGU9XCJcIiBocmVmPVwiaHR0cHM6Ly9nby5oZWFsdGgtaGVhZGxpbmUuY29tL2M5YmZkM2RkLTlkZjQtNDZkMC1hNTk1LWY5ZmJlZDFlMGU2MFwiIHJlbD1cIm5vZm9sbG93IG5vb3BlbmVyIHNwb25zb3JlZFwiIHRhcmdldD1cIl9ibGFua1wiIGNsYXNzPVwiIGl0ZW0tdGh1bWJuYWlsLWhyZWYgXCIgc2xvdD1cInRodW1ibmFpbFwiIHRhYmluZGV4PVwiLTFcIiBhcmlhLWxhYmVsPVwiRG9jdG9ycyBTdHVubmVkOiAnQW50aS1MYXp5JyBEcm9wcyBBcmUgTm93IFNvbGQgV2l0aG91dCBSeFwiPjxkaXYgY2xhc3M9XCJ0aHVtYkJsb2NrX2hvbGRlclwiPjxzcGFuIGNsYXNzPVwidGh1bWJCbG9ja1wiIG9ic2VydmVpZD1cInRibC1vYnNlcnZlLTQ5XCI%2BPHNwYW4gY2xhc3M9XCJ0aHVtYm5haWwtb3ZlcmxheVwiPjwvc3Bhbj48c3BhbiBjbGFzcz1cImJyYW5kaW5nXCI%2BSGVhbHRoIEhlYWRsaW5lczwvc3Bhbj48c3BhbiBjbGFzcz1cInN0YXRpYy10ZXh0IHRvcC1yaWdodFwiPjwvc3Bhbj48L3NwYW4%2BPGRpdiBjbGFzcz1cInZpZGVvQ3ViZV9hc3BlY3RcIj48L2Rpdj48L2Rpdj48L2E%2BPGEgYXR0cmlidXRpb25zcmM9XCJcIiB0aXRsZT1cIlwiIGhyZWY9XCJodHRwczovL2dvLmhlYWx0aC1oZWFkbGluZS5jb20vYzliZmQzZGQtOWRmNC00NmQwLWE1OTUtZjlmYmVkMWUwZTYwXCIgcmVsPVwibm9mb2xsb3cgbm9vcGVuZXIgc3BvbnNvcmVkXCIgdGFyZ2V0PVwiX2JsYW5rXCIgY2xhc3M9XCJpdGVtLWxhYmVsLWhyZWYgdmlkZW8tY3RhLXN0eWxlXCI%2BPHNwYW4gY2xhc3M9XCJ2aWRlby1sYWJlbC1ib3ggdHJjLW1haW4tbGFiZWwgdmlkZW8tbGFiZWwtYm94LWN0YSB2aWRlby1sYWJlbC1ib3gtY3RhLW5vbi1pZVwiPjxzcGFuIGNsYXNzPVwidmlkZW8tbGFiZWwgdmlkZW8tdGl0bGUgdmlkZW8tbGFiZWwtZmxleC1jdGEtaXRlbVwiIHNsb3Q9XCJ0aXRsZVwiPkRvY3RvcnMgU3R1bm5lZDogJ0FudGktTGF6eScgRHJvcHMgQXJlIE5vdyBTb2xkIFdpdGhvdXQgUng8L3NwYW4%2BPHNwYW4gY2xhc3M9XCJicmFuZGluZyBjb21wb3NpdGUtYnJhbmRpbmcgdmlkZW8tYnJhbmRpbmctZmxleC1jdGEtaXRlbVwiIHNsb3Q9XCJicmFuZGluZ1wiPjxzcGFuIGNsYXNzPVwiYnJhbmRpbmctaW5uZXJcIj5IZWFsdGggSGVhZGxpbmVzPC9zcGFuPjxzcGFuIGNsYXNzPVwiYnJhbmRpbmctc2VwYXJhdG9yXCI%2BfDwvc3Bhbj48ZGl2IGNsYXNzPVwibG9nb0RpdiBsaW5rLWRpc2Nsb3N1cmUgIGF0dHJpYnV0aW9uLWRpc2Nsb3N1cmUtbGluay1zcG9uc29yZWQgYWxpZ24tZGlzY2xvc3VyZS1sZWZ0XCI%2BPGEgY2xhc3M9XCJ0cmNfZGVza3RvcF9kaXNjbG9zdXJlX2xpbmsgdHJjX2F0dHJpYnV0aW9uX3Bvc2l0aW9uX2FmdGVyX2JyYW5kaW5nXCIgcmVsPVwibm9mb2xsb3cgc3BvbnNvcmVkIG5vb3BlbmVyXCIgaHJlZj1cImh0dHBzOi8vcG9wdXAudGFib29sYS5jb20vZW4vP3RlbXBsYXRlPWNvbG9yYm94JmFtcDt1dG1fc291cmNlPXRyaWJ1bmVkaWdpdGFsLWNoaWNhZ290cmlidW5lJmFtcDt1dG1fbWVkaXVtPXJlZmVycmFsJmFtcDt1dG1fY29udGVudD10aHVtYnMtZmVlZC0wMWE6YmVsb3ctYXJ0aWNsZS10aHVtYnNfQVJDIHwgQ2FyZCA1OlwiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuPlNwb25zb3JlZDwvc3Bhbj48L2E%2BPGEgY2xhc3M9XCJ0cmNfbW9iaWxlX2Rpc2Nsb3N1cmVfbGluayB0cmNfYXR0cmlidXRpb25fcG9zaXRpb25fYWZ0ZXJfYnJhbmRpbmdcIiByZWw9XCJub2ZvbGxvdyBzcG9uc29yZWQgbm9vcGVuZXJcIiBocmVmPVwiaHR0cHM6Ly9wb3B1cC50YWJvb2xhLmNvbS9lbi8%2FdGVtcGxhdGU9Y29sb3Jib3gmYW1wO3V0bV9zb3VyY2U9dHJpYnVuZWRpZ2l0YWwtY2hpY2Fnb3RyaWJ1bmUmYW1wO3V0bV9tZWRpdW09cmVmZXJyYWwmYW1wO3V0bV9jb250ZW50PXRodW1icy1mZWVkLTAxYTpiZWxvdy1hcnRpY2xlLXRodW1ic19BUkMgfCBDYXJkIDU6XCIgdGFyZ2V0PVwiX2JsYW5rXCI%2BPHNwYW4%2BU3BvbnNvcmVkPC9zcGFuPjwvYT48L2Rpdj48L3NwYW4%2BPGRpdiBjbGFzcz1cInZpZGVvLWN0YS1ocmVmXCI%2BPGJ1dHRvbiB0eXBlPVwiYnV0dG9uXCIgY2xhc3M9XCJ2aWRlby1jdGEtYnV0dG9uIHZpZGVvLWN0YS1zdHlsZVwiIHN0eWxlPVwiYm9yZGVyLWNvbG9yOiBibGFjazsgZm9udC13ZWlnaHQ6IGJvbGQ7XCI%2BQnV5IE5vdzwvYnV0dG9uPjwvZGl2Pjwvc3Bhbj48L2E%2BPC9kaXY%2BIiwibWV0aG9kQmxvY2tlZCI6ImhhbmRsZVRhYm9vbGFBZHMifSwiYmxvY2tlZCI6dHJ1ZSwiY2FsbFN0YWNrIjoiRXJyb3JcbiAgICBhdCBETSAoaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbW5nLXRyaWIvYi0yODA1ZTQ2LTE0NWU4NDJiLmpzOjE6Mjg0MzApXG4gICAgYXQgRHAgKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21uZy10cmliL2ItMjgwNWU0Ni0xNDVlODQyYi5qczoxOjM3OTMzKVxuICAgIGF0IEU0IChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tbmctdHJpYi9vcC5qczoxOjc0NDkpXG4gICAgYXQgT2JqZWN0LkVRIFthcyBiZWZvcmVJbnNlcnRdIChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tbmctdHJpYi9vcC5qczoxOjExNDkzKVxuICAgIGF0IEhUTUxMSUVsZW1lbnQuRVUgW2FzIGFwcGVuZENoaWxkXSAoaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbW5nLXRyaWIvb3AuanM6MToxNjMxNilcbiAgICBhdCBUUkMuX21ha2VSYm94VW5vcmRlcmVkTGlzdCAoaHR0cHM6Ly9jZG4udGFib29sYS5jb20vbGlidHJjL3RyaWJ1bmVkaWdpdGFsLW5ldHdvcmsvbG9hZGVyLmpzOjc4NzoyNilcbiAgICBhdCBodHRwczovL2Nkbi50YWJvb2xhLmNvbS9saWJ0cmMvdHJpYnVuZWRpZ2l0YWwtbmV0d29yay9sb2FkZXIuanM6MjUwNjoxNlxuICAgIGF0IEFycmF5LmZvckVhY2ggKDxhbm9ueW1vdXM%2BKVxuICAgIGF0IHB1Ymxpc2hlci1lbmQgKGh0dHBzOi8vY2RuLnRhYm9vbGEuY29tL2xpYnRyYy90cmlidW5lZGlnaXRhbC1uZXR3b3JrL2xvYWRlci5qczoyNTAzOjI2KVxuICAgIGF0IFRSQy5pbXBsQ2xhc3Nlcy5UUkNSQm94Ljxhbm9ueW1vdXM%2BIChodHRwczovL2Nkbi50YWJvb2xhLmNvbS9saWJ0cmMvaW1wbC4yMDI0MDExOC00MS1SRUxFQVNFLmpzOjE5OjU4MTQxNCkifQ%3D%3D&i=1-1&t=adltag_lrkp5hu8_A2Wi9k0n8Mn&r=28c5438d86b748391daf33de0d9d479&c=mng-trib&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-48.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 07:59:49 GMT
x-amz-version-id
ouWMufNbKmoYI4ZO5Df1D0vnr3en5Fo5
via
1.1 9f302ccf52b583f5eb46c01abcc2772e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
20951
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 16 Nov 2023 21:23:53 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
X42F3aSJJ28NROln4lc9HWTuQt_n7xGRAVWueWXSyPcBadUV0qnUtA==
/
geo.privacymanager.io/
30 B
608 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-111.yul62.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

Accept
application/json
Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Jan 2024 08:30:54 GMT
via
1.1 3200e279ff99ad1800a0dd3b3c8e2d10.cloudfront.net (CloudFront), 1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, YUL62-P1
age
19085
x-amzn-requestid
d559372c-6f92-4c81-ba79-59a80edb5105
x-amzn-trace-id
Root=1-65aa333e-40ee9ef7411ebcbf5ddfaac1;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RxzxwEJYjoEEkJA=
content-length
30
x-amz-cf-id
Wwry5CnRPntF0xLlTmarU9YghiPJP-WcfQ_aIEloF7fPL53KSzIRYQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame
0
0
Preflight
General
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-111.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront), 1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
x-amz-apigw-id
RyiX3G0GDoEEZ5g=
x-amz-cf-id
TOltHbEO51wVx7MFz6G3dDJx__Yb09HNGEBde5lK68sI-krq2DuWNw==
x-amz-cf-pop
YUL62-C2 YUL62-P1
x-amzn-requestid
50d29306-8957-4058-b8eb-81e781533dfa
x-cache
Miss from cloudfront
serviceiframe
news.google.com/swg/ui/v1/ Frame DDB7
17 KB
7 KB
Document
General
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1705672139463&sut=Ab9pFDazi%2FD0MePXw8tdcNNnsYxA16R9qGYo%2FgOeLRBUxSNfrIzji%2Btv6BB%2Buy49QYiHQjtZCoqxRSbmDY69%2BNrt9BEWAjdRGk5EjXKKodZOAyMm&publicationId=chicagotribune.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4480e33331a1b012e906d76c1825d6ae300c0b6fa4d1cda7885687f7647326a1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-sAJ_rJz3jybipSO2JpRqxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-sAJ_rJz3jybipSO2JpRqxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Fri, 19 Jan 2024 13:48:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
-710oj34v55h_Gg58QwrAW9kZvh6rWuRmGCjJSYFrTc.js
www.google.com/js/bg/ Frame EC65
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/-710oj34v55h_Gg58QwrAW9kZvh6rWuRmGCjJSYFrTc.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbbd74a23df8bf9e61fc6839f10c2b016f6466f87aad6b919860a3252605ad37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 03:16:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
210774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6910
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 03:16:05 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EC65
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:17:15 GMT
x-content-type-options
nosniff
age
63104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 25 Jan 2024 20:17:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC65
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:16:29 GMT
x-content-type-options
nosniff
age
63150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:16:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC65
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:21:21 GMT
x-content-type-options
nosniff
age
62858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:21:21 GMT
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ Frame AF8E
93 KB
35 KB
Script
General
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-117.yul62.r.cloudfront.net
Software
envoy /
Resource Hash
ab2075a3fa792bf635d66e2f7b5f14ea12e0fc69dda30872fc6035168ba4f9d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
via
1.1 3bff6c700d376f51ba81ef57dc2bd6e6.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
YUL62-C2
vary
Origin,Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
4
x-amz-cf-id
VXkiWDaSuB_Z21H591rO2iZhD86gwxeYetrogb7MqjzQ-LWbq_wWmw==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story...
85 B
194 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&rid=esp&cc=1
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
586d99048ed73602bfb66b9b75d5f3c6dcd8f637f505beb2d4bd208e0353b410

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-qyzkGMJTo/0iNEGmSE2Je1qJ9JE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.chicagotribune.com
location
/esp?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
encrypt
esp.rtbhouse.com/
285 B
559 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
3382451087cc8fedf4501fc59e173c8a5700c5dd049b2b402f98b8a7dea27c29

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
2a6cae90135d0c5972a76bcd30f81f43
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
285
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
383 B
1 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&bctempid=&overruleReferrer=&time=2024-01-19T03%3A48%3A59-10%3A00&ts=1705672139554
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
2eac634c1f9fc692c8d77e151e0a83bd3d5f277d8e448b563e2feae0c320a47e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
181
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
pf1TkOg0Sk91TX_TrqbjrhMWRii6wTFbnlw_arJmDg0WyCVV2CNyXg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
css2
fonts.googleapis.com/
2 KB
440 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6b7fdb86156778e845356bd7e5a5115fa013e525f6ddb6e604b8f31de1f5b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 13:22:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jan 2024 13:48:59 GMT
supply-feature
ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/
0
506 B
Image
General
Full URL
https://ch-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/supply-feature?route=US:CH:V&tvi2=9516&tvi48=-48&tvi50=13622&lti=deflated&ri=8b76f5fcd1533b74464634f03e435965&sd=v2_aad985a32244cd3bb055add9b6408a67_9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a_1705672138_1705672138_CNawjgYQrco9GJC77Y_SMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGibw5uko5yDwdIBcAE&ui=9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a&pi=/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&wi=4349999135296815436&pt=text&vi=1705672138128&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%222098.96875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A48%3A59.579&id=4277&llvl=2&cv=20240118-41-RELEASE&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
webworker.js
www.google.com/recaptcha/api2/ Frame EC65
102 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28bd191bba13945f81b09f2df5f54b9208309f4da0e7bb202c1e61c7adf039b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le9ZMIUAAAAAI5fS3P2dp4pUibhIqYeRd01EJ_Q&co=aHR0cHM6Ly93d3cuY2hpY2Fnb3RyaWJ1bmUuY29tOjQ0Mw..&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=tfasiujnkn7m
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 19 Jan 2024 13:48:59 GMT
envelope
lexicon.33across.com/v1/
42 B
58 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=esp&ver=1.3.0&gpp=DBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
iu3
s.amazon-adsystem.com/ Frame B64B
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise...
405 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&dcc=t
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
41e8c3a8fee9181a498f995942d949653cb52ca4373bea78f05287c9f52615f0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
405
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 19 Jan 2024 13:48:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JN4ED3AQ4CJFAC8RJA06

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 19 Jan 2024 13:48:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ABA8JVKNRTWGD152WTZ0
ads
securepubads.g.doubleclick.net/gampad/
66 KB
25 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3953694465520416&correlator=694778105339119&eid=31079724%2C31079525&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-&gpp_sid=6&iu_parts=4011%2Ctrb.chicagotribune%2Cmarijuana&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705672139635&lmt=1705671180&adxs=315&adys=274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&vis=1&psz=1432x0&msz=1432x0&fws=4&ohw=1600&ga_vid=806039224.1705672138&ga_sid=1705672140&ga_hid=223028646&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRi4wO2P0jFIAFICCGQSGQoKdWlkYXBpLmNvbRi4wO2P0jFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4wO2P0jFIAFICCGQSFwoIcnRiaG91c2UYuMDtj9IxSABSAghkEhQKBW9wZW54GLfA7Y_SMUgAUgIIZA..&dlt=1705672136846&idt=1869&prev_scp=htl_slot%3Dtop_article_fluid%26pos%3D1%26adlite%3Dfalse&cust_params=htlbidid%3D27503%26is_testing%3Dno%26has_ats%3Dtrue%26ss%3Dl%26ref%3Dnone%26ptype%3Ds%26subtype%3Dstories%26site%3Dtrb.chicagotribune%26slug%3Dct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm%26cid%3DKMMOS37SFFEINL2PL24RBB3BZM%26at%3D%26design%3Darcfusion&adks=604058185&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29beb4490953eb97f62f5663ca5f79bc46eea6a46b165ecef579f2169869ba39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25372
x-xss-protection
0
google-lineitem-id
992535056
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
113579445896
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9516acb358add85bb1d82b0bdd5c0756.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C029
6 KB
3 KB
Document
General
Full URL
https://9516acb358add85bb1d82b0bdd5c0756.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 13:48:59 GMT
expires
Sat, 18 Jan 2025 13:48:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
map
bcp.crwdcntrl.net/6/
156 B
618 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.6.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-6-220.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5fb9ac579910ab536e751ed81269bc3b689929d2511b1b8c12a4cc35ad5211df

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
x-server
10.40.15.52
access-control-allow-credentials
true
content-length
156
expires
0
tp2
ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
600
content-length
0
date
Fri, 19 Jan 2024 13:48:59 GMT
server
nginx
tp2
ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/
2 B
227 B
XHR
General
Full URL
https://ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:48:59 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:48:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame DDB7
0
25 B
Other
General
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-L6IjS4auAgYMi4BOXYPpgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=1705672139463&sut=Ab9pFDazi%2FD0MePXw8tdcNNnsYxA16R9qGYo%2FgOeLRBUxSNfrIzji%2Btv6BB%2Buy49QYiHQjtZCoqxRSbmDY69%2BNrt9BEWAjdRGk5EjXKKodZOAyMm&publicationId=chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-L6IjS4auAgYMi4BOXYPpgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/ed=1/rs=ABXTjI4kom1xSKBZt1Z_n_HWLxHO26DF_A/ Frame DDB7
745 B
426 B
Stylesheet
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/ed=1/rs=ABXTjI4kom1xSKBZt1Z_n_HWLxHO26DF_A/m=serviceiframeview,_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1705672139463&sut=Ab9pFDazi%2FD0MePXw8tdcNNnsYxA16R9qGYo%2FgOeLRBUxSNfrIzji%2Btv6BB%2Buy49QYiHQjtZCoqxRSbmDY69%2BNrt9BEWAjdRGk5EjXKKodZOAyMm&publicationId=chicagotribune.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:27:17 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AB... Frame DDB7
198 KB
70 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1705672139463&sut=Ab9pFDazi%2FD0MePXw8tdcNNnsYxA16R9qGYo%2FgOeLRBUxSNfrIzji%2Btv6BB%2Buy49QYiHQjtZCoqxRSbmDY69%2BNrt9BEWAjdRGk5EjXKKodZOAyMm&publicationId=chicagotribune.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02a8a793472ec4c530efc75a259ac3ccafad18a1f56e68932ea3d8a2daac8481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71445
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 01:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:27:19 GMT
6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
config.aps.amazon-adsystem.com/configs/ Frame 2CC7
564 B
829 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-94.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
fca1b23045b6c777d30be22aea1e625ed8240bbc298886c7f3c1fce209ebbac2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:33:46 GMT
via
1.1 757f53a116e3bce1cfc7655bc6b1ae8e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
913
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
nrAfPn49zsclMaIKW7MoUTRbuVcyD7bzLyY97Gmtrtoo7DDYLK9UVA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 2CC7
2 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.chicagotribune.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.107.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-107-191.yul62.r.cloudfront.net
Software
Server /
Resource Hash
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 11:25:51 GMT
via
1.1 49a31eb192d176b36bdbd7d7f218656a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
age
8588
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1764
x-amz-cf-id
8r5bAldHfgj8ELvs-A3pUOhMVqsaHDWCY5v61ImWwi1hlglyrSYF9g==
knpez68o75ymrcwc12ap0kok843rordq.png
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/
224 KB
225 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/knpez68o75ymrcwc12ap0kok843rordq.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
469d50d4062e614cc418587b0125a2940cb999b28ba9827f22fa300f55e74edb

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:09:42 GMT
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
16758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
229153
last-modified
Tue, 16 Jan 2024 14:26:44 GMT
server
AmazonS3
etag
"c46aa139f85b941af3d06feb0c252da6"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
AflwACh3YiB2rvVaFmeOg3dF71TP5zdVrvnSTlygJZeqPv0STa9fww==
0_7.29.5D.js
player.sendtonews.com/bidderFiles/
4 KB
2 KB
Script
General
Full URL
https://player.sendtonews.com/bidderFiles/0_7.29.5D.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-48.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6c169dbf34be0654a382729b525a36d66d224d217b7304ee98f60b5e2855141

Request headers

Referer
https://embed.sendtonews.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
DG7VdSjLO9QYldP.wpgsjonv8VAEuGHw
content-encoding
br
via
1.1 0d9fa547d973207140747f5567b6a0fa.cloudfront.net (CloudFront), 1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 12:51:48 GMT
x-amz-cf-pop
IAD61-P3, YUL62-C2
age
5170
x-cache
Hit from cloudfront
last-modified
Tue, 09 Jan 2024 22:43:09 GMT
server
AmazonS3
etag
W/"0ed2a0e0564292e4148668aa0dd61b76"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
-cpyctiIT3MWlaZfN7EHncp9Tw8J-wzLZkfV2JRR4vBveRGBrqB18w==
324988764630309865a69257bb7c07.62849085playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/
305 B
883 B
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/324988764630309865a69257bb7c07.62849085playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f619b5db5fde67c6d3adc8de287afd737e9198b8a20e862f236648562905d09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:16:57 GMT
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
16323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
305
last-modified
Tue, 16 Jan 2024 14:28:34 GMT
server
AmazonS3
etag
"ce2fc3a42ee7b9697bda77b2b02f33b3"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
GmEcd8LUpH7iQdRsym_tXyQfgrylwEb7egsNAHkQ7SFAB80S39Ywlw==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=uBLNlZNf7btMf9rt&instance=298239442&version=7.29.7-Z&age=240119&cmd=IMA&key=7WQ1xQNF-vJYVOHOP&c_id=4591&seq=1&order=5&vIndex=0&absoluteTime=3216.1&relativeTime=1347.1&EXTREF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&REF=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&playerCfg=FL&recoveryMethod=NONE&imaVersion=3.613.0&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.242.242.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-242-79.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/
378 B
682 B
XHR
General
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D3%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-124.compute-1.amazonaws.com
Software
/
Resource Hash
879bc781024f699dc1df4d5c78e103e6768e94a875d7eac185dc0fef072c195f

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Fri, 19 Jan 2024 13:48:59 GMT
connection
keep-alive
x-amzn-RequestId
21315561-8aed-54d3-8cfa-0b450ae6a8ad
Content-Length
378
Content-Type
text/xml
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:34:08 GMT
x-content-type-options
nosniff
age
62091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:34:08 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:11:23 GMT
x-content-type-options
nosniff
age
63456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:11:23 GMT
tp2
ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.chicagotribune.com
access-control-max-age
600
content-length
0
date
Fri, 19 Jan 2024 13:48:59 GMT
server
nginx
tp2
ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/
2 B
227 B
XHR
General
Full URL
https://ecollector-tribune.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:48:59 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
st
imprchmp.taboola.com/ Frame 14B6
531 B
457 B
Document
General
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&cmcv=&pix=undefined&cb=1705672139910&uv=3373&tms=1705672139910&abt=adxsub-out_vA!adxsub-out_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=17e8c5c3-4098-446f-8a2c-888aaf2bc091&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a3c1e3853ef1b0e2c22faf221e7d93dbd774af6df2915cbf7483272d6c9f098

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 19 Jan 2024 13:48:59 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760033-MIA
x-timer
S1705672140.927176,VS0,VE32
sync
ch-match.taboola.com/ Frame E352
531 B
616 B
Document
General
Full URL
https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
690c68b9897f318844a2f28a0e56d24a1abb22d38fbc076d7adeaa0eac7c50b8

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 19 Jan 2024 13:48:59 GMT
machineid
3801
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_7_3/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_3/assets/css/cmOsUnit.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime
1704535352
date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
Z953FXQ7HE8YD6PN
age
1136710
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1704535353
x-amz-meta-mode
33188
content-length
7921
x-amz-id-2
QSok9gmKn9SFsvZM+2V7EbvUyV6iVYbBZ8EXrleHVc4uBCiU+QteGhvZlADrKmT4JVWanxDchs4=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Sat, 06 Jan 2024 10:02:34 GMT
server
AmazonS3-br
x-timer
S1705672140.942056,VS0,VE0
etag
"f7b7155f1c129d09779b1ec80bc9bb24"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
763962
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_7_3/infra/
484 KB
101 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagFEED_MANAGER.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4a22a285f4b33ee0625fd971bc53ee27c3c43748bba6e2116487eb118e11f446

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime
1704535338
date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
PBS9CGP07STNS4VE
age
1136703
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1704535339
x-amz-meta-mode
33188
content-length
102759
x-amz-id-2
SZVFGr4NsgZXLPvXXCcIeg811WjnK74yUgeTtKq/EZ/uoYq1peTQza74BVI+8ftQalvOrTMDwkM=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Sat, 06 Jan 2024 10:02:20 GMT
server
AmazonS3-br
x-timer
S1705672140.943063,VS0,VE0
etag
"51fd5693766aab73f60a78c537583640"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
98425
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 2CC7
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-29-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 19 Jan 2024 14:03:59 GMT
ima.js
cdn-ima.33across.com/ Frame 2CC7
10 KB
4 KB
Script
General
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
150213
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
847f89dabeba67b7-MIA
expires
Mon, 22 Jan 2024 13:48:59 GMT
hadron.js
cdn.hadronid.net/ Frame 2CC7
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ref=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&_it=amazon&partner_id=694
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
413
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
847f89db3f6a029b-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
pr
s.amazon-adsystem.com/v3/ Frame DA53
4 KB
5 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ab92b18a59665c47cc5f96d3fbc51c8f534d7e502311a05f9c842ec06badd8ba
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4571
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
AV2H96KXHSVCKEQNZA4H
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 14B6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=af5608ad-d911-4701-ba5f-8e2d06b27589
0
389 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=af5608ad-d911-4701-ba5f-8e2d06b27589
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&cmcv=&pix=undefined&cb=1705672139910&uv=3373&tms=1705672139910&abt=adxsub-out_vA!adxsub-out_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=17e8c5c3-4098-446f-8a2c-888aaf2bc091&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
36
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760033-MIA
server
nginx
x-timer
S1705672140.085907,VS0,VE36
x-fastly-to-nlb-rtt
35013
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=af5608ad-d911-4701-ba5f-8e2d06b27589
date
Fri, 19 Jan 2024 13:49:00 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame 14B6
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524188000V10
0
373 B
Image
General
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524188000V10
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&cmcv=&pix=undefined&cb=1705672139910&uv=3373&tms=1705672139910&abt=adxsub-out_vA!adxsub-out_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=17e8c5c3-4098-446f-8a2c-888aaf2bc091&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61980

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524188000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 19 Jan 2024 13:49:00 GMT
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 14B6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bDLychtE2oRcsWss8cbcXiKKY2VlEgYq_lcfKQ--~A
0
373 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bDLychtE2oRcsWss8cbcXiKKY2VlEgYq_lcfKQ--~A
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&cmcv=&pix=undefined&cb=1705672139910&uv=3373&tms=1705672139910&abt=adxsub-out_vA!adxsub-out_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=17e8c5c3-4098-446f-8a2c-888aaf2bc091&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61980

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bDLychtE2oRcsWss8cbcXiKKY2VlEgYq_lcfKQ--~A
content-length
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame E352
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=af5608ad-d911-4701-ba5f-8e2d06b27589
0
69 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=af5608ad-d911-4701-ba5f-8e2d06b27589
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
32
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 varnish
x-served-by
cache-mia-kmia1760033-MIA
server
nginx
x-timer
S1705672140.119728,VS0,VE32
x-fastly-to-nlb-rtt
29941
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=af5608ad-d911-4701-ba5f-8e2d06b27589
date
Fri, 19 Jan 2024 13:49:00 GMT
server
Kestrel
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E352
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-5W77469E2oSRELPifTtpNXQKfSRdpmhxkRvdyg--~A
0
373 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-5W77469E2oSRELPifTtpNXQKfSRdpmhxkRvdyg--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61980

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-5W77469E2oSRELPifTtpNXQKfSRdpmhxkRvdyg--~A
content-length
0
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame E352
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524113000V10
0
373 B
Image
General
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524113000V10
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67398

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524113000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 19 Jan 2024 13:49:00 GMT
db_sync
px.ads.linkedin.com/ Frame AF8E
Redirect Chain
  • https://idsync.rlcdn.com/712559.gif?partner_uid=6b114a43-92be-4fc9-92f5-f8bb09101cdd
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDZiMTE0YTQzLTkyYmUtNGZjOS05MmY1LWY4YmIwOTEwMWNkZBAAGg0IzPuprQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cd2a7a2521e4235ea538efd270eca1ef9edf7e3d9dc8e892bb5bc9e033676f44791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cd2a7a2521e4235ea538efd270eca1ef9edf7e3d9dc8e892bb5bc9e033676f44791426b5417dce21&rand=07509854
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cd2a7a2521e4235ea538efd270eca1ef9edf7e3d9dc8e892bb5bc9e033676f44791426b5417dce21&rand=07509854&expected_cookie=40bcedee-f476-4a75-b08e-3c47ba525c90
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=cd2a7a2521e4235ea538efd270eca1ef9edf7e3d9dc8e892bb5bc9e033676f44791426b5417dce21&rand=07509854&expected_cookie=40bcedee-f476-4a75-b08e-3c47ba525c90
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 64FD932909254D51A789D6E9040FB53B Ref B: MIAEDGE1506 Ref C: 2024-01-19T13:49:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPTL4LyFcJzDkAMIu6NQ==

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D46FC3428F854B34A21AD1BD9B0BE815 Ref B: MIAEDGE1506 Ref C: 2024-01-19T13:49:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=cd2a7a2521e4235ea538efd270eca1ef9edf7e3d9dc8e892bb5bc9e033676f44791426b5417dce21&rand=07509854&expected_cookie=40bcedee-f476-4a75-b08e-3c47ba525c90
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPTL4J9UMuLbN23SsXYg==
pd
google-bidout-d.openx.net/w/1.0/ Frame 00CE
725 B
870 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1d15c4c95f6262b7bf7147fb6086e8c4b948d3f9dcd8db8199095b79d91b5785

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
452
content-type
text/html
date
Fri, 19 Jan 2024 13:49:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
324988764630309865a69257bb7c07.62849085.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/
649 B
1 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/324988764630309865a69257bb7c07.62849085.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a273cb605b12cece1b2553c8b15c9c540b8792ef54225fe11d7f0ca1c0da13b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:16:57 GMT
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
16324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
649
last-modified
Tue, 16 Jan 2024 14:28:34 GMT
server
AmazonS3
etag
"707621b9af93d4a6757b07c42f96e698"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
ospJYyFnfAPAsqX_eCbSYxlqrbYNpKFSur8wKQMIGDQnfamFF8ohgA==
campaigns
cdn.ads-flipp.com/flyer-locator-service/ Frame AF8E
234 B
649 B
Fetch
General
Full URL
https://cdn.ads-flipp.com/flyer-locator-service/campaigns
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-110.yul62.r.cloudfront.net
Software
envoy /
Resource Hash
ebd99e04866a4c3d4ba640525753d0a33aefad222968799e05fcede5bdb2878f

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

x-trace-id
vOV2dlLn5HBRC2iVVrJb3v2bq4OFEynK5DyRo7gAVGGmliqDeW1aHw==
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
YUL62-C2
vary
Origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
21
content-length
234
x-amz-cf-id
vOV2dlLn5HBRC2iVVrJb3v2bq4OFEynK5DyRo7gAVGGmliqDeW1aHw==
i
www.i.matheranalytics.com/
43 B
245 B
Image
General
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Illinois%20Supreme%20Court%20to%20decide%20if%20cops%20may%20search%20vehicles%20over%20pot%20odor&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=fusion&tid=c30f7dd4-9b6b-4548-a55a-885bc9d4e5e1&pid=5e865060-1c61-4e45-a930-a7624a692e88&dtm=1705672140080&qnm=_matherq&visible=1&tabid=82fcaf5f-5ef4-49f3-b389-132a21545f04&url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&vp=1600x1200&ds=1600x5044&tofa=1705672138&vid=1&lvidt=1705672138&duid=5456eb42-3e36-438e-bc0c-62e5bed2414b&fp=3413462137&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoiY29udGVudCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJUb2FzdGVyIiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vNTMiLCJvdXRjb21lTGFiZWwiOiJCLUNULVpJUC1ELU4tVHN0In1dLCJtZXRlciI6e30sInRyaWFsVHJhY2tpbmdEZXRhaWwiOnt9LCJ2ZW5kb3IiOiJ6ZXBociIsInR5cGUiOiJwYXl3YWxsIiwiZmxvd3JlZiI6eyJkYXkwIjp7ImZsb3ciOiJwYXl3YWxsIiwidGlkIjoiZGRiYTUwZmYtMmFjMi00MGMxLTlkYTktNzkwOWM4N2ZiZTRlIiwidGltZSI6IjE3MDU2NzIxMzkifSwiZGF5NSI6eyJ0aW1lIjoiMTcwNTY3MjEzOSJ9LCJkYXkzMCI6eyJ0aW1lIjoiMTcwNTY3MjEzOSJ9fX0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODA2MDM5MjI0IiwicmVmVGltZSI6IjE3MDU2NzIxNDAwNzkifV0sImF1ZGllbmNlIjpbeyJwcm92aWRlciI6InVzZXJEQiIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6IjVlODY1MDYwLTFjNjEtNGU0NS1hOTMwLWE3NjI0YTY5MmU4OCJ9LHsicHJvdmlkZXIiOiJpU2VncyIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6IjVlODY1MDYwLTFjNjEtNGU0NS1hOTMwLWE3NjI0YTY5MmU4OCJ9XX0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.159.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-159-66.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 19 Jan 2024 13:49:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
m=W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame DDB7
131 KB
44 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd829029d2e658294db89024b1cdd87d2f2460abc9e5e6fa4efaed2181108ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45055
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:17:27 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame DDB7
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fa367d34569889ac9e1e8bb31eca0070e5fc83593e767664a7df5932209ba6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:35:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1826
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:35:06 GMT
ecm3
s.amazon-adsystem.com/ Frame DA53
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3486737401524143000V10
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3486737401524143000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QZEZC7PY5CZCHS8V8JXG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3486737401524143000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 19 Jan 2024 13:49:00 GMT
ecm3
s.amazon-adsystem.com/ Frame DA53
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=4245a32d7d
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=4245a32d7d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MRD5DCYBPHM115JAJHDB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 19 Jan 2024 13:48:20 GMT
via
1.1 9a6f07a84b60a85466bb31603767843c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
40
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=4245a32d7d
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ZALlcDkafayBNwM0vPNpNensAqw_sX3AyQY-V-Hgp25fM6SKn93TWg==
/
onetag-sys.com/match/ Frame DA53
0
198 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.9/
429 KB
81 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.9/OvaMediaPlayer.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
0ce49c63580738406cf9dde96aca7fd4590b863d0206d274178765078ba47049

Request headers

Referer
https://www.chicagotribune.com/
Origin
https://www.chicagotribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime
1705312862
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
4XH4SNM355A1ZY3B
age
359196
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1705312875
x-amz-meta-mode
33188
content-length
82335
x-amz-id-2
9MJ+i0s9R6WcsMDqDXCXz6K3uYnh0neDvbjr5BVbuIXjW57hQpT0x04qZ8k/d9zdMpFeRuGMpbE=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Mon, 15 Jan 2024 10:01:16 GMT
server
AmazonS3-br
x-timer
S1705672140.175732,VS0,VE0
etag
"cdbb18503fee62a5fdd5ee5f4ace9925"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
124505
sync
ch-match.taboola.com/ Frame E403
520 B
605 B
Document
General
Full URL
https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
48e5e7b0ac8673aecdc794f8379d9211aeb61a232a41c0bc9fa3daad6c109ad7

Request headers

Referer
https://www.chicagotribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 19 Jan 2024 13:49:00 GMT
machineid
3801
server
nginx
beacons
p.flipp.com/ Frame AF8E
0
0
Fetch
General
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-61.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
x-amz-cf-id
DnVHd5h8mNpTtR6VSh94OT2-tusvM0Hfrx4oLMSI-UEfMc6fWkDapg==
envelope
lexicon.33across.com/v1/ Frame 2CC7
42 B
58 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&src=aps&ver=1.3.0&gpp=DBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA%7EBP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA%7E1YN-&gpp_sid=6
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 19 Jan 2024 13:48:59 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
amzns2s
rtb.gumgum.com/usync/ Frame E260
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.160.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-160-26.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7054e9ff15ada74061b157c6c0ca6c15a41190bd178a49e4cf9b59d75088ae18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 19 Jan 2024 13:49:00 GMT
etag
W/"0d91df815bb9170ab431025a6e5d6b225"
server
nginx
timing-allow-origin
*
sync-iframe
cs-tam.minutemedia-prebid.com/ Frame 1982
4 KB
5 KB
Document
General
Full URL
https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:1000:17:c484:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9dfeecf1f5ac97918efd75174c242389d32601c8a385026998c5e3e8cd89622f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-tam.minutemedia-prebid.com
content-type
text/html
date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
via
1.1 e056667803f42a500c6219d1a1a97d86.cloudfront.net (CloudFront)
x-amz-cf-id
9395EWsb5E9gZvp5gEQG20OTqULtW7V62Hb57A8fBjOgzh_LzbbClQ==
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
cm
u.openx.net/w/1.0/ Frame A9D0
867 B
830 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1ee131d129c68325349acf5a7218356d15639414a8469da821540f2d8ae8d9c1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
528
content-type
text/html
date
Fri, 19 Jan 2024 13:49:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame BFBC
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747110656901291457&gdpr=0&gdpr_consent=
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747110656901291457&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
K1SG4HM2C5SH18Q35W3D

Redirect headers

content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=747110656901291457&gdpr=0&gdpr_consent=
usersync.html
cdn.undertone.com/js/ Frame C317
13 KB
4 KB
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:3c00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3505
content-encoding
gzip
content-type
text/html
date
Fri, 19 Jan 2024 12:50:36 GMT
etag
W/"c0ad5bceb34dc473809dd23603a31cec"
last-modified
Wed, 13 Dec 2023 14:37:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0012c469abc357ca0c936faaf17aa31a.cloudfront.net (CloudFront)
x-amz-cf-id
zmq5Kkxwz1tYvEqW6HCPy2tTQetd4T6JQch7CMiPn3N_NStDCAgBRg==
x-amz-cf-pop
YUL62-C2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
FpPUYNzys4ObbGRuHL8tOpxgUSayXD44
x-cache
Hit from cloudfront
/
match.sharethrough.com/jwumXNuB/v1/ Frame C088
880 B
1 KB
Document
General
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.125.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-125-247.compute-1.amazonaws.com
Software
/
Resource Hash
9e2cd5cf5ac2a6b89e15b8cce5a8101933df50f00c9edab5c4b916a5fc26a32f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
880
date
Fri, 19 Jan 2024 13:49:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 275A
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76187
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 19 Jan 2024 13:49:00 GMT
expires
Sat, 20 Jan 2024 10:58:47 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 38B1
1 KB
1 KB
Document
General
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.66.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-66-82.compute-1.amazonaws.com
Software
/
Resource Hash
aa960feba6b3eb0b485b606c7772798fcff550a32b19ae0b7d7f5ea0b410972e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 19 Jan 2024 13:49:00 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame B94F
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 13:49:00 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 3BE1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11RWc0X0YxRTJ1SVZnc3lQUnBRNk91RHYxS29jT05VR35B&gdpr=0
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11RWc0X0YxRTJ1SVZnc3lQUnBRNk91RHYxS29jT05VR35B&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
HS55RPRBGX5G9995WFN8

Redirect headers

age
0
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS11RWc0X0YxRTJ1SVZnc3lQUnBRNk91RHYxS29jT05VR35B&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
dinitsync
crb.kargo.com/api/v1/ Frame D18C
0
288 B
Document
General
Full URL
https://crb.kargo.com/api/v1/dinitsync?partners=A9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.81.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-81-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin
x-accel-expires
0
ecm3
s.amazon-adsystem.com/ Frame D7E6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%2524UID%26ex%3Dappnexus.com%26gdpr%3D0
  • https://s.amazon-adsystem.com/ecm3?id=7519615932400280823&ex=appnexus.com&gdpr=0
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=7519615932400280823&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3SJXTXE93D909B9V17SK

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
b2e921b7-da46-4a7c-8423-2bd4e5713fde
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 19 Jan 2024 13:49:00 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=7519615932400280823&ex=appnexus.com&gdpr=0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
38.132.118.73; 38.132.118.73; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 20F0
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
1 KB
1 KB
Document
General
Full URL
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e35a8d4b011d3286bffa7bd82d942eb9aba91825d5bd838791a1ff53614e0101

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
540
Content-Type
text/html
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1dca1
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 8a771ca27e5a3c9e06b12b7af5d25aa4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MIA3-C3
age
1838732
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1705672140.259656,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
9EiAiFBVwZHmI3fGR78C7ATwwbmsDL1GB2xMpa136dVc18QTTk7V4g==
x-cache-hits
1084698
c073379f-e443-e5c1-da86-860eb901980b
pr-bh.ybp.yahoo.com/sync/openx/ Frame 00CE
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c073379f-e443-e5c1-da86-860eb901980b?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:75af:f069:585e:f21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 00CE
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0c622da6-6845-cc72-2b5f-126c2e659ea2
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
337NR8BPC02YB4CNY9RP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 00CE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=54b451db-74ef-7788-eb51-90fb46565542&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=af5608ad-d911-4701-ba5f-8e2d06b27589&ttd_puid=54b451db-74ef-7788-eb51-90fb46565542&gdpr=0&gdpr_consent=
43 B
306 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=af5608ad-d911-4701-ba5f-8e2d06b27589&ttd_puid=54b451db-74ef-7788-eb51-90fb46565542&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=af5608ad-d911-4701-ba5f-8e2d06b27589&ttd_puid=54b451db-74ef-7788-eb51-90fb46565542&gdpr=0&gdpr_consent=
date
Fri, 19 Jan 2024 13:49:00 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 00CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzhkYjgyMTEtYmQ5OC0yOTJjLWZlYjEtY2E0MjhjYjQ5YjIy
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzhkYjgyMTEtYmQ5OC0yOTJjLWZlYjEtY2E0MjhjYjQ5YjIy&google_tc=
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzhkYjgyMTEtYmQ5OC0yOTJjLWZlYjEtY2E0MjhjYjQ5YjIy&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzhkYjgyMTEtYmQ5OC0yOTJjLWZlYjEtY2E0MjhjYjQ5YjIy&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 00CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOKSGjJoo3T6Lwg-RebUVL8&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOKSGjJoo3T6Lwg-RebUVL8&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOKSGjJoo3T6Lwg-RebUVL8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ats.js
ats-wrapper.privacymanager.io/ats-modules/ef418cbd-4cde-4f15-b109-09a2e2f0c985/
159 KB
52 KB
Script
General
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/ef418cbd-4cde-4f15-b109-09a2e2f0c985/ats.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-3.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a279f09619c0564f394333bad7eed4ff0bcb434c0c90a78360ae4c340a194c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
D8pYJxK9ICH1ql2ed_BjBaKBtVgM3GKl
content-encoding
gzip
via
1.1 fbdc01f132101cb05310363b09502a86.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 13:35:46 GMT
last-modified
Thu, 14 Dec 2023 12:29:22 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
795
x-amz-server-side-encryption
AES256
etag
W/"cd9700b7d0425879cee234202873253b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
SvLHrkJRUfNCauFVpBrelRjBCs2vxk65MbNFE8D_9JGLowod2v8zAA==
bulk
trc.taboola.com/tribunedigital-chicagotribune/log/3/
0
623 B
XHR
General
Full URL
https://trc.taboola.com/tribunedigital-chicagotribune/log/3/bulk?tvi2=9516&tvi48=-48&tvi50=13622&route=US%3ACH%3AV&lti=deflated&bulkSize=11
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240118-41-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
46
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
34147
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760033-MIA
pragma
no-cache
server
nginx
x-timer
S1705672140.296785,VS0,VE46
content-type
image/gif
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
324988764630309865a69257bb7c07.62849085-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/
545 KB
546 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/324988764630309865a69257bb7c07.62849085-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5305aaccbc382fb52ae0a1f144049762378d831f3037daa6b24568e0f09be6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:24:07 GMT
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
15894
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
558172
last-modified
Tue, 16 Jan 2024 14:28:18 GMT
server
AmazonS3
etag
"acbe5d07bb80b71ff3d3bb045d1aacf2"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
o7gY2VJcHekA2Gllijxe6J4YY9klnccwoVFSGU1aCLQn9wzfa9XOmQ==
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 1B26
3 KB
3 KB
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
38b61616241485eb77e31163c5823ad28536f8a6a3dc816a0e45371fd60572e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
ecm3
s.amazon-adsystem.com/ Frame 76B9
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=807143988169548681215
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=807143988169548681215
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SA49GQCEGFEYKWEQTG0W

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=807143988169548681215
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.chicagotribune.com&url=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.chicagotribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
847f89dd3f545c7c-MIA
content-length
0
content-type
application/json
date
Fri, 19 Jan 2024 13:49:00 GMT
debug
OPTIONS block
expires
Sat, 18 Jan 2025 13:49:00 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ Frame 2CC7
103 B
292 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.chicagotribune.com&url=https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ref=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&_it=amazon&partner_id=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f25e5ffa2192907bd3d6a53115ba872c84831dbf2ea103607a49e719b077edca

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
847f89ddb81e5c7c-MIA
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E403
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bDLychtE2oRcsWss8cbcXiKKY2VlEgYq_lcfKQ--~A
0
373 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bDLychtE2oRcsWss8cbcXiKKY2VlEgYq_lcfKQ--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67398

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bDLychtE2oRcsWss8cbcXiKKY2VlEgYq_lcfKQ--~A
content-length
0
/
sync.taboola.com/sg/medianetrtb-network/1/rtb-h/ Frame E403
Redirect Chain
  • https://cs.media.net/cksync?cs=69&type=tb&gdpr=0&us_privacy=1---&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fmedianetrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%3Cvsid%3E
  • https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524188000V10
0
373 B
Image
General
Full URL
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524188000V10
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67398

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://sync.taboola.com/sg/medianetrtb-network/1/rtb-h/?taboola_hm=3486737401524188000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 19 Jan 2024 13:49:00 GMT
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame E403
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-wvgZwI9E2uEVVvIHks1rB9hmVLF96FKJ~A&gdpr_in_effect=0
0
373 B
Image
General
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-wvgZwI9E2uEVVvIHks1rB9hmVLF96FKJ~A&gdpr_in_effect=0
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67398

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-wvgZwI9E2uEVVvIHks1rB9hmVLF96FKJ~A&gdpr_in_effect=0
date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame A9D0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=0c622da6-6845-cc72-2b5f-126c2e659ea2&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AFNZCGRKF4ERM7AXSBGE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame A9D0
0
399 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=7a70d252-ac85-4dc1-b876-51f1d1f5a12b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame A9D0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=01722ebd-b9a8-41e8-b428-10087fcd349a
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=01722ebd-b9a8-41e8-b428-10087fcd349a
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=01722ebd-b9a8-41e8-b428-10087fcd349a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=01722ebd-b9a8-41e8-b428-10087fcd349a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame A9D0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7519615932400280823
43 B
97 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7519615932400280823
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
an-x-request-uuid
0d8e5cdd-5f11-4601-a3c7-5d3ffb717158
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7519615932400280823
x-proxy-origin
38.132.118.73; 38.132.118.73; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A9D0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2329117063689986867&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2329117063689986867&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2329117063689986867&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame A9D0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Zap9zAAPq4SdnwBH
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zap9zAAPq4SdnwBH&_test=Zap9zAAPq4SdnwBH
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zap9zAAPq4SdnwBH&_test=Zap9zAAPq4SdnwBH
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760055-MIA
pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705672140.459821,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zap9zAAPq4SdnwBH&_test=Zap9zAAPq4SdnwBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
m=LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame DDB7
236 B
186 B
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:40:32 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame DDB7
1 KB
820 B
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51540eb57b2c3e809c1a6f8609bb3fea3df63ef7b56787365d051e505ecf9b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
794
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:17:27 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame DDB7
19 KB
6 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01b5bedbf089e7be9e47f79a2d73c4270aed84ec81aebe720608ca8ab6d3b13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6507
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:29:54 GMT
get.media
direct.ad.cpe.dotomi.com/w/
68 B
319 B
XHR
General
Full URL
https://direct.ad.cpe.dotomi.com/w/get.media?sid=230221&placement_id=28ac17b1&vpaid=2&m=11
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.9/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:12::500 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
text/html
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
68
expires
0
usync.js
eus.rubiconproject.com/ Frame B94F
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a127b945b9378e8f1dededc5fbabbf87867f3f70862000590e6f0ee2fe2147d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 23:07:06 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33424
Connection
keep-alive
Content-Length
10964
Expires
Fri, 19 Jan 2024 23:06:04 GMT
ecm3
s.amazon-adsystem.com/ Frame C088
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=1a9e26a1-2b43-4078-af0a-9cec0b586930
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BJXW4J0GN3V776XYF9HZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame C088
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.71.125.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-125-247.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=
date
Fri, 19 Jan 2024 13:49:00 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame C088
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MWE5ZTI2YTEtMmI0My00MDc4LWFmMGEtOWNlYzBiNTg2OTMw
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.71.125.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-125-247.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidswitch
sync-dmp.mobtrakk.com/match/ Frame C088
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=sharethrough&bsw=90b242ee-469b-4129-a6f2-7505dc827c92
0
0

v1
match.sharethrough.com/sync/ Frame C088
Redirect Chain
  • https://cs.admanmedia.com/c01d0246d79eba64b8a7cca07e5b7dc7.gif?puid=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DqU...
  • https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=062a562d-3fb0-45aa-8b79-635cfdc66ceb&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=062a562d-3fb0-45aa-8b79-635cfdc66ceb&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.71.125.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-125-247.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Server
nginx
Location
https://match.sharethrough.com/sync/v1?source_id=qUVJTHutDLcyGRS8xfsW2M4g&source_user_id=062a562d-3fb0-45aa-8b79-635cfdc66ceb&gdpr=0&gdpr_consent=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
ovvbundle_moat.js
js.brealtime.com/ Frame E66F
175 KB
56 KB
Script
General
Full URL
https://js.brealtime.com/ovvbundle_moat.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.9/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.64.107.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07743779ae2fa5aad24754153ec3d919d11a7bc7896f8d5f621edad1b54cd1fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:00 GMT
Via
1.1 6fe0f0058c49cec554f0b62c9bb6f0de.cloudfront.net (CloudFront)
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Amz-Cf-Pop
MIA3-P1
Age
961
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 08 Mar 2021 20:03:00 GMT
Server
cloudflare
ETag
W/"c9720c4eb1878a14382004daa0cc2458"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofTTgfEzXRbve%2BBhSIww3XiGDEIEdg8Ek76QlisbAO7c014VvAoPvhrXdkQ%2FH9TqmizBk9eV9ZqtowtQg98tBgcD2HDc2M9KRtnpCvCLMDvO513HDgNO9FaRmYvOHrtXPawg"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=60
CF-RAY
847f89de3fd11277-MIA
X-Amz-Cf-Id
00_c-aX-lByym5fQ2BtXgPK3ch87B5jOKdyO90z8u3rwhJjunbHiVw==
ecm3
s.amazon-adsystem.com/ Frame 38B1
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=VEYw7FFuuwFB2m5r4iEm&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
18BSCSGKF49SJ91YQGMV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 38B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VEYw7FFuuwFB2m5r4iEm
  • https://ads.yieldmo.com/v000/sync?tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
43 B
609 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.236.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-229-2.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
date
Fri, 19 Jan 2024 13:49:00 GMT
server
Kestrel
content-length
181
sync
ads.yieldmo.com/v000/ Frame 38B1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=HIrK5xuEOPP2&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
595 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?userid=HIrK5xuEOPP2&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.236.229.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-229-2.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ads.yieldmo.com/v000/sync?userid=HIrK5xuEOPP2&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-fmrbw
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 38B1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1705672140729
  • https://ad.turn.com/r/cs?pid=45&rndcb=4730692085
  • https://sync.1rx.io/usersync/turn/2329117063689986867?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-16b65a00-7da8-4fc9-a113-ebd14e093...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
0
327 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sync-amz.ads.yieldmo.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
date
Fri, 19 Jan 2024 13:49:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX16b65a007da84fc9a113ebd14e0933c7005
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 38B1
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=VkVZdzdGRnV1d0ZCMm01cjRpRW0=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 38B1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjAwNzlEQzYtOEYwNC00NkQ2LUEzOUMtODY1RTZCMTExMjhD&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
0
327 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sync-amz.ads.yieldmo.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
date
Fri, 19 Jan 2024 13:48:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E260
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7519615932400280823
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7519615932400280823
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
an-x-request-uuid
5abf4de7-88bd-465e-937b-19ae97e48590
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7519615932400280823
x-proxy-origin
38.132.118.73; 38.132.118.73; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E260
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&us_privacy=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=90b242ee-469b-4129-a6f2-7505dc827c92
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=90b242ee-469b-4129-a6f2-7505dc827c92&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=90b242ee-469b-4129-a6f2-7505dc827c92&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=447d9a7f-983b-4e29-8668-10ba39298020%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=af5608ad-d911-4701-ba5f-8e2d06b27589&ttd_puid=447d9a7f-983b-4e29-8668-10ba39298020%2Chttps%253A%252F%252Fx.bidswitch.net%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=gumgum2&bsw_param=90b242ee-469b-4129-a6f2-7505dc827c92
  • https://usersync.gumgum.com/usersync?b=bsw&i=90b242ee-469b-4129-a6f2-7505dc827c92&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=90b242ee-469b-4129-a6f2-7505dc827c92&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=90b242ee-469b-4129-a6f2-7505dc827c92&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 19 Jan 2024 13:49:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame E260
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=a389f5ab-5cfa-4fde-8c2a-80168e065404
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=a389f5ab-5cfa-4fde-8c2a-80168e065404
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=a389f5ab-5cfa-4fde-8c2a-80168e065404
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame E260
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e$ip$38.132.118.73
Date
Fri, 19 Jan 2024 13:49:00 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E260
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-4MMKEGhE2peV2mtQNyQUNVmdR24LEioKfIEF~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-4MMKEGhE2peV2mtQNyQUNVmdR24LEioKfIEF~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-4MMKEGhE2peV2mtQNyQUNVmdR24LEioKfIEF~A
content-length
0
usersync
usersync.gumgum.com/ Frame E260
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=605bf330-bf3d-4752-93c9-9b7b7e088456
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=605bf330-bf3d-4752-93c9-9b7b7e088456
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=605bf330-bf3d-4752-93c9-9b7b7e088456
Date
Fri, 19 Jan 2024 13:49:00 GMT
Connection
keep-alive
X-CI-RTID
318175ca-036b-4bd7-9692-b8be26194e70
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame E260
0
339 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 19 Jan 2024 13:48:59 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame E260
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_374db9ec-2a95-485b-920f-53f9d8e5d435&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=8XO2cwS9Xd6CkXXX86jl&gdpr=0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=8XO2cwS9Xd6CkXXX86jl&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=8XO2cwS9Xd6CkXXX86jl&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame E260
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=4qaGpP0FfUD5&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=4qaGpP0FfUD5&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.225.160.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-160-26.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=4qaGpP0FfUD5&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-5kzvx
expires
-1
usersync
usersync.gumgum.com/ Frame E260
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=747110656901291457
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=747110656901291457
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=747110656901291457
date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E260
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_374db9ec-2a95-485b-920f-53f9d8e5d435
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q69V55VH9E1BJ46ASYKT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
6 KB
2 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&bctempid=&overruleReferrer=&time=2024-01-19T03%3A49%3A00-10%3A00&ts=1705672140433
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
f3c47ba93a22247b51ab1096b4ab259a3bd8651ba1d67255773fd3bfcc603e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1505
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
1rbECFpvtxK9ogUuTUd4u5vZ0-x2TIFlTvTrNIk6x2bpCsJk18D7Wg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame DDB7
164 B
194 B
XHR
General
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-8787908306719951344&bl=boq_subscribewithgoogleclientserver_20240117.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=13741&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71ace2500d5609dbd1dfc05d418a942eb1b973aceaaa32b38fc1c0c136dc4be1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
b-2805e46-145e842b.js
tagan.adlightning.com/mng-trib/ Frame FB3D
67 KB
26 KB
Script
General
Full URL
https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-4.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 18:13:18 GMT
content-encoding
gzip
via
1.1 bd11fded4d6f93b0bab101b7e46c968c.cloudfront.net (CloudFront)
x-amz-version-id
xM0td1wU4vB5LHL37TI_fGNZjW92dlQ9
x-amz-cf-pop
YUL62-P1
age
1971343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25694
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:12:31 GMT
server
AmazonS3
etag
"51ffe63c118533b804d69f2dfd44767d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0jWkX-q3pDJ4ZDP-Emss9BkzDo61kaBBsFoWtFPeimaIBEw0AGCSog==
9089239593776915232
tpc.googlesyndication.com/simgad/ Frame FB3D
52 KB
52 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9089239593776915232
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf7ae5594d7b69e87e8ebf8db4114699053bfecfbd004bfb7332df943055a506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 17 Jan 2025 20:35:56 GMT
date
Thu, 18 Jan 2024 20:35:56 GMT
x-content-type-options
nosniff
age
61984
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53224
x-xss-protection
0
last-modified
Fri, 17 Feb 2017 17:21:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame FB3D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:34:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
62092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 20:34:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame FB3D
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:31:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
62247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 20:31:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FB3D
206 KB
66 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 13:49:00 GMT
usersync
usersync.gumgum.com/ Frame C315
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=6223903298907341552&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6223903298907341552&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6223903298907341552&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 0A45
170 B
232 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8zNzRkYjllYy0yYTk1LTQ4NWItOTIwZi01M2Y5ZDhlNWQ0MzU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 13:49:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E9E8
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76187
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 19 Jan 2024 13:49:00 GMT
expires
Sat, 20 Jan 2024 10:58:47 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0A37
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=af5608ad-d911-4701-ba5f-8e2d06b27589
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=af5608ad-d911-4701-ba5f-8e2d06b27589
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 19 Jan 2024 13:49:00 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=af5608ad-d911-4701-ba5f-8e2d06b27589
server
Kestrel
usersync
usersync.gumgum.com/ Frame 0305
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Zap9zcCo8YwAAEQRlhgAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Zap9zcCo8YwAAEQRlhgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 19 Jan 2024 13:49:01 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Zap9zcCo8YwAAEQRlhgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad372.dc4p.scaleout.jp
X-SO-IP
38.132.118.73
X-SO-Key
Zap9zcCo8YwAAEQRlhgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.73","key":"Zap9zcCo8YwAAEQRlhgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad372"}
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad372
usersync
usersync.gumgum.com/ Frame B072
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 19 Jan 2024 13:49:01 GMT Fri, 19 Jan 2024 13:49:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 9E13
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 13:49:00 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cs
cs-server-s2s.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=287aa52e-d3f2-4b01-9350-f76bd692b10a
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=287aa52e-d3f2-4b01-9350-f76bd692b10a
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-212
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=287aa52e-d3f2-4b01-9350-f76bd692b10a
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=36217f6b5d97c296704a5e1a2518c6cf&gdpr_consent=&gdpr=0
0
329 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=36217f6b5d97c296704a5e1a2518c6cf&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=36217f6b5d97c296704a5e1a2518c6cf&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705672140946087-281
cs
cs-server-s2s.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=ec0a1a27-977d-423d-abaf-023a5646e079&gdpr_consent=null&gdpr=0
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=ec0a1a27-977d-423d-abaf-023a5646e079&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=ec0a1a27-977d-423d-abaf-023a5646e079&gdpr_consent=null&gdpr=0
date
Fri, 19 Jan 2024 13:49:01 GMT
server
_
content-length
0
cookie
cm.adform.net/ Frame 1B26
43 B
106 B
Image
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11606%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$UID
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
nginx
content-length
43
content-type
image/gif
cs
cs.minutemedia-prebid.com/ Frame 1B26
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUIwQzQyRkEtNDdBOS00QUE0LUIxNjUtRjc3OTE4MTcyMjE3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
0
329 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
date
Fri, 19 Jan 2024 13:48:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 1B26
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1705672140730
  • https://ad.turn.com/r/cs?pid=45&rndcb=2925528018
  • https://sync.1rx.io/usersync/turn/2329117063689986867?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-16b65a00-7da8-4fc9-a113-ebd14e093...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
0
329 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
date
Fri, 19 Jan 2024 13:49:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX16b65a007da84fc9a113ebd14e0933c7005
content-type
text/html
cs
cs-server-s2s.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=bcb44d4d-a300-4acd-a016-cc6967ff8101
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=bcb44d4d-a300-4acd-a016-cc6967ff8101
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=bcb44d4d-a300-4acd-a016-cc6967ff8101
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7519615932400280823&gdpr=0&gdpr_consent=
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7519615932400280823&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
an-x-request-uuid
da3f436f-d8af-48be-8bb7-bcfc9e1b5268
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=7519615932400280823&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.73; 38.132.118.73; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=90b242ee-469b-4129-a6f2-7505dc827c92
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=90b242ee-469b-4129-a6f2-7505dc827c92
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=90b242ee-469b-4129-a6f2-7505dc827c92
Date
Fri, 19 Jan 2024 13:49:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
ssc-cms.33across.com/ps/ Frame 1B26
0
73 B
Image
General
Full URL
https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 19 Jan 2024 13:49:00 GMT
server
33XP019
cs
cs-server-s2s.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEYw7FFuuwFB2m5r4iEm&gdpr=0&gdpr_consent=&us_privacy=
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEYw7FFuuwFB2m5r4iEm&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=VEYw7FFuuwFB2m5r4iEm&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=cSRfQsFtSr8C&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B
Image
General
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=cSRfQsFtSr8C&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=cSRfQsFtSr8C&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-6cwdm
expires
-1
cs
cs.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0
0
330 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
14
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0
date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0
cs
cs.yellowblue.io/ Frame 1B26
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=747110656901291457&gdpr=0&gdpr_consent=
0
329 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=747110656901291457&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=747110656901291457&gdpr=0&gdpr_consent=
date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0
cksync.php
contextual.media.net/ Frame 1B26
57 B
478 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-152-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Fri, 19 Jan 2024 13:49:01 GMT
ecm3
s.amazon-adsystem.com/ Frame 1B26
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=NNHke7Ezkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RBF92MWRM6E61JSPDGNC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=747110656901291457&gdpr=0&gdpr_consent=
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=747110656901291457&gdpr=0&gdpr_consent=
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=747110656901291457&gdpr=0&gdpr_consent=
date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=4938548693954675219
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=c1d74cf9-be83-5313-888e-86c8ed24fb04
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=c1d74cf9-be83-5313-888e-86c8ed24fb04
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=c1d74cf9-be83-5313-888e-86c8ed24fb04
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=8def5c04-5d36-4bff-92b4-d09ac3dffd9c
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=8def5c04-5d36-4bff-92b4-d09ac3dffd9c
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
//cs.minutemedia-prebid.com/cs?aid=21503&id=8def5c04-5d36-4bff-92b4-d09ac3dffd9c
date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=4f41ede55d81355272cc99ff46f8a25e
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=4f41ede55d81355272cc99ff46f8a25e
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=4f41ede55d81355272cc99ff46f8a25e
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority
  • https://ad.turn.com/r/cs?pid=45&rndcb=1115412654
  • https://sync.1rx.io/usersync/turn/2329117063689986867?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-16b65a00-7da8-4fc9-a113-ebd14e093...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005
date
Fri, 19 Jan 2024 13:49:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX16b65a007da84fc9a113ebd14e0933c7005
content-type
text/html
ImgSync
image8.pubmatic.com/AdServer/ Frame 1982
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://sync.1rx.io/usersync2/rmpssp?sub=zeta&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlO...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6135810188
  • https://sync.1rx.io/usersync/tradedesk/af5608ad-d911-4701-ba5f-8e2d06b27589
  • https://sync.targeting.unrulymedia.com/csync/RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005?redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3DRX-16b65a00-7da8-4fc9-a113-ebd14e0933c...
  • https://ssp.disqus.com/match?bidder=37&buyeruid=RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005&r=Cid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1...
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS04NWI4ZjRhMS1jY2MyLTNlOTctYmVlOC1kODdkN2RiMmY4YTYQ____________ASpZa...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F748%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D95a3a6e1-87ee-4910-9952-760d20b84127%26bidder%3D...
  • https://prebid.a-mo.net/cchain/0/748?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=95a3a6e1-87ee-4910-9952-760d20b84127&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUN...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F748%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A...
  • https://prebid.a-mo.net/cchain/1/748?us_privacy=1---&gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=95a3a6e1-87ee-4910-9952-760d20b84127&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD...
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F748%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D95a3a6e1-87ee-4910-...
  • https://prebid.a-mo.net/cchain/2/748?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=95a3a6e1-87ee-4910-9952-760d20b84127&bidder=sovrn&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZD...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=605bf330-bf3d-4752-93c9-9b7b7e088456&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=11b3d3b7e67807a8&is_secure=true&networkId=17100&version=1&nuid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACeop8ymoQUgMTBeBMAAAAAAA&expiration=1705758542&nuid=37262AF7-E53C-4453-8BB4-532914A9A862&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0

cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26rid%3DFqTke7xzCp_mm%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&rid=FqTke7xzCp_mm&id=cdedb3df-0b7d-48dc-93c9-890c0655dfa7
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&rid=FqTke7xzCp_mm&id=cdedb3df-0b7d-48dc-93c9-890c0655dfa7
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&rid=FqTke7xzCp_mm&id=cdedb3df-0b7d-48dc-93c9-890c0655dfa7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26rid%3DFqTke7xzCp_mm%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&rid=FqTke7xzCp_mm&uid=VEYw7FFuuwFB2m5r4iEm&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
331 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&rid=FqTke7xzCp_mm&uid=VEYw7FFuuwFB2m5r4iEm&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&rid=FqTke7xzCp_mm&uid=VEYw7FFuuwFB2m5r4iEm&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=cSRfQsFtSr8C&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=cSRfQsFtSr8C&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=cSRfQsFtSr8C&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-6cwdm
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminu...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=9ac29e49bd63493f89357e12ffa0fe2a&ssp=minutemedia&bsw_param=90b242ee-469b-4129-a6f2-7505dc827c92&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=90b242ee-469b-4129-a6f2-7505dc827c92
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=90b242ee-469b-4129-a6f2-7505dc827c92
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21490&id=90b242ee-469b-4129-a6f2-7505dc827c92
Date
Fri, 19 Jan 2024 13:49:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=062a562d-3fb0-45aa-8b79-635cfdc66ceb
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=062a562d-3fb0-45aa-8b79-635cfdc66ceb
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Server
nginx
Location
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=062a562d-3fb0-45aa-8b79-635cfdc66ceb
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://csync.loopme.me/?pubid=11555&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21511&id=3e4a2752-b04d-4fc8-a873-46c32ad71c72&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21511&id=3e4a2752-b04d-4fc8-a873-46c32ad71c72&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21511&id=3e4a2752-b04d-4fc8-a873-46c32ad71c72&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
date
Fri, 19 Jan 2024 13:49:01 GMT
server
_
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26rid%3DFqTke7xzCp_mm%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&rid=FqTke7xzCp_mm&id=807143988169548681215
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&rid=FqTke7xzCp_mm&id=807143988169548681215
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&rid=FqTke7xzCp_mm&id=807143988169548681215
date
Fri, 19 Jan 2024 13:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzcyNjJBRjctRTUzQy00NDUzLThCQjQtNTMyOTE0QTlBODYy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
date
Fri, 19 Jan 2024 13:49:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
/
ssc-cms.33across.com/ps/ Frame 1982
0
72 B
Image
General
Full URL
https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 19 Jan 2024 13:49:00 GMT
server
33XP020
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26rid%3DFqTke7xzCp_mm%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&rid=FqTke7xzCp_mm&id=Zap9zHRhaLqQqx9fV.AJ7QAA%26377
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&rid=FqTke7xzCp_mm&id=Zap9zHRhaLqQqx9fV.AJ7QAA%26377
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7kRuQ5ARXOt0XjIwHUUdq6wk9hmBQHbgKLuiSSa%2Be8ez6w4ppk2JdLfAHahokFpzkIbI7fur5akJj1GUcCH9lhRJ5Vpoc%2BZDe3Nwi5RwsqEWBBa7YFHJct2JP74LafeYV9srTJRZASZDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&rid=FqTke7xzCp_mm&id=Zap9zHRhaLqQqx9fV.AJ7QAA%26377
cache-control
no-cache
cf-ray
847f89e019b99aef-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=1a9e26a1-2b43-4078-af0a-9cec0b586930&gdpr=0
date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3686&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21517&id=36217f6b5d97c296704a5e1a2518c6cf&gdpr_consent=&gdpr=0
0
331 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21517&id=36217f6b5d97c296704a5e1a2518c6cf&gdpr_consent=&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
19
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.minutemedia-prebid.com/cs?aid=21517&id=36217f6b5d97c296704a5e1a2518c6cf&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705672140945081-1215
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/minutemedia/?cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__&s=2
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=niZP2cOnYctfUlkXf7DS
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=niZP2cOnYctfUlkXf7DS
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=niZP2cOnYctfUlkXf7DS
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=7519615932400280823
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=7519615932400280823
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
an-x-request-uuid
8ae292bc-3624-4b2a-81b2-835e5d3dcfc1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=7519615932400280823
x-proxy-origin
38.132.118.73; 38.132.118.73; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=IBIdhPZH0hKsqWxBRTKQ75mx
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=IBIdhPZH0hKsqWxBRTKQ75mx
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Fri, 19 Jan 2024 13:49:01 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=IBIdhPZH0hKsqWxBRTKQ75mx
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 1982
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=287aa52e-d3f2-4b01-9350-f76bd692b10a
0
330 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=287aa52e-d3f2-4b01-9350-f76bd692b10a
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-212
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=287aa52e-d3f2-4b01-9350-f76bd692b10a
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 1982
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=minutemedia.com&id=FqTke7xzCp_mm
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DPT95YJP4E949DZF1DTQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
694
a.ad.gt/api/v1/u/matches/ Frame 2CC7
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&ref=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&_it=amazon&partner_id=694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e852b386d3ae06783482fded53687535e89177a2ec9b80bc9a8d5397a0ff86ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 13:45:55 GMT
server
cloudflare
age
185
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
847f89df7eef746f-MIA
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
383 B
1 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&bctempid=&overruleReferrer=&time=2024-01-19T03%3A49%3A00-10%3A00&ts=1705672140642
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
75a54ec4d564ac9b82d7c73f1415c72422ffb9b2f13150a8305d027805abe8f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
179
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Tmu81kypwIbyfF6VKw77IVLI_SD_29yYJzCzQIZ50GBmYEVqF_AGNA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
417
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/
192 B
1 KB
XHR
General
Full URL
https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/417?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&bcsessionid=1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6&bctempid=&overruleReferrer=&time=2024-01-19T03%3A49%3A00-10%3A00&ts=1705672140644
Requested by
Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-114.yul62.r.cloudfront.net
Software
- /
Resource Hash
18b8456c9d0022c134747eaef46776d891ba1eda3378160ce80b4ea4d9ee124c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
169
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
PxAiiNOmcmqKl50rDV2CVKZ4qAz19AgmsdtmSDOmaY-YiYKkTTRcEQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacons
p.flipp.com/ Frame AF8E
0
0
Fetch
General
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-61.yul62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
x-amz-cf-id
4eCLsd0bgMDJmJMtCeJvEkzwQBLlTBCpUYzGzmX8T-nvy1lcSL3qhA==
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
714 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 varnish
x-amz-request-id
KVAJ6Q009QCW97RM
age
13341
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
DwKR+V0ahyrIfE9ny0MhUhVxsDNtfz7Rh47R2/Ww+5VFFCIAWzGNhBCqKKGZpyPVnlKhUUHGAS0=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1705672141.663881,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
95
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1860
/
onetag-sys.com/usync/ Frame 6F90
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame D1BC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 13:49:00 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame DDB7
109 KB
36 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03827037016737f57d86b93d6de8aeebd412ea68ceaebe1c5e5d588708edc2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37190
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 20:22:24 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1E87
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
0
274 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
847f89dfdfff0a12-MIA
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8DpXX0KvPXsTYXHR0l7MURxtoMw%2Blk5R%2Fvy2o%2BfZIxYrkvbxaOOlm2V9LxgAKjIM%2BlP0%2Bi6%2B4lI2p6Fhhku2oZcY8uNb7SSQO0zYWSJ0tSOOHjIFu0Vgnj9iqxA2V1%2Bin%2B6A%2FFEXg%2FB3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
847f89df5f7d0a12-MIA
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8GtpvpvJMp8Im7Qho6VJ3Jo2x4EMbjh0NsY14mUNZAu8oVmAbWnwx6p71A41YfUgWrPtqgxaRC4lHnYawoM5iNXDal8nRvRB%2Fh7XipdUQaJPriRHKzi1HzkRfEJabFTPwYXwhzB2HxJJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 913E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 13:49:00 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame C317
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=1fd936fc-7440-4beb-81d4-8f3cb1fa7510
0
151 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=1fd936fc-7440-4beb-81d4-8f3cb1fa7510
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
35.173.162.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-162-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0

Redirect headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=1fd936fc-7440-4beb-81d4-8f3cb1fa7510
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame C317
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-mpE.OqJE2uE.LzSbLfKx1lx9VP523lNY~A
0
37 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-mpE.OqJE2uE.LzSbLfKx1lx9VP523lNY~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
35.173.162.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-162-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-mpE.OqJE2uE.LzSbLfKx1lx9VP523lNY~A
date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame C317
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=af5608ad-d911-4701-ba5f-8e2d06b27589&ttl=1708264140
0
151 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=af5608ad-d911-4701-ba5f-8e2d06b27589&ttl=1708264140
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
35.173.162.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-162-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=af5608ad-d911-4701-ba5f-8e2d06b27589&ttl=1708264140
date
Fri, 19 Jan 2024 13:49:00 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame C317
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRKP5HL8-21-EONG
0
139 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRKP5HL8-21-EONG
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
35.173.162.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-162-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRKP5HL8-21-EONG
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
cs
cs.minutemedia-prebid.com/ Frame C317
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDRFMTVCRjEtNTIzNi00OUY3LUJBMUEtNDFGMUNDOUQ4MzFB&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
0
322 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cdn.undertone.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=37262AF7-E53C-4453-8BB4-532914A9A862
date
Fri, 19 Jan 2024 13:49:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame C317
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553
0
162 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
35.173.162.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-162-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-length
0

Redirect headers

date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame C317
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-VzlRv.NE2uGiFlbUgoecV7bp0oHHtEKbiVrDokw-~A
0
161 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-VzlRv.NE2uGiFlbUgoecV7bp0oHHtEKbiVrDokw-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
H2
Server
35.173.162.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-162-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-VzlRv.NE2uGiFlbUgoecV7bp0oHHtEKbiVrDokw-~A
date
Fri, 19 Jan 2024 13:49:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame C317
Redirect Chain
  • https://usr.undertone.com/userPixel/syncr?gdpr=&gdprstr=&partnerId=49&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24UIDENC
  • https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=7pa7z5qns7pzxsczj2k0cxbbv
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=7pa7z5qns7pzxsczj2k0cxbbv
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
298WSM3N0YG985B73W1F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=7pa7z5qns7pzxsczj2k0cxbbv
date
Fri, 19 Jan 2024 13:49:00 GMT
content-length
0
/
onetag-sys.com/usync/ Frame DA2D
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 2C6E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 13:49:00 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 19 Jan 2024 13:49:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 20F0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=IBIdhPZH0hKsqWxBRTKQ75mx&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4HAPNSJH9DCYB3GY3XW2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 20F0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=cSRfQsFtSr8C&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
845 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=49&3pid=cSRfQsFtSr8C&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=cSRfQsFtSr8C&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-6cwdm
expires
-1
merge
ce.lijit.com/ Frame 20F0
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=IBIdhPZH0hKsqWxBRTKQ75mx&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=878771007062
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=66&3pid=878771007062
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=878771007062
Content-Length
0
merge
ce.lijit.com/ Frame 20F0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7519615932400280823&gdpr=0&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7519615932400280823&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
an-x-request-uuid
9229fe1b-33bf-41fb-ab5a-b2e24fec50fa
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=7519615932400280823&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.73; 38.132.118.73; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 20F0
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPUa407f7a53dfb4d8499c827d271fbb100&gdpr=0&gdpr_consent=&pid=103
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?3pid=OPUa407f7a53dfb4d8499c827d271fbb100&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPUa407f7a53dfb4d8499c827d271fbb100&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
4ac47ff1918c5163a9cce45544663444.gif
cs.krushmedia.com/ Frame 20F0
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-matching?id=3673&_fw_gdpr=0&_fw_gdpr_consent=[GDPR_CONSENT]
  • https://cs.krushmedia.com/4ac47ff1918c5163a9cce45544663444.gif?puid=[UID]&redir=[RED]&_fw_gdpr=0&_fw_gdpr_consent=%5BGDPR_CONSENT%5D
0
526 B
Image
General
Full URL
https://cs.krushmedia.com/4ac47ff1918c5163a9cce45544663444.gif?puid=[UID]&redir=[RED]&_fw_gdpr=0&_fw_gdpr_consent=%5BGDPR_CONSENT%5D
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
8.2.110.134 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.krushmedia.com/4ac47ff1918c5163a9cce45544663444.gif?puid=[UID]&redir=[RED]&_fw_gdpr=0&_fw_gdpr_consent=%5BGDPR_CONSENT%5D
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705672141392004-294
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 Jan 2024 13:49:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame DDB7
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 13:49:01 GMT
log
play.google.com/ Frame DDB7
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 13:49:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame DDB7
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 13:49:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame DDB7
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 13:49:01 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
geo.privacymanager.io/
30 B
608 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/ef418cbd-4cde-4f15-b109-09a2e2f0c985/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-111.yul62.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 08:30:54 GMT
via
1.1 3200e279ff99ad1800a0dd3b3c8e2d10.cloudfront.net (CloudFront), 1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, YUL62-P1
age
19086
x-amzn-requestid
d559372c-6f92-4c81-ba79-59a80edb5105
x-amzn-trace-id
Root=1-65aa333e-40ee9ef7411ebcbf5ddfaac1;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RxzxwEJYjoEEkJA=
content-length
30
x-amz-cf-id
CidSM03vuQxnFV6w-BXfDKg94OVGVsZgdzglUtuw6tetg-3vW0_BOA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
moatvideo.js
z.moatads.com/emxsspvideo326487385820/ Frame E66F
330 KB
112 KB
Script
General
Full URL
https://z.moatads.com/emxsspvideo326487385820/moatvideo.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.110.24 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-110-24.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e7a7a7844900f4f74946b5f6fd65cab891175e81f0d79eb03a2907a927cd2bce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 10:57:28 GMT
server
AmazonS3
x-amz-request-id
Z6X3S69H7VPRMZ5Z
etag
"d1ee91b463cd677061b6664bf7f0d07c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=12913
accept-ranges
bytes
content-length
113869
x-amz-id-2
QokSdYLWeyso6DJSJjufx8dji10TABIjpnXsgncGjhQOTQWVsWArp0s//7mV4pqwyUzCySu4DOo=
OpportunityServlet
opps.taboola.com/
1 B
112 B
Ping
General
Full URL
https://opps.taboola.com/OpportunityServlet?rst=41
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-mia-kmia1760033-MIA
date
Fri, 19 Jan 2024 13:49:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1705672141.944982,VS0,VE52
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame FB3D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsserxUj18txoAwj3N1vyEwwq6ADeUcBVXq-ZQzHEMdxGX09tGQqBgUbKU3cdQoQdGP6QbfnehflAm7Y5X5g7yoXI3FOKqI76Mkw11nSjrEphQMM13mmhvXC6ujuyZRmtRmK99oOYRJ3vvro-XUoU1-uOKRYFJOOZSQcl2ZtIoe1MNTN7PNmX7IU3LYYt49q_XFEwgCmD45LrKhMehYekOkh7spEK-PfTTV66B4XUkEER9sPUSyoFb5eNweHUOA_r54vV4ZufWOEPBKrsJ3RBf6jLjpYHP2AEW_boARvaEBBPrhy6unpEuETt6ybEDcXlrKRr45c-mb95C9OEIk1TTAdmWFvwb1hEe-3bwbbePeSnyCSfPDg-LfsJuTJ0s2NBC5sH0WK3RA&sai=AMfl-YTs3tcje8GmMTK3YI6LdvQYX1b9CLQLGcCsuq1UQEbiSs7l5To07zmkWlrvvZFpHWQwHCFbFESwJAZKu1O8zAIUbuvWVUCKr-DrxMnD_3eRBWqMrNd1KEWAAxa7njnfeGBfGC_ft7viHtQUVr7XobA&sig=Cg0ArKJSzKBQDnR5w7PwEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame FB3D
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
211a6432ff9a6ab2146084edfdcfcee4c21318969c2ac10f898573c0ecdaa7ca

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 913E
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a127b945b9378e8f1dededc5fbabbf87867f3f70862000590e6f0ee2fe2147d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 23:07:06 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33423
Connection
keep-alive
Content-Length
10964
Expires
Fri, 19 Jan 2024 23:06:04 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
282 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
111d5bfb1cd693f93a92bfaf5cf42c95066c69cf9106c74f4e0d3e3264976232
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 275A
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26092542&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0e5b64e490da6d911d12e2ac4e309660150606f2677458cfa0fea036959d669a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 19 Jan 2024 13:48:59 GMT
content-length
1731
content-type
text/html; charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame B94F
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:49:01 GMT
x-amz-request-id
YM4DTV0379RTPDRG
age
1345
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
1Z44jl0Vdmsn+djJTix2dCK9QJJhr+yDc72N/xLYl7mu+8pnM/H2XYxxNHcmgp8bnbw8v6vp79M=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1705672141.127097,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4804
eid.es5.js
cdn.taboola.com/scripts/
17 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:49:01 GMT
x-amz-request-id
AS6TTF5DRSZPKKPE
age
22828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
ZuPipVwogOT9XanztYjJDY+Vh2/HY8qDZkOe+1PXGoKP3zS7wSV+7M3PXS/WeABO4PzaNI7IZcI=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1705672141.130110,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
70
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
54286
fraud-detect.js
cdn.taboola.com/scripts/
121 B
364 B
Script
General
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 Jan 2024 13:49:01 GMT
x-amz-request-id
XKY2R4MY1MPFBWBY
age
382
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
wVL5y3sSnV3I0ejly2N8ywYJTdnVvaGMyA/5MvuVp39q8Fk6dGUCj1xZxZuiJhwPQSzAhmE+TFo=
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1705672141.131401,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
6
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1100
view
securepubads.g.doubleclick.net/pcs/ Frame FB3D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviRrYWqNMjKmPOFzOiFYoxcpFOrPlqeLZ-cotqhCzGe-jxR8376RWWFVCPgVTZhtRAtRSo2rC5mNlMizjqb_IRXyBkK4ai2bx5z5bwcdTcpOwulh9ngGDQ-1qEm76yJrqBSRQNooVQxc9Or3zh5fliPFQ8HPh_AzRYI84BR-g2Bu8s7RBBwhLYFyYKdrGxkvTEp0OPY719hAb4q-0gAdjR_UUcegwBGVuIGTakXCQJztOtbnlMmM-ljnNF5PSRQI2c-RsxB4uwHiaaBPVVIYZSSRo6hIWsySeF0GORtAXaJQFSBqycIan87XbTtuS8qJ4bsNcfXmplXj9mAR7j9LNkFWj5aILcPMyNkp1R8Z72vRH9VOLzPEjUmbdPrQEelxuan8q33NM1WA&sai=AMfl-YRiN2crlFiAOuXrMRWKYG-MVBZG6QgeBYEDLcyGInrywDKZCB3llxRHceRk5G2eioi4mvrDKWZdNhtHyPwE3-7nY8pCTMIyXKQWeKGcsEO5vjxhcknXL2dlFC1PVYv43ikh5YQ07QNGX4QeGPXgQy4&sig=Cg0ArKJSzKuwODHKaA0tEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 19 Jan 2024 13:49:01 GMT
30E2301COWH_640_360_400k.mp4
edge.blockboardtech.com/8733/
2 MB
2 MB
Media
General
Full URL
https://edge.blockboardtech.com/8733/30E2301COWH_640_360_400k.mp4?ttl=1705708800
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
f74bdc0200f9c8d50423e581ea9592e46e5d4301096345087336c6b8e13a184c

Request headers

Referer
https://www.chicagotribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
x-cf-tsc
1705089752
x-cf3
H
x-amz-request-id
BTWHAZ72GX8ET3X2
cf4ttl
2614622.000
x-amz-server-side-encryption
AES256
x-cf1
34042:fD.mia1:co:1697133543:cacheN.mia1-v:H
Content-Range
bytes 0-2162388/2162389
x-cf-reqid
1d77feab2f72be1f4ecfe7d4393060c4
Content-Length
2162389
x-amz-id-2
Q+3mQ4GyE/W20JrqFNXesjgYIqs1+3cs9YhTaKP6LZDK3yuxkxFTserJPTYYxInDN/b1bdrsbtk=
x-cf2
H
last-modified
Wed, 03 Jan 2024 16:11:26 GMT
server
CFS 0215
x-cff
B
etag
"b39f7633980bcc1af9ddde9fed507879"
content-type
video/mp4
access-control-allow-origin
*
cf4age
63778
usync.js
eus.rubiconproject.com/ Frame 9E13
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a127b945b9378e8f1dededc5fbabbf87867f3f70862000590e6f0ee2fe2147d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 23:07:06 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33423
Connection
keep-alive
Content-Length
10964
Expires
Fri, 19 Jan 2024 23:06:04 GMT
usync.js
eus.rubiconproject.com/ Frame D1BC
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a127b945b9378e8f1dededc5fbabbf87867f3f70862000590e6f0ee2fe2147d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 23:07:06 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33423
Connection
keep-alive
Content-Length
10964
Expires
Fri, 19 Jan 2024 23:06:04 GMT
usync.js
eus.rubiconproject.com/ Frame 2C6E
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.153.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-153-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a127b945b9378e8f1dededc5fbabbf87867f3f70862000590e6f0ee2fe2147d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 23:07:06 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33423
Connection
keep-alive
Content-Length
10964
Expires
Fri, 19 Jan 2024 23:06:04 GMT
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=uBLNlZNf7btMf9rt&instance=298239442&version=7.29.7-Z&age=240119&ldt=VPL&key=7WQ1xQNF-vJYVOHOP&c_id=4591&seq=1&order=6&vIndex=0&absoluteTime=4615.8&relativeTime=2746.8&sm_id=3317544&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=15280&load=1&status=LVFDSNIY&ac_id=2008&durationMeasured=2000&viewableTime=0&viewablePercent=0
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.242.242.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-242-79.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
hadron.js
cdn.hadronid.net/ Frame 2CC7
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=694&sync=1&url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
414
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
847f89e2986d029b-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
694
p.ad.gt/api/v1/p/ Frame 2CC7
39 KB
13 KB
Script
General
Full URL
https://p.ad.gt/api/v1/p/694
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac4ad55b2c03f95d4937ac643e15e9b6403c392153db295845ce92cef515ad1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 13:45:39 GMT
server
cloudflare
age
202
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
847f89e31bfb7498-MIA
match
ids.ad.gt/api/v1/ Frame 2CC7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001705672141-MD84WZAF-R78N&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001705672141-MD84WZAF-R78N&adnxs_id=7519615932400280823&gdpr=0
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001705672141-MD84WZAF-R78N&adnxs_id=7519615932400280823&gdpr=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e34b9d4c27-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
an-x-request-uuid
0b934bdd-70b7-4d2d-9a8c-4c20383a122a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001705672141-MD84WZAF-R78N&adnxs_id=7519615932400280823&gdpr=0
x-proxy-origin
38.132.118.73; 38.132.118.73; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/ Frame 2CC7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001705672141-MD84WZAF-R78N&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=af5608ad-d911-4701-ba5f-8e2d06b27589&id=AU1D-0100-001705672141-MD84WZAF-R78N
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=af5608ad-d911-4701-ba5f-8e2d06b27589&id=AU1D-0100-001705672141-MD84WZAF-R78N
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e31b4e4c27-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=af5608ad-d911-4701-ba5f-8e2d06b27589&id=AU1D-0100-001705672141-MD84WZAF-R78N
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/ Frame 2CC7
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001705672141-MD84WZAF-R78N
  • https://ids.ad.gt/api/v1/pbm_match?pbm=37262AF7-E53C-4453-8BB4-532914A9A862&id=AU1D-0100-001705672141-MD84WZAF-R78N
43 B
170 B
Image
General
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=37262AF7-E53C-4453-8BB4-532914A9A862&id=AU1D-0100-001705672141-MD84WZAF-R78N
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e31b4b4c27-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=37262AF7-E53C-4453-8BB4-532914A9A862&id=AU1D-0100-001705672141-MD84WZAF-R78N
date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/ Frame 2CC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001705672141-MD84WZAF-R78N&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&rub=LRKP5HL8-21-EONG&gdpr=0
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&rub=LRKP5HL8-21-EONG&gdpr=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e35bc14c27-MIA
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&rub=LRKP5HL8-21-EONG&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/ Frame 2CC7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001705672141-MD84WZAF-R78N&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001705672141...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=447d9a7f-983b-4e29-8668-10ba39298020%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=af5608ad-d911-4701-ba5f-8e2d06b27589&ttd_puid=447d9a7f-983b-4e29-8668-10ba39298020%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&tapad_id=447d9a7f-983b-4e29-8668-10ba39298020
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&tapad_id=447d9a7f-983b-4e29-8668-10ba39298020
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e39bef4c27-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&tapad_id=447d9a7f-983b-4e29-8668-10ba39298020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/ Frame 2CC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001705672141-MD84WZAF-R78N
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&google_gid=CAESEIQWoHn_yufeVJtagXkGNKA&google_cver=1&google_ula=450542624,0
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&google_gid=CAESEIQWoHn_yufeVJtagXkGNKA&google_cver=1&google_ula=450542624,0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e31b5b4c27-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001705672141-MD84WZAF-R78N&google_gid=CAESEIQWoHn_yufeVJtagXkGNKA&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2CC7
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001705672141-MD84WZAF-R78N
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNTY3MjE0MS1NRDg0V1pBRi1SNzhO
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNTY3MjE0MS1NRDg0V1pBRi1SNzhO
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H3
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNTY3MjE0MS1NRDg0V1pBRi1SNzhO
date
Fri, 19 Jan 2024 13:49:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e31b444c27-MIA
content-type
text/html; charset=utf-8
ip_match
ids.ad.gt/api/v1/ Frame 2CC7
0
184 B
Image
General
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001705672141-MD84WZAF-R78N
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e31b494c27-MIA
content-type
text/html; charset=utf-8
adb_match
ids.ad.gt/api/v1/ Frame 2CC7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001705672141-MD84WZAF-R78N&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001705672141-MD84WZ...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001705672141-MD84WZAF-R78N&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
  • https://ids.ad.gt/api/v1/adb_match?adb=33291684567316088793167227619002512227&id=AU1D-0100-001705672141-MD84WZAF-R78N
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=33291684567316088793167227619002512227&id=AU1D-0100-001705672141-MD84WZAF-R78N
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e44cbb4c27-MIA
content-length
43
content-type
image/gif

Redirect headers

dcs
dcs-prod-va6-2-v053-0aa40f1a1.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
93vboRIsSqY=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://ids.ad.gt/api/v1/adb_match?adb=33291684567316088793167227619002512227&id=AU1D-0100-001705672141-MD84WZAF-R78N
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
ux
ad.360yield.com/ Frame 2CC7
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001705672141-MD84WZAF-R78N%26impr_uid%3D%7BPUB_USER_ID%7D
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.243.186.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-186-52.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 Jan 2024 13:49:01 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
geo.privacymanager.io/
30 B
608 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/ef418cbd-4cde-4f15-b109-09a2e2f0c985/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-111.yul62.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 08:30:54 GMT
via
1.1 3200e279ff99ad1800a0dd3b3c8e2d10.cloudfront.net (CloudFront), 1.1 480d73d26133a5d3268f9cfc7c99d59c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, YUL62-P1
age
19087
x-amzn-requestid
d559372c-6f92-4c81-ba79-59a80edb5105
x-amzn-trace-id
Root=1-65aa333e-40ee9ef7411ebcbf5ddfaac1;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RxzxwEJYjoEEkJA=
content-length
30
x-amz-cf-id
7nu7m46Uy3hpjcXc9kqP4iBxfCEjlRHPuObeQ0d-9XuirE_sHAWuYA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
ecm3
s.amazon-adsystem.com/ Frame B94F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
  • https://s.amazon-adsystem.com/ecm3?id=LRKP5HL8-21-EONG&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRKP5HL8-21-EONG&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X817F91C2ZSM0JQ3TYE1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRKP5HL8-21-EONG&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
/
pips.taboola.com/
4 B
127 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760062-MIA
date
Fri, 19 Jan 2024 13:49:01 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.chicagotribune.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
324988764630309865a69257bb7c07.62849085.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/
651 B
1 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/324988764630309865a69257bb7c07.62849085.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.7-Z/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-62.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ad0bf69a3ce13da070ab7b786b102513383c7bd40e250b34ecbdfa88190a568

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:24:13 GMT
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
15889
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
651
last-modified
Tue, 16 Jan 2024 14:28:34 GMT
server
AmazonS3
etag
"11d775cdec941c246ce4730a0f237014"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
OndeVBU6YvaszfZbf-BJwxzQx0PBJf4PTjX7yXqiBiNldef7L3BZVw==
khaos.json
token.rubiconproject.com/ Frame 913E
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
dcm
s.amazon-adsystem.com/ Frame 34FE
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=37262AF7-E53C-4453-8BB4-532914A9A862&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Z98CWHC9E3DYYCEQATYG
ecm3
s.amazon-adsystem.com/ Frame 876E
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID37262AF7-E53C-4453-8BB4-532914A9A862
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YVVVGKYT1JXXPZWJJN4C
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 275A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NyYq9-U8RFOLtFMpFKmoYg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.220.109.13 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-109-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76186
accept-ranges
bytes
content-length
5622
expires
Sat, 20 Jan 2024 10:58:47 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 275A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=37262AF7-E53C-4453-8BB4-532914A9A862
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D447d9a7f-983b-4e29-8668-10ba39298020%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7519615932400280823&pt=447d9a7f-983b-4e29-8668-10ba39298020%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7519615932400280823&pt=447d9a7f-983b-4e29-8668-10ba39298020%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
an-x-request-uuid
4227726d-dd18-4413-8f90-93d5bb6ac781
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7519615932400280823&pt=447d9a7f-983b-4e29-8668-10ba39298020%2C%2C
x-proxy-origin
38.132.118.73; 38.132.118.73; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 275A
0
0
Image
General
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2037262AF7-E53C-4453-8BB4-532914A9A862&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

xuid
eb2.3lift.com/ Frame 275A
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=37262AF7-E53C-4453-8BB4-532914A9A862&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 275A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENIkkqNdnwkk2cUXFSEgClA&google_cver=1
42 B
366 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENIkkqNdnwkk2cUXFSEgClA&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENIkkqNdnwkk2cUXFSEgClA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 275A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:59189B2565E24ADCAE4730FDBB2E3D3F
42 B
324 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:59189B2565E24ADCAE4730FDBB2E3D3F
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:59189B2565E24ADCAE4730FDBB2E3D3F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 18 Jan 2024 13:49:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 275A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=
42 B
392 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:45:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Kestrel
content-length
355
37262AF7-E53C-4453-8BB4-532914A9A862
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 275A
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/37262AF7-E53C-4453-8BB4-532914A9A862?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:75af:f069:585e:f21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 275A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37262AF7-E53C-4453-8BB4-532914A9A862&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-duyRdvlE2uUxiz6a5k_nMels1al28ts-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-duyRdvlE2uUxiz6a5k_nMels1al28ts-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-duyRdvlE2uUxiz6a5k_nMels1al28ts-~A&gdpr=0
date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_VIDEO1&hp=1&wf=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=2&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1705672141396&de=151055087798&m=0&ar=805b0ce1b97-clean&iw=503aeac&q=2&cb=0&ym=0&cu=1705672141396&ll=2&lm=0&ln=1&em=0&en=0&d=1643%3A16810%3A173339%3Aundefined&bo=chicagotribune.com&bp=undefined&bd=&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&id=1&ii=4&zMoatOrigSlicer1=chicagotribune.com&zMoatOrigSlicer2=N%2FA&gw=emxsspvideo326487385820&fd=1&it=500&ti=0&ih=2&pe=1%3A554%3A554%3A0%3A564&fs=207009&na=155305243&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.110.24 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-110-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 19 Jan 2024 13:49:01 GMT
khaos.json
token.rubiconproject.com/ Frame 9E13
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
khaos.json
token.rubiconproject.com/ Frame D1BC
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
analytics.js
www.google-analytics.com/ Frame 2CC7
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 12:13:53 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5708
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 19 Jan 2024 14:13:53 GMT
khaos.json
token.rubiconproject.com/ Frame 2C6E
7 B
798 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
no-store
server
nginx
sync
usr.undertone.com/userPixel/ Frame 913E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
0
139 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
35.173.162.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-162-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
ecm3
s.amazon-adsystem.com/ Frame B94F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LRKP5HL8-21-EONG&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRKP5HL8-21-EONG&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4NA779J5NJ1J39Z77DT4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRKP5HL8-21-EONG&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B94F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJvQvr9jlvGzaMAxNpgN1fM&google_cver=1
42 B
888 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJvQvr9jlvGzaMAxNpgN1fM&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJvQvr9jlvGzaMAxNpgN1fM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B94F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=&expires=30
42 B
888 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=&expires=30
date
Fri, 19 Jan 2024 13:49:01 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame B94F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTRkNDAwNmNjZGE2OWUxZGRiNmNlYTk2MTdmODNiYzk0NDlkNWE5ZQ&gdpr=0&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTRkNDAwNmNjZGE2OWUxZGRiNmNlYTk2MTdmODNiYzk0NDlkNWE5ZQ&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTRkNDAwNmNjZGE2OWUxZGRiNmNlYTk2MTdmODNiYzk0NDlkNWE5ZQ&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame B94F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4EF5187F74BB4251B9C9E8F5F19E9269 Ref B: MIAEDGE1506 Ref C: 2024-01-19T13:49:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPTL4bxp4olg3BZGHK0A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B94F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nN4cfbW_SUGfswErL7kjFw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nN4cfbW_SUGfswErL7kjFw&gdpr=0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nN4cfbW_SUGfswErL7kjFw&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1HF1NBAD8X86W2TTXVSW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nN4cfbW_SUGfswErL7kjFw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B94F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJLUDVITDgtMjEtRU9ORw==&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEECwWMyPBRsI0bl6FqzWFKA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJLUDVITDgtMjEtRU9ORw==&google_push=&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJLUDVITDgtMjEtRU9ORw==&google_push=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJLUDVITDgtMjEtRU9ORw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame B94F
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6H7DQV33BT6ZJMT4E4PW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B94F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MWyuOLyLPJNaD9RCRcGzwcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-q_w71YNE2oIRN2ot4H4iSdEpQ9GRHp5zkAH5fg--~A
42 B
888 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-q_w71YNE2oIRN2ot4H4iSdEpQ9GRHp5zkAH5fg--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-q_w71YNE2oIRN2ot4H4iSdEpQ9GRHp5zkAH5fg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame B94F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACxkE7LVPwAABLVw2aUYA&expires=30&gdpr=0
42 B
888 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACxkE7LVPwAABLVw2aUYA&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACxkE7LVPwAABLVw2aUYA&expires=30&gdpr=0
Date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame B94F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
pixel
capi.connatix.com/us/ Frame B94F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LRKP5HL8-21-EONG&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LRKP5HL8-21-EONG&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---&final=true
82 B
82 B
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=LRKP5HL8-21-EONG&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
847f89e6bf3709e6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LRKP5HL8-21-EONG&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
847f89e63eab09e6-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
receive
pixel.tapad.com/idsync/ex/ Frame B94F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync
hb.yahoo.net/ Frame B94F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRKP5HL8-21-EONG&redir=true&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRKP5HL8-21-EONG&gdpr=0&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1MQXU1amNoRTJ1RncybGNWbVUyWEZtb25xWm9LSkVxbH5B&gdpr=0&ovsid=LRKP5HL8-21-EONG&dpid=58160&us_privacy=1---
57 B
650 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1MQXU1amNoRTJ1RncybGNWbVUyWEZtb25xWm9LSkVxbH5B&gdpr=0&ovsid=LRKP5HL8-21-EONG&dpid=58160&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.40.207.42 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 19 Jan 2024 13:49:02 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Fri, 19 Jan 2024 13:49:02 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1MQXU1amNoRTJ1RncybGNWbVUyWEZtb25xWm9LSkVxbH5B&gdpr=0&ovsid=LRKP5HL8-21-EONG&dpid=58160&us_privacy=1---
date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame B94F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
0
127 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRKP5HL8-21-EONG&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B94F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=605bf330-bf3d-4752-93c9-9b7b7e088456&expires=30&gdpr=0&us_privacy=1---
42 B
888 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=605bf330-bf3d-4752-93c9-9b7b7e088456&expires=30&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=605bf330-bf3d-4752-93c9-9b7b7e088456&expires=30&gdpr=0&us_privacy=1---
Date
Fri, 19 Jan 2024 13:49:01 GMT
Connection
keep-alive
X-CI-RTID
9b5f7aa2-e61b-4654-b7eb-d1532ff8bd20
Content-Length
175
Content-Type
text/html; charset=utf-8
collect
a.ad.gt/api/v1/ Frame 2CC7
0
167 B
XHR
General
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
cf-ray
847f89e4d9fc6d9e-MIA
getpixels
pixels.ad.gt/api/v1/ Frame 2CC7
0
108 B
Script
General
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=9012b2e2456c345fa84ae583e3716c85&url=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847f89e4fff72577-MIA
content-type
text/html; charset=utf-8
v3
id5-sync.com/gm/
698 B
1 KB
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
7230caae5170b5f9f84e9f447a59024c3623fae4af07c3bd51c4e9dfb0ccbec4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:49:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usersync
usersync.gumgum.com/ Frame 9E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
  • https://usersync.gumgum.com/usersync?b=mag&i=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
cs
cs.yellowblue.io/ Frame D1BC
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
  • https://cs.yellowblue.io/cs?aid=11590&id=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
0
325 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e07703167439847c6c49a939083c0fd
Expires
0
ecommerce.js
www.google-analytics.com/plugins/ua/ Frame 2CC7
1 KB
655 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
1802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 19 Jan 2024 14:18:59 GMT
ec.js
www.google-analytics.com/plugins/ua/ Frame 2CC7
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:11:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
2257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 19 Jan 2024 14:11:24 GMT
cs
cs.minutemedia-prebid.com/ Frame 2C6E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LRKP5HL8-21-EONG
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
0
325 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D&gdpr=0
Protocol
H2
Server
3.224.6.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-6-94.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:01 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LRKP5HL8-21-EONG&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
9.gif
id5-sync.com/c/687/441/0/
Redirect Chain
  • https://id5-sync.com/i/687/8.gif?id5id=ID5*hlJctxOhXRu9lN4a2aGKu4RcJTXEbRmPUCePvO51hoN9sYdDK3nTQDN75lV-IBBLfbJIQU8FFAk2jQbp58CgEA&o=api&gdpr_consent=undefined&gdpr=false&gpp=DBACOe~CP4oVMAP4oVMAEXg...
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/687/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwB...
  • https://id5-sync.com/c/687/2/7/2.gif?puid=7519615932400280823&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeY...
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9419rMcwlQLys5Rmx-c1OzpIu3sLdAHvQeIyURPrDQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F687%2F124%2F6%2F3.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9419rMcwlQLys5Rmx-c1OzpIu3sLdAHvQeIyURPrDQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F687%2F124%2F6%2F3.gif%3Fp...
  • https://id5-sync.com/cq/687/124/6/3.gif?puid=893fb143-6f14-4a23-b02a-d8908ef24d63&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJ...
  • https://ce.lijit.com/merge?pid=92&3pid=7519615932400280823&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F1246%2F5%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/687/1246/5/4.gif?puid=IBIdhPZH0hKsqWxBRTKQ75mx&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAA...
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F796%2F4%2F5.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/687/796/4/5.gif?puid=605bf330-bf3d-4752-93c9-9b7b7e088456&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJA...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F108%2F3%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%...
  • https://id5-sync.com/c/687/108/3/6.gif?puid=447d9a7f-983b-4e29-8668-10ba39298020&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJA...
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AACxkE7LVPwAABLVw2aUYA&id5AccountNum=155&numCascadesAllowed=9
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAE...
  • https://id5-sync.com/c/687/429/1/8.gif?puid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJA...
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F687%2F441%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D%26gpp%3DDBACOe%7ECP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFg...
  • https://id5-sync.com/c/687/441/0/9.gif?puid=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAE...
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/c/687/441/0/9.gif?puid=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 19 Jan 2024 13:49:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/687/441/0/9.gif?puid=u_374db9ec-2a95-485b-920f-53f9d8e5d435&gdpr=0&gdpr_consent=&gpp=DBACOe~CP4oVMAP4oVMAEXgoAENAfEwAP_gAEPgACiQGMwFgAFAANAAyABwAEAAJAAVAA0AB6AEQAJgAUAAtgBoAEJAI4AjwBWgEAAIOAqIBeYDGQLzgGAAZAA4ACAAGgARAAmABoAEIAI4AgABBwF5gAAA~BP4oVMAP4oVMAEXgoAENAfCgAf_AAIfAAAYzAWAAUAA0ADIAHAAQAAkABUADQAHoARAAmABQAC2AGgAQkAjgCPAFaAQAAg4CogF5gMZAvOAYABkADgAIAAaABEACYAGgAQgAjgCAAEHAXmA~1YN-:&gpp_sid=6
date
Fri, 19 Jan 2024 13:49:04 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
activeview
pagead2.googlesyndication.com/pcs/ Frame FB3D
42 B
404 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwA3q7rqO8gKHKTqAeTCmpiKpp01FxB4NniW6rdXDaCpVD74oUsd_qrsl7JrnS3yccJJSwClKLCgEVnEGCFn79LPpdVqfKoN7zPBQTnME1xrnaL7qlkCCGd__S1ZDK93jezFi826M3sE--X_HppdgMKhbc&sig=Cg0ArKJSzDGzOH72O5ISEAE&id=lidar2&mcvt=1004&p=254,436,344,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=604058185&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705672140485&rpt=667&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mng-trib/b-2805e46-145e842b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 Jan 2024 13:49:02 GMT
rid
match.adsrvr.org/track/
108 B
765 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=tcugyhe&fmt=json
Requested by
Host: htlbid.com
URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e442d8fbdfdb56a0fa6620ffc49acd02a509264e1658ffddb863880ceabe12b3

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 13:49:02 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.chicagotribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 18 Feb 2024 13:49:02 GMT
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=af5608ad-d911-4701-ba5f-8e2d06b27589&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Server
34.199.116.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-116-44.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n037-ash-prod.krxd.net
date
Fri, 19 Jan 2024 13:49:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1705672143
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=af5608ad-d911-4701-ba5f-8e2d06b27589
date
Fri, 19 Jan 2024 13:49:02 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a008-ash-prod.krxd.net
SPug
simage4.pubmatic.com/AdServer/ Frame 275A
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 275A
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21117521&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4cbe8ac6e6af6eac54852138a1cd53677312319aa07fb5554914c83bc3801473

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 19 Jan 2024 13:49:04 GMT
content-length
1443
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame CACB
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=82364a3e-b6d1-11ee-89f0-6e5106d24edb
42 B
267 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=82364a3e-b6d1-11ee-89f0-6e5106d24edb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:49:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Fri, 19 Jan 2024 13:49:04 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=82364a3e-b6d1-11ee-89f0-6e5106d24edb
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-1
Pug
simage2.pubmatic.com/AdServer/ Frame 82E7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7519615932400280823&gdpr=0&gdpr_consent=
42 B
297 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7519615932400280823&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:49:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
364f16cd-10c9-4ef7-9edf-5246cfeffe55
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 19 Jan 2024 13:49:04 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7519615932400280823&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
38.132.118.73; 38.132.118.73; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 4B92
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDeGtFN0xWUHdBQUJMVncyYVVZQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACxkE7LVPwAABLVw2aUYA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=747110656901291457&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AACxkE7LVPwAABLVw2aUYA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D747110656901291457%26gdpr%3D0%26gdpr_conse...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=747110656901291457&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?ev=AACxkE7LVPwAABLVw2aUYA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D747110656901291457%26gdpr%3D0%26bee_sync_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=747110656901291457&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACxkE7LVPwAABLVw2aUYA...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACxkE7LVPwAABLVw2aUYA&gdpr=0
42 B
280 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACxkE7LVPwAABLVw2aUYA&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 02:34:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 19 Jan 2024 13:49:05 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACxkE7LVPwAABLVw2aUYA&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 18BD
85 B
259 B
Document
General
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 19 Jan 2024 13:49:04 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760055-MIA
x-timer
S1705672144.201682,VS0,VE27
Pug
image2.pubmatic.com/AdServer/ Frame 174D
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2331364c26194d9eaff1f
42 B
278 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2331364c26194d9eaff1f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:49:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Fri, 19 Jan 2024 13:49:03 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2331364c26194d9eaff1f
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
/
a.clickcertain.com/px/img/bidswitch/ Frame 8CB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=90b242ee-469b-4129-a6f2-7505dc827c92
0
0
Document
General
Full URL
https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=90b242ee-469b-4129-a6f2-7505dc827c92
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
847f89f61a1174b2-MIA
content-length
6366
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 13:49:05 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8pn7b%2B6JpOQZWfA2IfUNmmbx74cwiZAYhhH3t1ksB2PW%2FETPXN%2BYIxXjSdcpSpTCN%2F8jxF33H2VAk6TGeTMu1aczIC%2FQ%2F5iOix4DAOmPveIPeQhEbEdauANSl8owki8o9%2Bzk4P2p8yfj3ZZHf4J5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 19 Jan 2024 13:49:04 GMT
Location
//a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=90b242ee-469b-4129-a6f2-7505dc827c92
Server
nginx
ecm3
s.amazon-adsystem.com/ Frame E050
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID37262AF7-E53C-4453-8BB4-532914A9A862
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NT5CXJ8TH1NP1ZNFRKM8
insync
thrtle.com/ Frame 275A
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=37262AF7-E53C-4453-8BB4-532914A9A862&vxii_pid=12&vxii_pid1=10067&vxii_rcid=93d726f6-3f2a-4267-9597-4923a394c210
43 B
295 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=37262AF7-E53C-4453-8BB4-532914A9A862&vxii_pid=12&vxii_pid1=10067&vxii_rcid=93d726f6-3f2a-4267-9597-4923a394c210
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
34.224.254.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-254-163.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 19 Jan 2024 13:49:04 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=37262AF7-E53C-4453-8BB4-532914A9A862&vxii_pid=12&vxii_pid1=10067&vxii_rcid=93d726f6-3f2a-4267-9597-4923a394c210
date
Fri, 19 Jan 2024 13:49:04 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 275A
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 275A
43 B
358 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.81.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-81-23.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:04 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 275A
0
425 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=187&uid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.141.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-141-6.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 19 Jan 2024 13:49:03 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E9E8
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55543249&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b179305b9fc7a2031f6689b48fd50173230d548a98a8818d6275ca1dcfe2ed6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 13:49:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 584E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw
42 B
336 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:49:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 19 Jan 2024 13:49:04 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 3882
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ap4GKFcv1RqPf25&gdpr=0&gdpr_consent=
42 B
220 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ap4GKFcv1RqPf25&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:49:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 19 Jan 2024 13:49:04 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ap4GKFcv1RqPf25&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-0c76cec05c6502292@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 98A8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
42 B
379 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 02:34:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 19 Jan 2024 13:49:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vC4MldVUXx1-4THjD_zAjiaEdkk&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 04AF
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=33e1254d-caa0-4405-a119-9cb59ec5fc6e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=37262AF7-E53C-4453-8BB4-532914A9A862
42 B
493 B
Document
General
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=37262AF7-E53C-4453-8BB4-532914A9A862
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.250.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-250-139.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:04 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 19 Jan 2024 02:32:44 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=37262AF7-E53C-4453-8BB4-532914A9A862
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame 1862
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 13:49:04 GMT
expires
Fri, 19 Jan 2024 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
387520
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersync
usersync.gumgum.com/ Frame 5E8C
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=37262AF7-E53C-4453-8BB4-532914A9A862
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Jan 2024 13:49:04 GMT
Expires
0
Pragma
no-cache
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame E9E8
0
201 B
Image
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-7.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:04 GMT
via
1.1 266cd0ca40a2604d8ba51f8173b83662.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
content-length
0
x-amz-cf-id
gwNWf2NNDEWM_LRcEaw7xagy0Hkrms7qeNhFMrDziPrlcnoesXVFlQ==
x-cache
Error from cloudfront
362358.gif
idsync.rlcdn.com/ Frame E9E8
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPJNvf2-1HThgUkjPOTm5-A&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPJNvf2-1HThgUkjPOTm5-A&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPJNvf2-1HThgUkjPOTm5-A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=37262AF7-E53C-4453-8BB4-532914A9A862/gdpr=0/ Frame E9E8
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=37262AF7-E53C-4453-8BB4-532914A9A862/gdpr=0/gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.6.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-6-220.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.235
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame E9E8
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=37262AF7-E53C-4453-8BB4-532914A9A862&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
image2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&gdpr=0&gdpr_consent=
42 B
467 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 02:35:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:04 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame E9E8
0
287 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.132.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-132-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2329117063689986867&gdpr=0&gdpr_consent=&us_privacy=
1 B
299 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2329117063689986867&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 19 Jan 2024 13:45:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2329117063689986867&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 19 Jan 2024 13:49:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame E9E8
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10F892F7D_208C4158&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B
Image
General
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-388676944; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 19 Jan 2024 13:49:03 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-388676944; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 19 Jan 2024 02:34:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=pubmatic&gdpr=0&gdpr_consent=
42 B
350 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-minuteMedia_n-MediaNet_ox-db5_smrt_n-smaato_n-undertone_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_kg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 19 Jan 2024 13:49:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&pi=pubmatic&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 19 Jan 2024 13:49:04 GMT, Fri, 19 Jan 2024 13:49:04 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
OpportunityServlet
ch-vid-events.taboola.com/
1 B
125 B
Ping
General
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.chicagotribune.com
date
Fri, 19 Jan 2024 13:49:05 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
cmAdService.js
vidstat.taboola.com/vpaid/units/33_7_3/infra/
46 KB
12 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmAdService.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-mtime
1704535345
date
Fri, 19 Jan 2024 13:49:05 GMT
via
1.1 a205b777009b4117039d629e4ab51416.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MIA3-C3
age
1136713
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1704535345
x-amz-meta-mode
33188
content-length
11556
x-served-by
cache-mia-kmia1760033-MIA
last-modified
Sat, 06 Jan 2024 10:02:26 GMT
server
AmazonS3
x-timer
S1705672146.858485,VS0,VE0
etag
"395c2d3a29b53f05f31fcb3046a9dd43"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
jAn6al8QDO0ctdb34Sb_M-qjdDEY1p5pRMXjA-w8qKGIRbIeY5VL0Q==
x-cache-hits
744203
OpportunityServlet
opps.taboola.com/
1 B
135 B
Ping
General
Full URL
https://opps.taboola.com/OpportunityServlet?rst=42
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-mia-kmia1760033-MIA
date
Fri, 19 Jan 2024 13:49:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1705672146.899577,VS0,VE39
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=2&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.chicagotribune.com%2F%2Fmarijuana%2Fillinois%2F-&i=EMX_SSP_VIDEO1&ol=2460650020&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-P05t5T9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-DZu29h1deVpMDA%3D%3D&sc=1&os=1-6w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=0&h=393&w=700&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&id=1&ii=4&f=0&j=&t=1705672141396&de=151055087798&cu=1705672141396&m=4502&ar=805b0ce1b97-clean&iw=503aeac&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5044&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A554%3A554%3A0%3A564&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4471&cd=0&ah=4471&am=0&dq=13&dr=0&ds=13&dt=0&xd=00&zx=0&vu=0&tb=0&cvt=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=1643%3A16810%3A173339%3Aundefined&bo=chicagotribune.com&bp=undefined&bd=&gw=emxsspvideo326487385820&zMoatOrigSlicer1=chicagotribune.com&zMoatOrigSlicer2=N%2FA&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=704900633&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.110.24 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-110-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 19 Jan 2024 13:49:05 GMT
t
securedev.blockboardtech.com/track/ Frame E66F
0
0

t
secure.blockboardtech.com/track/ Frame E66F
43 B
178 B
Image
General
Full URL
https://secure.blockboardtech.com/track/t?e=start&vr=1&d=eJyNUMlOw0AM_ZUeQXIibxPPfADiRK_Q42wpUUsipVQVf89QBEicakvW8yq_R4ZuMCbxwOwYiLx6IBc0AAnRd0B4nuayXE4bwpaENmik8Lgs.2MFxd7jj0Fn0gf7Ta06jSOXDmMdO8EiXWCizuVIwWpwyhny65Tjfnlfp3Sea5.XNwAaVABAfE_CffurN4FBBybHSsC3XZah_eBUdIDbFvCfX_k_PL3AGI.nCl9anE8RvCLM9bL5WNYDiMC24V3Dd5vt7h4c0l_XGRAiO7hMay2Q1iWWFOfSyPlcSvGRTVMUY6boagypWE2mgk0YFzKOSYPF2DSVxoSJzReHLFibQIysHXUU2jVoka4VkE8ufndM&wb=2.00000
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.224.100 -, , ASN (),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:06 GMT
Server
Python/3.7 aiohttp/3.5.4
Content-Length
43
Content-Type
image/gif
/
imp.emxdgt.com/vcr/ Frame E66F
0
137 B
Image
General
Full URL
https://imp.emxdgt.com/vcr/?cp=2.00000&ts=1705672138&seat=Blockboard_EMX&w=5&h=5&pb=1.4&sid=16810&tid=173339&pid=1643&uid=77551705672138307897e1&wid=58&dom=chicagotribune.com&tp=${EMX_MACRO}&mt=2&dt=2&st=1&os=windows&ip=38.132.118.73&sz=&country=US&region=NY&city=new%20york&zip=10025&dma=&agency_id=&cluster=east-hb&browser=chrome&rf=${RF_MACRO}&data_fee_type=&data_fee=0&clstr_nm=header-bidding-east-1&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&make=Google&ifa=&adom=balanceofnature.com&cat=&us_privacy=1---&crid=11848&deal=emx104224&vcr=0.01
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.227.43.106 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:05 GMT
Connection
Keep-Alive
Content-Length
0
Content-Type
application/javascript
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=2&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=EMX_SSP_VIDEO1&ol=2460650020&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-P05t5T9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-DZu29h1deVpMDA%3D%3D&sc=1&os=1-6w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=1&h=393&w=700&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.chicagotribune.com%2Fmarijuana%2Fillinois%2Fct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html&id=1&ii=4&f=0&j=&t=1705672141396&de=151055087798&cu=1705672141396&m=4505&ar=805b0ce1b97-clean&iw=503aeac&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5044&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A554%3A554%3A0%3A564&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4471&cd=4471&ah=4471&am=4471&dq=13&dr=13&ds=13&dt=13&xd=00&zx=0&vu=0&tb=0&cvt=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=0&rf=0&re=0&cl=0&at=0&d=1643%3A16810%3A173339%3Aundefined&bo=chicagotribune.com&bp=undefined&bd=&gw=emxsspvideo326487385820&zMoatOrigSlicer1=chicagotribune.com&zMoatOrigSlicer2=N%2FA&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=2084017718&cs=0
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.110.24 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-110-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 13:49:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 19 Jan 2024 13:49:06 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 275A
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame E9E8
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
OpportunityServlet
opps.taboola.com/
1 B
80 B
Ping
General
Full URL
https://opps.taboola.com/OpportunityServlet?rst=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.chicagotribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-mia-kmia1760033-MIA
date
Fri, 19 Jan 2024 13:49:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1705672147.526394,VS0,VE38
x-cache
MISS
access-control-allow-origin
https://www.chicagotribune.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1
x-cache-hits
0
TC-4208-2.gif
pi.ispot.tv/v2/ Frame E66F
43 B
315 B
Image
General
Full URL
https://pi.ispot.tv/v2/TC-4208-2.gif?platform=ott&publisher=INSP&placementid=INSP&dsp=other
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 Jan 2024 13:49:06 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
43
expires
0
check_gdpr.js
biddr.brealtime.com/ Frame E66F
Redirect Chain
  • https://imp.emxdgt.com/imp/?cp=2.00000&ts=1705672138&seat=Blockboard_EMX&w=5&h=5&pb=1.4&sid=16810&tid=173339&pid=1643&uid=77551705672138307897e1&wid=58&dom=chicagotribune.com&tp=2.00000&mt=2&dt=2&s...
  • https://biddr.brealtime.com/check_gdpr.js
961 B
961 B
Image
General
Full URL
https://biddr.brealtime.com/check_gdpr.js
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Server
172.64.107.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:06 GMT
Via
1.1 ba5631812fd92cdae7b4685e6efbc3c6.cloudfront.net (CloudFront)
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Amz-Cf-Pop
MIA3-P7
Age
1839
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 17 Aug 2023 18:19:50 GMT
Server
cloudflare
ETag
W/"11c8c62741a95c3066cf30317005c4b7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YNw%2Fk5Purw5YdVQFOQB6%2B5xeUb3qdOSos2hhLDYwUSzNQ5ifAu9BSRHGf2D%2BXTd0%2FiF8JVEl7ltVjOFB9ARK6jjlwE0dyFUzmze8j5il0y9z1Pze6c7URgaiaXt98Z2ku5WxCKQ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=60
CF-RAY
847f8a04997025a6-MIA
X-Amz-Cf-Id
zxWJVjU2sLEzBH_wikOj1EpaCJgNjVjho_28jwQgXfg5PHoIpHWnEg==

Redirect headers

Location
https://biddr.brealtime.com/check_gdpr.js
Date
Fri, 19 Jan 2024 13:49:05 GMT
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html
p
sb.scorecardresearch.com/ Frame E66F
43 B
394 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=3&c2=38381667&c3=2252&c4=11848&c5=1643&c11=1643&c12=7e54af2d-0aef-30d3-9211-5ca197e9542c&c16=gen&rn=1705672138310&ccr=1&gdpr=[GDPR]&ns__p=1705672138310&ns__t=1705672138310&ns_ce_mod=1&ns_ap_pn=&ns_st_ct=&ns_st_ep=&ns_st_ge=&ns_st_pr=&ns_st_pu=LocalNews_DesktopandMobile(OLV)&gdpr_consent=[GDPR_CONSENT_77]&ns_ap_device=&ns_ad_event=load&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-103.yul62.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:06 GMT
via
1.1 7211dc525b86f4a3fdf1dbeb59791392.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
KVqY5q5CyoipuW2_tFDfh7vG0WMzn_8Zox0XcREQ4f5CBZaKEtk1HA==
t
securedev.blockboardtech.com/track/ Frame E66F
0
0

t
secure.blockboardtech.com/track/ Frame E66F
43 B
178 B
Image
General
Full URL
https://secure.blockboardtech.com/track/t?e=Impression&vr=1&d=eJyNUMlOw0AM_ZUeQXIibxPPfADiRK_Q42wpUUsipVQVf89QBEicakvW8yq_R4ZuMCbxwOwYiLx6IBc0AAnRd0B4nuayXE4bwpaENmik8Lgs.2MFxd7jj0Fn0gf7Ta06jSOXDmMdO8EiXWCizuVIwWpwyhny65Tjfnlfp3Sea5.XNwAaVABAfE_CffurN4FBBybHSsC3XZah_eBUdIDbFvCfX_k_PL3AGI.nCl9anE8RvCLM9bL5WNYDiMC24V3Dd5vt7h4c0l_XGRAiO7hMay2Q1iWWFOfSyPlcSvGRTVMUY6boagypWE2mgk0YFzKOSYPF2DSVxoSJzReHLFibQIysHXUU2jVoka4VkE8ufndM&wb=2.00000
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.224.100 -, , ASN (),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 13:49:06 GMT
Server
Python/3.7 aiohttp/3.5.4
Content-Length
43
Content-Type
image/gif
st
ch-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=5&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Ns0CLAY4bYohEzsVHxBw2hRDJnYqPigAAABgYID-AEnsVsaNa-NZiwbL4Vo0ms3cwoVl4xYOhwuHzTLxGJaLISCJ3cq4cW08a9FgOVyLRrOZW7iwbNzC4XDhsFkmHsNyMQUfxnKZDGqBxGX2-94Ky-npMbvcoqPrbfH8G5QOGwR-oul0-Fz3et3vd9cYnR6Hz2-6PC2uu8uu8bv9aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DwPgGAWeWA4K7fAfl3_L1BwAAAAAQAAAAACQACH7iSgBYvC6f-P________-PMUCfeSPj_____8ZCD4AHHwAPQgAAAC6GOMRR2MSyym4QOTApwggAAACACaFd0pFJOkHFosr__3-_FYArAAABjSH7Xe9ZdAcl3sIAAAAMjFmgh8XvNzvsGr_bZf7_________zfyf-UcjNDIzk0Z4Ep5UzS8gAMCaX0AAADbqBgDgTQCcoEPQisFgdQZyNJgdAAAAgDv_____ekDCYXIOVwvPZDIabUyeicWwWi1MJufENhoMF7bd9piFcsWy-4vS9AkRl9nveyssp6fH7HKLjq63xfNvUDoE8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwSTs9lgYZqt3MKFxbcWzUaGtcK1Gaw1m8FoMxxNFqvVyC16fUwfh2mwGS28SDAAdC-Sp0U6EU58s5lr5jE5VpvNxDcazUazzWhm2KxMm9VytpqIJZqTRTqRXfYNh8k5XC08k8lotDF5JhbDarUwmZwT22gwXNh2--ZsNliYZiu3cGHxrUWzkWGtcG0Ga81mMNoMR5PFajVyi14f08dhGmxGC39jN1jNdpPFZrhv7Aar2W6y2Az3HTrDd_U5G5WP37mjcni7Zb_T5jQoXAaLd1q0SFuHo8-o89omwtTatHNMrEKrxGtQeA4e0-J7rb5-1_LEOzkpHAeLIpYILtKJ6PK0uO4uk9PnND3Mbo3R6XH4_KbL0-K6uyxiidJ0kU70aoflaXU97A6_0mx22v1Oz19jeivNZqfd7_S81Q7L0-p62B1uvclveWteh8vL7XJr_K7L6S1yeZwml1v2Mjo9Zpdb83JYPka3ZDAZDRaL5Vrrdvs9n93mZnM57WbL4GwZTS4Wz8T6dmtOf8vzLjS9zRaxRHC6SCeil_F0Uf9Rwwznis1krlgM57rNKgEAAAAAAAAAWIJJppsAAAAAOBnIbrgZrtbpIEbD2W65Wi6Ah7IWXT_wcIvCPlUyu3i8mlQgPwOZijX2WAddnhbX3WVy-pymh9mtMTo9Dp_fdHlaXHeXlQE8lLEw2-wzglir1bIGAAAggA0AACCAm268CTiz4v7____HAQAAAJBDDwAAgH4fUJMHbtR64Qe_gtjMJpP9A1Ah1mq1ut1Yq9UKKFC7CQQACKgnCAAAAAAAUGNT8P_______38Y!&cmcv=&pix=31579657&cb=1705672146529&uv=3373&tms=1705672146529&su=6&abt=adxsub-out_vA!adxsub-out_vB!ufm_vE&ft=0&unm=FEED_MANAGER&su=6&
Requested by
Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.chicagotribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:49:06 GMT
content-length
0
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=sharethrough&bsw=90b242ee-469b-4129-a6f2-7505dc827c92
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Domain
securedev.blockboardtech.com
URL
https://securedev.blockboardtech.com/track/t?e=start&vr=1&d=eJyNULFqAzEM_ZWMLciHZMu2tHZvOnTKaMs.SHvk4EIJ_fs6TWnpFj0Qekg8PYkyshcl8uB9ZCASjkBRGYGCyi0hPBfbvbyO4gbGSRL.BLjMk5dfWoNvmjA7i1pc0EhOMzUXOKa5Elu2Bk_Lau91LVubbIVrDBHCOHkKkyqQZ2HWYQ3oPkWEyCge7p3.j.87_0zBXJZzH6sRPs4FZLzj1C.7t76d.ycEgv1gh3V7f9jtD48QkcDK0i59WUZXh2JGTHA5zkeo21paLac2jlRBC90kd1VuraJZiYWlZpsDYgANPkUuSbSU1hh7yooxpmati_UC4NGzIxcABMJweOVAX9juctA-&wb=2.00000
Domain
securedev.blockboardtech.com
URL
https://securedev.blockboardtech.com/track/t?e=Impression&vr=1&d=eJyNULFqAzEM_ZWMLciHZMu2tHZvOnTKaMs.SHvk4EIJ_fs6TWnpFj0Qekg8PYkyshcl8uB9ZCASjkBRGYGCyi0hPBfbvbyO4gbGSRL.BLjMk5dfWoNvmjA7i1pc0EhOMzUXOKa5Elu2Bk_Lau91LVubbIVrDBHCOHkKkyqQZ2HWYQ3oPkWEyCge7p3.j.87_0zBXJZzH6sRPs4FZLzj1C.7t76d.ycEgv1gh3V7f9jtD48QkcDK0i59WUZXh2JGTHA5zkeo21paLac2jlRBC90kd1VuraJZiYWlZpsDYgANPkUuSbSU1hh7yooxpmati_UC4NGzIxcABMJweOVAX9juctA-&wb=2.00000

Verdicts & Comments Add Verdict or Comment

585 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 number| zphrSegmentsTime boolean| segmentsCalled function| adOfTypeLoaded object| dataLayer boolean| isIE function| trackNotificationEvents function| trackPermissionEvents function| promptAndSubscribeUser function| tagToUser function| registerVisit function| deleteUserTags object| BOOMR_mq string| BOOMR_API_key object| BOOMR function| closeOsano object| buttons object| Fusion object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime string| zeusAdUnitPath boolean| isSubscriber object| _taboola object| trb number| sophiReTimeStamp object| htlbid function| setupS2NApi function| setImmediate function| clearImmediate object| ntv boolean| ntvFired function| Osano function| __gpp function| __tcfapi function| __uspapi boolean| htlbidLoaded object| pbjsChunk object| pbjs object| _pbjsGlobals function| HTLBIDLoader object| googletag object| apstag object| google_tag_manager object| google_tag_data object| litHtmlVersions function| zephrLoad function| determinePaywallInclusion function| createEvent object| zephrBrowser object| blueConicPreListeners function| BCClass object| blueConicClient string| GoogleAnalyticsObject function| ga object| sophi function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression function| OneSignal function| _typeof object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _rmxd number| __oneSignalSdkLoadCount object| bc_json418 object| registration object| JSUtil object| SWG undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| gaplugins object| gaGlobal object| gaData object| _mather object| _mg2q object| _matherq object| tid object| webpackChunksnowplow_tracker_javascript_new object| $OPHI_GN function| sophiTag string| sophiGlobalVariable object| Snowplow function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id boolean| plHookRanOnce object| TRCImpl number| taboola_view_id object| PARSELY boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| recaptcha object| closure_lm_724505 function| userSubscription function| fecthNewsletters function| userSubscriptionStatus function| InteractionTypeImpl object| ggeac object| google_js_reporting_queue number| __mobxInstanceCount undefined| __mobxGlobals object| nAvn8Q function| nAvn8v object| xop object| 13iclkbu0ao object| 15n1mojochkw object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ch object| _pm_mcg object| SUBSCRIPTIONS object| _aps boolean| apstagLOADED object| default_gsi object| _F_toggles object| google object| closure_lm_888389 function| $ object| _bcp function| BlueConicEngagement function| RuleService function| FormRuleService function| jwt_decode object| justDetectAdblock function| md5 function| BlueConicMetaDataService object| bcConnectionUtil function| BlueConicDataLayerUtility undefined| google_measure_js_timing object| Criteo object| apscustom boolean| htlbidStarted object| headertag object| Zephr object| list string| nam object| placementData object| __G_ID_CLIENT__ function| _33AcrossPpidMappingsProvider object| s4ZV4y function| s4ZV4i object| xblacklist object| qdbb5G2 function| qdbb5G3 function| xblocker object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog number| BOOMR_configt object| bc_json419 object| bc_json420 boolean| _tb_vd_pg object| ox_esp object| signal_decrypted object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 string| p1332014244 string| p1332014299 number| p1332014300 function| p1332014358 function| oAddDVTag_ function| oGetPageStats_ function| p1332014329 function| oGetSlotRenderedLineItemIdByDivId_ function| p1332014324 function| p1332014321 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p1332014318 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p1332014301 function| p1332014297 function| p1332014354 function| p1332014295 function| p1332014307 function| p1332014304 function| p1332014302 function| p1332014278 function| p1332014283 function| p1332014269 function| p1332014268 function| p1332014266 function| p1332014259 function| oEnableNullChecklistener_ function| p1332014311 function| p1332014250 function| oPageUnload function| p1332014179 function| p1332014184 function| oSetDataParam function| p1332014303 number| p1332014169 string| p1332014170 object| p1332014171 object| p1332014172 boolean| p1332014173 number| p1332014175 number| p1332014176 object| p1332014197 string| p1332014239 number| p1332014180 object| p1332014247 string| p1332014215 string| p1332014216 object| p1332014253 number| p1332014254 boolean| p1332014258 number| p1332014260 boolean| p1332014262 boolean| p1332014312 boolean| p1332014287 boolean| p1332014314 boolean| oObserverChanges_ boolean| p1332014313 boolean| p1332014315 boolean| oAudienceListenerEnabled_ object| p1332014264 string| oDevice string| p1332014352 number| p1332014355 string| oParentHostname_ string| oParentPathname_ boolean| p1332014265 boolean| p1332014267 number| p1332014282 boolean| p1332014284 number| p1332014285 object| p1332014274 object| oAdSlots_ object| otkjs boolean| p1332014305 boolean| p1332014306 object| optimeraInsights string| p1332014316 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p1332014327 object| p1332014328 boolean| oEnableInfiniteScrollUrls_ boolean| p1332014323 object| p1332014326 object| p1332014330 boolean| oHasStnVideo_ object| p1332014353 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ object| oDumpedDivs_ object| p1332014357 string| p1332014360 boolean| p1332014359 string| p1332014224 function| p1332014177 string| p1332014178 boolean| oVisibileState_ number| oVisibileChangedState_ boolean| p1332014246 boolean| p1332014226 object| p1332014225 number| p1332014228 undefined| p1332014332 undefined| p1332014333 object| opbjs object| oaudLibjs object| ovpjs number| p1332014227 string| lock object| zephrOutcomes string| key object| cmTag object| _33across number| google_unique_id object| optimera string| testAndVariation object| zephrAccessDetails undefined| activeProducts undefined| activeProductLength undefined| activeProductCount undefined| leftEarOutcome undefined| rightEarOutcome undefined| accountFlyoutOutcome string| topicFlyoutOutcome string| subButtonOutcome undefined| regWallOutcome string| toasterOutcome function| readCookie function| cookieValue string| featureOutcome string| sophiRec string| toasterCookie string| toasterValue object| zephrTestGroups string| leftEarMetric string| rightEarMetric string| accountFlyoutMetric string| topicFlyoutMetric string| subButtonMetric string| regWallMetric string| toasterMetric object| zephrMeters object| zephrTrialTrackingDetails object| zephrCredits undefined| entitlementName undefined| entitlementId number| countIncremented undefined| entitlementObj undefined| num undefined| meterName undefined| remCred undefined| totCred undefined| creditName object| ID5 object| p1332014252 object| oDv number| p1332014181 object| prodKObj string| oUrl_ string| uType boolean| loggedIn string| ssorId object| __id5_instances object| PublisherCommonId number| oIndex4_ number| p1332014196 object| webpackChunkadUnits function| Zepto object| Backbone function| startCMTagMain string| category object| hadron boolean| __halo_loaded__ function| OvaMediaPlayer object| _cm_wfCounters boolean| DFPMessageEnabled object| au object| atsdetectionmodule object| atsenvelopemodule object| ats object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| criteo_syncframe_state

265 Cookies

Domain/Path Name / Value
.chicagotribune.com/subscriptions/modal-ad-lite/img Name: _lbz
Value: 0
.taboola.com/tribunedigital-chicagotribune/ Name: taboola_session_id
Value: v2_aad985a32244cd3bb055add9b6408a67_9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a_1705672138_1705672138_CNawjgYQrco9GJC77Y_SMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGibw5uko5yDwdIBcAE
.chicagotribune.com/marijuana/illinois Name: _lbz
Value: 0
r610.chicagotribune.com/DG/DEFAULT Name: BCSessionID
Value: 1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6
tribune.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6
.chicagotribune.com/ Name: _lb
Value: 1
.chicagotribune.com/ Name: AKA_A2
Value: A
.onesignal.com/ Name: __cf_bm
Value: GPx8AjmDLhoVlWB7RL.JzlA4NWBfnzK4SCEedCKXtHY-1705672137-1-AbUjA2W83PlwEx37GGWXhC2p9S/eTgnXIEp9BhcfnVGnhZ6cw3Mfe3GJd/sdVaQExfMROmrcVYmRHjgFuBCmtZA=
www.chicagotribune.com/ Name: ntv_as_us_privacy
Value: 1---
.chicagotribune.com/ Name: _ga
Value: GA1.2.806039224.1705672138
.chicagotribune.com/ Name: _gid
Value: GA1.2.1851462749.1705672138
.chicagotribune.com/ Name: _gat_UA-6459251-3
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1EA336d1251926b2a7976961705672137
.chicagotribune.com/ Name: osano_consentmanager_uuid
Value: 2d8d2d91-8881-41c3-beb3-e2c267b51907
.chicagotribune.com/ Name: osano_consentmanager
Value: fPWSYoE1eWvX_Z7o-gJ-UuDDqQ_a54G3Zu8jUUCOwWWATG0xjFuBM3WZj0mUattRjSWoMS-GHXG3o6JOLud0CRz6mL8XHHb48gyosB3ZDZrH792c6KW74Bs6ywoGp_6Tb9-9Ow2OSZLJfwbP_7ZkzP7RybRP1cnrt2S69uss6TLU_KLhcOziINmrr8i9qVoNVLoyIbit4g1b7ahPC7JFQkdI_8LEIy5uWudruDP9Xli1p_qwXEbcuYbP_w6DSGHH4KqvWioEpongwfrZcs9c1EbV9B28pEyyo7slgFUjQUgdySwzwTqYZSAqgluMf0qBVPsBzW7h7d4kcitUR_8fOR9shOil6b-SfAtSqM5_XuwIxvpSpi_kUb_lBrRgh5MCQtuigq6rFY-mOLk0ILggiAugakRnveHt8lB9tkM9cIkC-7ykItSZmqt3tAeaYyEyWKM7KWSrHyItUerBleHZuG6yAUzXjPKvGSHvh9cxlRP1Mz0aL9yvZQjANtOVoc1VwW_lZrJZ0rurHLzGh3GNUXBtrwRz4yokHlSvIWjpYustumbrJ-xbVCdTVlyQOY-BDeQ5LhRUlUZX-7mDevXtqGnyyux3AQoRwTOjTK-g9Gn3sN_EXCTTJyAy7xa531TkWcinReuTZvtOWy4VLX2Uw9b0AqKmQ5YNJ5xgkmXEZFFWlQ_43mjYmtvvNCn6tnuRoQ-0vZDcqblJY1ksypmnB1cczf32bx3jufeadktORAmugMyDkf-YA3tQMuSfG7tFEY2lYofUpJfTinx_4ZwpEy60YcKmFsGAv9d9r-eXZsE=
.chicagotribune.com/ Name: _ml_ses
Value: *
.chicagotribune.com/ Name: _matheriSegs
Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/ Name: _matherSegments
Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/ Name: sophiTagses.f6cf
Value: *
.chicagotribune.com/ Name: _sp_duid
Value: 7d43075c-9445-4d18-b22e-942468fac9c9
.postrelease.com/ Name: visitor
Value: a195e667-3996-4a91-8240-33ccdbe41ce2
.postrelease.com/ Name: status
Value: 0
.chicagotribune.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.chicagotribune.com/marijuana/illinois/ct-illinois-marijuana-odor-supreme-court-decide-vehicle-search-20240119-kmmos37sffeinl2pl24rbb3bzm-story.html%22%2C%22sref%22:%22%22%2C%22sts%22:1705672138144%2C%22slts%22:0}
.chicagotribune.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=8ecb5200a2e43769754453f202e47928%22%2C%22session_count%22:1%2C%22last_session_ts%22:1705672138144}
www.chicagotribune.com/ Name: ntvSession
Value: {"id":3161486,"placementID":1109781,"lastInteraction":1705672138275,"sessionStart":1705672138275,"sessionEndDate":1705744800000,"experiment":""}
www.chicagotribune.com/ Name: _ntv_uid
Value: a195e667-3996-4a91-8240-33ccdbe41ce2
.postrelease.com/ Name: ver
Value: 1
.chicagotribune.com/ Name: c_mId
Value:
.chicagotribune.com/ Name: c_PUID
Value:
zephr.chicagotribune.com/ Name: blaize_session
Value: 742f0f71-ae29-439f-bd77-69df548a1d88
zephr.chicagotribune.com/ Name: blaize_tracking_id
Value: 9c878486-1978-4ceb-8cba-93736249f91c
www.chicagotribune.com/ Name: BCSessionID
Value: 1c647c59-ae5c-4fd0-8b6b-2c0808f4bcc6
.taboola.com/ Name: t_gid
Value: 9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a
.taboola.com/ Name: t_pt_gid
Value: 9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
tribune.blueconic.net/ Name: AWSALBCORS
Value: /hWxHrAWT7FeVFG1E+4tIxAjtsrkJ6UzimR4U9OBDuBQsAwxbJBRfAImeRt2bhyf4sHBBVQtt+fDwNjG14UqjqX16ur2x+UcoWOYvHZkNunXMsVWzsEVJy7gF4IN
www.chicagotribune.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9660a46e-8ab7-46d0-a530-33043842155d-tuctca4034a
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 807143988169548681215
zephr.chicagotribune.com/ Name: AWSALB
Value: SUN2lYOUcsK2wPdwkTLx6Uj5GtMxJ27PLYcxsyMrY3PJ1w6uaSmP//g2JZ8QsdiPyUduTDDMwJLiNHY8ANuBa1+RfLnKsbOkIlpYp69C7gsb7tsw+eoC/yp4BTr7
zephr.chicagotribune.com/ Name: AWSALBCORS
Value: SUN2lYOUcsK2wPdwkTLx6Uj5GtMxJ27PLYcxsyMrY3PJ1w6uaSmP//g2JZ8QsdiPyUduTDDMwJLiNHY8ANuBa1+RfLnKsbOkIlpYp69C7gsb7tsw+eoC/yp4BTr7
.adsrvr.org/ Name: TDID
Value: af5608ad-d911-4701-ba5f-8e2d06b27589
.rkdms.com/ Name: sessionid
Value: h-d3e3df54ed844a09b8dacc2a9d242497_t-1705672139
.33across.com/ Name: check
Value: true
.rubiconproject.com/ Name: khaos
Value: LRKP5HL8-21-EONG
.chicagotribune.com/ Name: _sp_flow.b979
Value: paywall
.www.chicagotribune.com/ Name: RT
Value: "z=1&dm=www.chicagotribune.com&si=e3ff8da8-ab7f-4e7c-b29a-4769951bcfa2&ss=lrkp5fnp&sl=0&tt=0"
.chicagotribune.com/ Name: lotame_domain_check
Value: chicagotribune.com
.openx.net/ Name: i
Value: 87186e82-dd68-487f-b187-5813227166bf|1705672139
.chicagotribune.com/ Name: sophiTagid.f6cf
Value: 7d43075c-9445-4d18-b22e-942468fac9c9.1705672138.1.1705672140.1705672138.9a3ab5fc-df05-44f6-b36c-1782e7af4ba6
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: c3fa23e4b6dd853183b39c1c30a9b8e5
.amazon-adsystem.com/ Name: ad-id
Value: A6QqyjMaX0oModudFTARZ1Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.chicagotribune.com/ Name: _cc_id
Value: c3fa23e4b6dd853183b39c1c30a9b8e5
.chicagotribune.com/ Name: panoramaId_expiry
Value: 1705758539803
www.chicagotribune.com/ Name: flipp-uid
Value: 6b114a43-92be-4fc9-92f5-f8bb09101cdd
.chicagotribune.com/ Name: _ml_id
Value: 5456eb42-3e36-438e-bc0c-62e5bed2414b.1705672138.1.1705672140.1705672138
.yahoo.com/ Name: A3
Value: d=AQABBMx9qmUCEDiBnzmd-dSkVueK-DDPFoQFEgEBAQHPq2W0ZQAAAAAA_eMAAA&S=AQAAAkr0l9NkAZzbWqzNgmqgzpI
.openx.net/ Name: pd
Value: v2|1705672140|iKbwvPvMgahEgKkWg2gy
.adnxs.com/ Name: uuid2
Value: 7519615932400280823
.smaato.net/ Name: SCM
Value: 4245a32d7d
.smaato.net/ Name: SCMaps
Value: 4245a32d7d
.smartadserver.com/ Name: pid
Value: 747110656901291457
.sharethrough.com/ Name: stx_user_id
Value: 1a9e26a1-2b43-4078-af0a-9cec0b586930
.pippio.com/ Name: did
Value: lwqcW-4HNUm4R-gE
.pippio.com/ Name: didts
Value: 1705672140
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMz7qa0GEgYIgr0rEAA=
.media.net/ Name: visitor-id
Value: 3486737401524113000V10
.yieldmo.com/ Name: yieldmo_id
Value: VEYw7FFuuwFB2m5r4iEm%7C1705622400000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1185334%7Cunl%3D1185334%7Ct%3D1185334%7Cdv360%3D1185334%7Cpub%3D1185334
.gumgum.com/ Name: vst
Value: u_374db9ec-2a95-485b-920f-53f9d8e5d435
.kargo.com/ Name: ktcid
Value: 950ffa73-83b4-0744-5d21-c76476a2b7ac
.yellowblue.io/ Name: wrvUserID
Value: NNHke7Ezkp_s
.openx.net/ Name: univ_id
Value: 537072971|af5608ad-d911-4701-ba5f-8e2d06b27589|1705672140415084
.p.flipp.com/ Name: gid
Value: "uCuzdwAF2lab2HZeEmZP9w=="
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zap9zAAPq4SdnwBH
.chicagotribune.com/ Name: __gads
Value: ID=54a53cbbd434d2d9:T=1705672139:RT=1705672139:S=ALNI_MausNKgvZjrEJK7IFP5LpCpqLPMww
.chicagotribune.com/ Name: __gpi
Value: UID=00000db870f891c1:T=1705672139:RT=1705672139:S=ALNI_MZCYKBBVlbdakK450IUgesZF_pQbg
.minutemedia-prebid.com/ Name: wrvUserID
Value: FqTke7xzCp_mm
.turn.com/ Name: uid
Value: 2329117063689986867
.doubleclick.net/ Name: IDE
Value: AHWqTUmxhzTBFh6_Wd1PFo3KotJABaDzMfZhZ8WXc1S9uUz7ltyBapRwTEszkZlNAoE
.linkedin.com/ Name: li_sugr
Value: 40bcedee-f476-4a75-b08e-3c47ba525c90
.linkedin.com/ Name: bcookie
Value: "v=2&0352526b-8c6f-4850-88cc-e3272bb3266a"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3159:u=1:x=1:i=1705672140:t=1705758540:v=2:sig=AQG0Bwdf8sEbZxcfNfJ7osm78fxg193v"
.lijit.com/ Name: ljt_reader
Value: IBIdhPZH0hKsqWxBRTKQ75mx
.bidswitch.net/ Name: c
Value: 1705672140
.bidswitch.net/ Name: tuuid_lu
Value: 1705672140
.bidswitch.net/ Name: tuuid
Value: 90b242ee-469b-4129-a6f2-7505dc827c92
.ads.yieldmo.com/ Name: ptrt
Value: af5608ad-d911-4701-ba5f-8e2d06b27589
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjKxVLIyNDcws7AwNDcx0FEyM0PlGxoYoQsYowpYoiioBQC8BRC8
.advertising.com/ Name: A3
Value: d=AQABBMx9qmUCEP__2MeHs45XvNIX_1tgLGgFEgEBAQHPq2W0ZdxH0iMA_eMAAA&S=AQAAAjQrJFpxc1GNB6Vb3Xf76k8
.admanmedia.com/ Name: admtr
Value: 062a562d-3fb0-45aa-8b79-635cfdc66ceb
.deepintent.com/ Name: CDIUSER
Value: di_2331364c26194d9eaff1f
.casalemedia.com/ Name: CMID
Value: Zap9zHRhaLqQqx9fV.AJ7QAA
.casalemedia.com/ Name: CMPS
Value: 377
.casalemedia.com/ Name: CMPRO
Value: 377
r610.chicagotribune.com/ Name: AWSALB
Value: hxzmF5fUnd/pTxdVLPFiTURcxoAhr9Xh0Ibo1SrIGKM7c97U9Pj0kUhAshiVqjAHACcdhsa9wsXFp8RiievYbzY0NAx3lNgja0HUMTlg2nhmBDrxB8MggZkcpmLi
r610.chicagotribune.com/ Name: AWSALBCORS
Value: hxzmF5fUnd/pTxdVLPFiTURcxoAhr9Xh0Ibo1SrIGKM7c97U9Pj0kUhAshiVqjAHACcdhsa9wsXFp8RiievYbzY0NAx3lNgja0HUMTlg2nhmBDrxB8MggZkcpmLi
.contextweb.com/ Name: V
Value: cSRfQsFtSr8C
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 15c6244a1b524cb2
.go.sonobi.com/ Name: __uis
Value: 287aa52e-d3f2-4b01-9350-f76bd692b10a
.go.sonobi.com/ Name: HAPLB8G
Value: s86212|Zap9z
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: c1d74cf9-be83-5313-888e-86c8ed24fb04
.betweendigital.com/ Name: ss
Value: 1
.ipredictive.com/ Name: cu
Value: 605bf330-bf3d-4752-93c9-9b7b7e088456|1705672140776
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e.gIj46Qea8fC4ucDx1rThHOgA011KtrLfbk127J47IS4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bc2e0c95-d554-5f1d-7ee1-31e30ffcc08e.gIj46Qea8fC4ucDx1rThHOgA011KtrLfbk127J47IS4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvC4MldVUXx1-4THjD_zAjiaEdkk.%2FEUN702yjbLc1J3bOoMM80Rz8uVMPbBjSxGHyXpu2E4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvC4MldVUXx1-4THjD_zAjiaEdkk.%2FEUN702yjbLc1J3bOoMM80Rz8uVMPbBjSxGHyXpu2E4
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOEPig05Vqz7wDFSZnir7E4XyBt1YVycXWaR4RSf1G3eEHwYBCDM-6mtBjABOgQ7vvenQgQ6Mzxb.aS7WMpzbmAitBjjm8puX1MguR7AP5qSTlm7jjPV0Mi0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOEPig05Vqz7wDFSZnir7E4XyBt1YVycXWaR4RSf1G3eEHwYBCDM-6mtBjABOgQ7vvenQgQ6Mzxb.aS7WMpzbmAitBjjm8puX1MguR7AP5qSTlm7jjPV0Mi0
.sitescout.com/ Name: ssi
Value: dcafda96-9e87-49ca-889a-58cbf93f04d1#1705672140810
.adform.net/ Name: C
Value: 1
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.undertone.com/ Name: UTID
Value: 821a0485f5864031a78e10b02874039b
.undertone.com/ Name: UTID_ENC
Value: 7pa7z5qns7pzxsczj2k0cxbbv
.undertone.com/ Name: UID_EXT_46
Value: af5608ad-d911-4701-ba5f-8e2d06b27589
.undertone.com/ Name: UID_EXT_39
Value: 1fd936fc-7440-4beb-81d4-8f3cb1fa7510
.ads.yieldmo.com/ Name: ptrpp
Value: HIrK5xuEOPP2
.undertone.com/ Name: UID_EXT_56
Value: y-VzlRv.NE2uGiFlbUgoecV7bp0oHHtEKbiVrDokw-~A
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 37262AF7-E53C-4453-8BB4-532914A9A862
.betweendigital.com/ Name: ut
Value: Zap9zAAMyXBvk0Is5lT5rptf3dg1rs02awaPpw==
.admanmedia.com/ Name: ac_r
Value: CS139|CS112
.undertone.com/ Name: UID_EXT_47
Value: LRKP5HL8-21-EONG
.adform.net/ Name: uid
Value: 6223903298907341552
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-85b8f4a1-ccc2-3e97-bee8-d87d7db2f8a6
.mfadsrvr.com/ Name: tuuid
Value: 8def5c04-5d36-4bff-92b4-d09ac3dffd9c
.mfadsrvr.com/ Name: c
Value: 1705672140
.omnitagjs.com/ Name: ayl_visitor
Value: 4f41ede55d81355272cc99ff46f8a25e
.tapad.com/ Name: TapAd_TS
Value: 1705672140953
.tapad.com/ Name: TapAd_DID
Value: 447d9a7f-983b-4e29-8668-10ba39298020
.zemanta.com/ Name: zuid
Value: niZP2cOnYctfUlkXf7DS
.lijit.com/ Name: _ljtrtb_49
Value: cSRfQsFtSr8C
.ads.stickyadstv.com/ Name: UID
Value: 36217f6b5d97c296704a5e1a2518c6cf
.creativecdn.com/ Name: u
Value: PDFCURvCHGu9qYeNjMFO
.creativecdn.com/ Name: g
Value: PDFCURvCHGu9qYeNjMFO_1705672140959
.admixer.net/ Name: am-uid
Value: 9ac29e49bd63493f89357e12ffa0fe2a
.acuityplatform.com/ Name: auid
Value: 878771007062
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFGSD82SKSYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBRkg/Nkikj3RoaXJkUGFydHlVc2VySWRXSUJJZGhQWkgwaEtzcVd4QlJUS1E3NW14+/uGdmVyc2lvbsL7
.media.net/ Name: data-ris
Value: {{APID}}~~25
.csync.loopme.me/ Name: viewer_token
Value: 3e4a2752-b04d-4fc8-a873-46c32ad71c72
.mfadsrvr.com/ Name: tuuid_lu
Value: 1705672141
.mfadsrvr.com/ Name: ssh
Value: !minutemedia,1705672141
.lijit.com/ Name: _ljtrtb_66
Value: 878771007062
.socdm.com/ Name: SOC
Value: Zap9zcCo8YwAAEQRlhgAAAAA
.chicagotribune.com/ Name: _au_1d
Value: AU1D-0100-001705672141-MD84WZAF-R78N
.chicagotribune.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDU2NzIxNDEsInR0ZCI6MTcwNTY3MjE0MSwicHViIjoxNzA1NjcyMTQxLCJydWIiOjE3MDU2NzIxNDEsInRhcGFkIjoxNzA1NjcyMTQxLCJhZHgiOjE3MDU2NzIxNDEsImdvbyI6MTcwNTY3MjE0MSwiYWRvIjoxNzA1NjcyMTQxLCJpbXByIjoxNzA1NjcyMTQxfQ%3D%3D
.undertone.com/ Name: UID_EXT_54
Value: dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553
.lijit.com/ Name: _ljtrtb_92
Value: 7519615932400280823
.google.com/ Name: NID
Value: 511=UsCiI-6i3fAVgivOnUNBU6Ui6dfuXXQ05jGct2T7X8HU7AsmzKVeE8oBAQ-X2VhY645NROSeR7mb_fn02KtpOemWRcD74WjQJ1E8NYL4bM1ZBGA4LzgLwxc6DirUiko3yjUDDLzTRPGqPDeiNKP3kC1G_02Quq9XQYgej3z8_HU
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005%22%7D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-16b65a00-7da8-4fc9-a113-ebd14e0933c7-005%22%7D
www.chicagotribune.com/ Name: _lr_geo_location_state
Value: FL
www.chicagotribune.com/ Name: _lr_geo_location
Value: US
.krushmedia.com/ Name: krm_usr
Value: fc2fc523-00ff-58b5-b57a-29b6f62fc307
.demdex.net/ Name: demdex
Value: 33291684567316088793167227619002512227
.ad.gt/ Name: au_id
Value: AU1D-0100-001705672141-MD84WZAF-R78N
.dpm.demdex.net/ Name: dpm
Value: 33291684567316088793167227619002512227
.adx.opera.com/ Name: UID
Value: OPUa407f7a53dfb4d8499c827d271fbb100
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENIkkqNdnwkk2cUXFSEgClA&KRTB&23025-CAESENIkkqNdnwkk2cUXFSEgClA&KRTB&23386-CAESENIkkqNdnwkk2cUXFSEgClA
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-af5608ad-d911-4701-ba5f-8e2d06b27589&KRTB&22918-af5608ad-d911-4701-ba5f-8e2d06b27589&KRTB&22926-af5608ad-d911-4701-ba5f-8e2d06b27589&KRTB&23031-af5608ad-d911-4701-ba5f-8e2d06b27589
.krushmedia.com/ Name: krm_r
Value: 572|482
.lijit.com/ Name: _ljtrtb_103
Value: OPUa407f7a53dfb4d8499c827d271fbb100
.simpli.fi/ Name: suid
Value: 59189B2565E24ADCAE4730FDBB2E3D3F
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!469-2!469
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:59189B2565E24ADCAE4730FDBB2E3D3F&KRTB&23486-uid:59189B2565E24ADCAE4730FDBB2E3D3F&KRTB&23489-uid:59189B2565E24ADCAE4730FDBB2E3D3F&KRTB&23539-uid:59189B2565E24ADCAE4730FDBB2E3D3F
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 95a3a6e1-87ee-4910-9952-760d20b84127
.prebid.a-mo.net/ Name: sd_amuid2
Value: 95a3a6e1-87ee-4910-9952-760d20b84127
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_80
Value: LRKP5HL8-21-EONG
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.bidr.io/ Name: bito
Value: AACxkE7LVPwAABLVw2aUYA
.bidr.io/ Name: bitoIsSecure
Value: ok
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEqeO7JbWwdy6S5Bv7H1ouoxdnNVF8ci150u/9I50tmKuaKpPDO78ATN1XejXGRi+vg/ajqo5sELLsyV++To7Vc4HEYI5ehIrXXacI99txi68aC6g74J6co446eJCpo9G4JrHenJgWdLQ==
.connatix.com/ Name: cnx_userId
Value: 37a29a9fcde14bf5b67fa25083134068
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2g9p:1969~2g9p:18z9~2g9p:18z8~2g9p:18vk~2g9p:19e0~2g9p"
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.hb.yahoo.net/ Name: visitor-id
Value: 3486737421524114000V10
.hb.yahoo.net/ Name: data-mag
Value: LRKP5HL8-21-EONG~~63
.id5-sync.com/ Name: id5
Value: 6b205769-0104-7bc6-b821-9f2bc24e2a79#1705672141870#2
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-605bf330-bf3d-4752-93c9-9b7b7e088456&KRTB&23011-605bf330-bf3d-4752-93c9-9b7b7e088456&KRTB&23355-605bf330-bf3d-4752-93c9-9b7b7e088456
.360yield.com/ Name: tuuid
Value: 893fb143-6f14-4a23-b02a-d8908ef24d63
.360yield.com/ Name: tuuid_lu
Value: 1705672142
.360yield.com/ Name: um
Value: !79,YPm93bo-vvOurB-F34UzVGuf3MHY6gdaiACjN6UaDc0uE-ZIofrgye3J3mSHfyGbUtZ0YOCaHPduk.Eq,1713448142
.360yield.com/ Name: umeh
Value: !79,0,1767880142,-1
www.chicagotribune.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22af5608ad-d911-4701-ba5f-8e2d06b27589%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-19T13%3A49%3A02%22%7D
www.chicagotribune.com/ Name: pbjs-unifiedid_cst
Value: VyxHLMwsHQ%3D%3D
.lijit.com/ Name: ljtrtb
Value: eJwNyksOgkAMANC7dC1J2%2Fm0dWsQE4kgxAMwTOYA6s5wd7t9eT%2FIGc6goiKEKJgZTkAYHKf5tUWUJlsKtZVYNZrtylJZqJXi3280r%2Fu6tOfn%2Bl3fenFTdBuX%2B5xuo3ZMXT89Bndjd0lkmZIFjoisqBzg%2BAOlgyAE
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiKpb_N7b_MPBAFEhcKCHB1Ym1hdGljEgsI0JXszu2_zDwQBRIWCgdydWJpY29uEgsI5ufxz-2_zDwQBRISCgNhYW0SCwic1Oz6s43BPBAFEhMKBGtydXgSCwjuxPj7s43BPBAFGAUgASgBMgsI4qjFh4TAzDwQBTgBWgZwcmViaWRgAXIEa3J1eA..
.dotomi.com/ Name: DotomiTest
Value: 11b3d3b7e67807a8
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAACeop8ymoQUgMTBeBMAAAAAAA&KRTB&22713-AAACeop8ymoQUgMTBeBMAAAAAAA&KRTB&22715-AAACeop8ymoQUgMTBeBMAAAAAAA&KRTB&23519-AAACeop8ymoQUgMTBeBMAAAAAAA
.krxd.net/ Name: _kuid_
Value: QC41vdyD
.pubmatic.com/ Name: SPugT
Value: 1705672142
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240119%22%2C%22141%22%3A%2220240119%22%7D
.adnxs.com/ Name: XANDR_PANID
Value: qXJzLpJyTI0gU05hBtwFfnPJkPbz3yhLYBxpztWFUA1E4Dtm04nCieiq29sTYFwQOOeoFgoQ_gDruuUQmrR2twpF4AYrZtwBx9EhX4mYiRM.
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_2331364c26194d9eaff1f
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7519615932400280823&KRTB&23339-7519615932400280823
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 7
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1706659200%3A257%7C1706227200%3A265%7C1706832000%3A261_260_201_256_262_259_263_258%7C1705708800%3A248_255
.pubmatic.com/ Name: SyncRTB3
Value: 1706832000%3A8_266_165_13_54_5_55_233_71_220_22_21_166_48_178_240_231_250_104_3%7C1706918400%3A35%7C1706227200%3A223_2_15%7C1706486400%3A63
.bfmio.com/ Name: __187_cid
Value: 37262AF7-E53C-4453-8BB4-532914A9A862
.bfmio.com/ Name: __io_cid
Value: 5fd6b333dc2a53f05cb813d46fb5a5a3b25e456c
.thrtle.com/ Name: mc
Value: eyJpZCI6IjkzZDcyNmY2LTNmMmEtNDI2Ny05NTk3LTQ5MjNhMzk0YzIxMCIsImwiOjE3MDU2NzIxNDQzODEsInQiOjF9
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNTY3MjE0NDQwMSwiMzkiOjE3MDU2NzIxNDA4NjEsIjciOjE3MDU2NzIxNDA4NjEsIjgwIjoxNzA1NjcyMTQwODYxfQ
.rlcdn.com/ Name: rlas3
Value: ZfHTF3bYgv+jX4rVlBNaRMsir+dpFKesQwBsW0+iJS4=
.rlcdn.com/ Name: pxrc
Value: CMz7qa0GEgUI6AcQABIFCOhHEAASBgi66gEQBBIGCLjrARAA
.adgrx.com/ Name: ADGRX_UID
Value: 82364a3e-b6d1-11ee-89f0-6e5106d24edb
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2329117063689986867&KRTB&23150-2329117063689986867&KRTB&23527-2329117063689986867
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-vC4MldVUXx1-4THjD_zAjiaEdkk&KRTB&23334-vC4MldVUXx1-4THjD_zAjiaEdkk&KRTB&23417-vC4MldVUXx1-4THjD_zAjiaEdkk&KRTB&23426-vC4MldVUXx1-4THjD_zAjiaEdkk
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553&KRTB&23418-dcafda96-9e87-49ca-889a-58cbf93f04d1-65aa7dcc-5553
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.creativecdn.com/ Name: ts
Value: 1705672144
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_8245d9e0-b6d1-11ee-9f30-121a6d1d7927
.quantserve.com/ Name: d
Value: EJIBCwH4KvijAA
.quantserve.com/ Name: mc
Value: 65aa7dd0-8058c-15da1-4bed3
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-82364a3e-b6d1-11ee-89f0-6e5106d24edb&KRTB&23275-82364a3e-b6d1-11ee-89f0-6e5106d24edb
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&KRTB&23047-tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&KRTB&23234-tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o&KRTB&23361-tj0LXZ6tzFPMUvTRFtsSLuifHVG9U89ombCgU4njE0o
.mxptint.net/ Name: mxpim
Value: R33647_10F892F7D_208C4158.1.000000000000000065AA7DD0
.w55c.net/ Name: wfivefivec
Value: ap4GKFcv1RqPf25
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw&KRTB&19420-wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw&KRTB&22979-wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw&KRTB&23462-wW-g0cA-pYDaYvGFzznsgcI-oIHabqPVk2l-90bw
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_10F892F7D_208C4158&KRTB&23092-R33647_10F892F7D_208C4158
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-33e1254d-caa0-4405-a119-9cb59ec5fc6e&KRTB&23340-33e1254d-caa0-4405-a119-9cb59ec5fc6e&KRTB&23498-33e1254d-caa0-4405-a119-9cb59ec5fc6e
.w55c.net/ Name: matchpubmatic
Value: 5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 95483858-0358-44ae-8d82-495079230531
beacon.lynx.cognitivlabs.com/ Name: ss
Value: noxdOc6MNTL%2BwMCEM3QhajQkcpPVqi3tbxVVYeNcvdOb6TVMM%2B8%2FcBv7TK3Wn7zERxuaP90Hv3u3Nw4i19OBMg%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:ap4GKFcv1RqPf25&KRTB&23421-uid:ap4GKFcv1RqPf25
.smartadserver.com/ Name: csync
Value: 127:AACxkE7LVPwAABLVw2aUYA
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: ad1db094-3395-3521-9c6d-ea7409e455df
.technoratimedia.com/ Name: tads_uidp_44
Value: LRKHBF7Z-2-8X7C
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 2683812490753708618
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAF4xZizIk6AAM6zndwAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 685e8c27-cb56-4aba-9f6c-12ac70432dda
.technoratimedia.com/ Name: tads_uidp_61
Value: 212425059498830
.technoratimedia.com/ Name: tads_uidp_62
Value: 3486605791523889000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: FdnDqAkBIz3SN-WRETnlst1EPI1ds7Qv
.technoratimedia.com/ Name: tads_uidp_7
Value: b0f00427-a6ce-404e-a499-b8011633c1c5
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AACxkE7LVPwAABLVw2aUYA
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-ad86f80c-981a-4e10-b723-40c59efa3e72-005
.technoratimedia.com/ Name: tads_uidp_77
Value: ejkS3qslHiykXdbU1kuGL1xTRg3rYNTotkWWIzR_yQc
.technoratimedia.com/ Name: tads_uidp_80
Value: y-mqlFEw9E2uFX4M7HUl01UDogESxCllR2~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZapKYiWfK.O-5HD8brHufwAA&2843
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 4690020929508127715902
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1703211272902
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p7k|8kt.0.1|7dN.0.AACxkE7LVPwAABLVw2aUYA|7dW.0.1|8i8.0.1
.id5-sync.com/ Name: 3pi
Value: 2#1705672142385#250004991#7519615932400280823|441#1705672145050#208315313#u_374db9ec-2a95-485b-920f-53f9d8e5d435|155#1705672144662#-506235094#AACxkE7LVPwAABLVw2aUYA|124#1705672142636#-44915695|796#1705672143027#-798332589|108#1705672143214#1244511471|429#1705672144858#1674639357#37262AF7-E53C-4453-8BB4-532914A9A862|1246#1705672142836#1843962219
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACxkE7LVPwAABLVw2aUYA
.pubmatic.com/ Name: PugT
Value: 1705631675

15 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security warning URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
other warning URL: https://p.ad.gt/api/v1/p/694
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://htlbid.com/v3/chicagotribune.com/htlbid.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.chicagotribune.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2037262AF7-E53C-4453-8BB4-532914A9A862&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 504 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://a.clickcertain.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9516acb358add85bb1d82b0bdd5c0756.safeframe.googlesyndication.com
a.ad.gt
a.clickcertain.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ams-depr-public.s3.amazonaws.com
ams-pageview-public.s3.amazonaws.com
ap.lijit.com
api.rlcdn.com
assets.zephr.com
ats-wrapper.privacymanager.io
authenticate.chicagotribune.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
capi.connatix.com
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn.ads-flipp.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jwplayer.com
cdn.onesignal.com
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.taboola.com
cdn.undertone.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.osano.com
cms.quantserve.com
config.aps.amazon-adsystem.com
consent.api.osano.com
contextual.media.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cs.admanmedia.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csync.loopme.me
d15kdpgjg3unno.cloudfront.net
d1y4ng3lozj2yp.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
direct.ad.cpe.dotomi.com
direct.adsrvr.org
dis.criteo.com
dpm.demdex.net
dynpaywall-api-chicagotribune.ml.sophi.io
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
ecollector-tribune.sophi.io
edge.blockboardtech.com
embed.sendtonews.com
embedcdn.sendtonews.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
gum.criteo.com
hb.yahoo.net
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
htlbid.com
ib.adnxs.com
ice.360yield.com
id.hadron.ad.gt
id.rlcdn.com
id.sv.rkdms.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imp.emxdgt.com
imprchmp.taboola.com
inv-nets.admixer.net
invstatic101.creativecdn.com
jadserve.postrelease.com
js-sec.indexww.com
js.brealtime.com
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mng-trib-tagan.adlightning.com
news.google.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
opps.taboola.com
p.ad.gt
p.flipp.com
p1.parsely.com
pagead2.googlesyndication.com
pi.ispot.tv
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
play.google.com
player-files.remixd.com
player.sendtonews.com
playlist.stnvideo.com
pm-widget.taboola.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubcast-files.remixd.com
px.ads.linkedin.com
px.moatads.com
r.bidswitch.net
r610.chicagotribune.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s2l.sendtonews.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.blockboardtech.com
secure.cdn.fastclick.net
securedev.blockboardtech.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sqs.us-east-1.amazonaws.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssor.tribdss.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tagan.adlightning.com
tags.crwdcntrl.net
tags.remixd.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
tribune.blueconic.net
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usermatch.krxd.net
usersync.gumgum.com
usr.undertone.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
www.chicagotribune.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.tribdss.com
x.bidswitch.net
z.moatads.com
zephr.chicagotribune.com
image8.pubmatic.com
securedev.blockboardtech.com
sync-dmp.mobtrakk.com
104.18.35.167
104.18.36.155
104.18.41.104
104.36.115.111
104.36.115.113
104.96.238.138
107.178.250.234
107.178.254.65
124.146.153.163
13.225.195.104
13.225.195.106
13.225.195.114
13.225.195.122
13.225.195.126
13.225.195.48
13.225.195.55
13.225.195.59
13.225.195.91
13.225.199.75
141.226.124.48
141.226.224.32
141.226.224.48
141.95.98.64
142.251.111.155
147.28.146.89
151.101.1.44
151.101.130.132
151.101.194.49
151.101.65.44
162.19.138.119
162.248.18.34
172.240.127.129
172.64.107.35
172.64.149.180
173.231.184.20
18.205.148.211
185.167.164.49
185.184.8.90
195.244.31.11
198.148.27.131
199.250.161.129
205.234.175.175
207.198.113.89
216.219.92.22
216.22.16.8
23.105.12.143
23.202.152.28
23.202.153.103
23.220.109.13
23.220.110.24
23.40.207.42
23.56.220.66
23.7.17.42
23.7.29.146
23.7.73.96
23.83.76.52
2600:1408:20:381::11a6
2600:1408:5400:22::b819:7f9a
2600:1408:5400:489::11a6
2600:1f18:4e9:5a01:75af:f069:585e:f21
2600:9000:215f:3c00:1f:2473:9080:93a1
2600:9000:215f:a400:1b:5138:8a40:93a1
2600:9000:215f:bc00:11:b309:9100:21
2600:9000:215f:ec00:1:a3fa:7cc0:93a1
2600:9000:21a2:1000:17:c484:6380:93a1
2600:9000:21a2:4200:5:82fd:2500:21
2600:9000:21a2:7800:a:e047:753:a221
2600:9000:21a2:bc00:3:b7e:8940:93a1
2602:803:c002:200::32
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:832
2606:4700::6811:190e
2606:4700::6812:d63b
2606:ae80:1471:12::500
2607:f350:3:2569:0:10:0:c
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::71
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c09::54
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::71
2607:f8b0:4004:c09::84
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::8b
2607:f8b0:4004:c17::93
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1b::9d
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
3.161.213.102
3.161.213.103
3.161.213.111
3.161.213.29
3.161.213.3
3.161.213.4
3.161.213.40
3.214.33.241
3.224.6.94
3.225.218.10
3.229.81.23
3.233.23.249
3.236.169.124
3.5.9.19
34.102.146.192
34.111.113.62
34.120.107.143
34.120.155.137
34.150.170.96
34.193.251.250
34.194.154.144
34.194.161.83
34.199.116.44
34.206.99.162
34.224.254.163
34.227.43.106
34.231.224.100
34.231.250.139
34.236.229.2
34.237.132.177
34.96.70.87
35.173.162.10
35.190.38.143
35.190.39.111
35.207.24.140
35.211.118.13
35.211.178.172
35.214.136.176
35.244.154.8
35.244.159.8
35.244.193.51
35.71.139.29
35.82.223.115
37.157.5.132
38.91.45.7
38.98.69.175
40.76.134.238
44.215.250.220
44.218.239.184
44.219.54.255
51.222.239.232
52.2.41.65
52.201.6.220
52.202.66.82
52.223.1.76
52.223.40.198
52.45.141.6
52.46.128.147
52.71.125.247
52.85.107.191
52.85.107.60
52.86.159.66
52.95.118.179
54.159.20.108
54.175.110.69
54.192.51.110
54.192.51.117
54.192.51.48
54.192.51.51
54.192.51.61
54.192.51.62
54.192.51.7
54.192.51.94
54.208.255.20
54.225.160.26
54.230.48.133
54.231.199.129
54.242.242.79
54.243.186.52
63.251.28.233
63.251.86.49
63.251.86.51
64.202.112.255
67.202.105.24
68.67.179.164
68.67.179.87
69.173.151.100
69.194.240.13
69.90.254.78
74.119.119.150
8.2.110.134
8.28.7.82
8.28.7.83
8.43.72.97
8.43.72.98
80.77.87.161
82.145.213.8
01b5bedbf089e7be9e47f79a2d73c4270aed84ec81aebe720608ca8ab6d3b13f
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
02a8a793472ec4c530efc75a259ac3ccafad18a1f56e68932ea3d8a2daac8481
02f54d4307de45883a6ec5a914c1c0c939e210b1139cd04a7dded2a08e47b92b
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880
03827037016737f57d86b93d6de8aeebd412ea68ceaebe1c5e5d588708edc2fa
03aa4e15ede6121b5ed04c6895a07077a1305750e4c347b3e8b620fde78446dc
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0434876e7d92bffd1b52b92c701b8b3e582e5a828a3671107a902f168e6f8b6f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12
07743779ae2fa5aad24754153ec3d919d11a7bc7896f8d5f621edad1b54cd1fe
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ce49c63580738406cf9dde96aca7fd4590b863d0206d274178765078ba47049
0e5288a134354c7941b7c097a89643675fb87515e89e772a7727f89dabf599cd
0e5b64e490da6d911d12e2ac4e309660150606f2677458cfa0fea036959d669a
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
111d5bfb1cd693f93a92bfaf5cf42c95066c69cf9106c74f4e0d3e3264976232
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
169bfb3e9a6215130ace91e9402ba1ff5b9febd7698423f90b81138055b8e5bd
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18b8456c9d0022c134747eaef46776d891ba1eda3378160ce80b4ea4d9ee124c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d15c4c95f6262b7bf7147fb6086e8c4b948d3f9dcd8db8199095b79d91b5785
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
1d94c96db9e0666e51f97a821f8d812010b44ae4d25683c25ba71d45ae622f70
1ee131d129c68325349acf5a7218356d15639414a8469da821540f2d8ae8d9c1
201b758435c1faa868c18c76b7d1c360244286af8360726c47e68f4bdf8e72ed
20d36b1439759089674dc4d2a6bc17436719a75911b63398b54772458dc709c2
20d80aac4798ea300bc6b175a2f5d16c01fd17ca0156449c6f9587053be9889f
211a6432ff9a6ab2146084edfdcfcee4c21318969c2ac10f898573c0ecdaa7ca
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
26810bf3a8e82eb81590c8a3cd0b8d92a0c0b1d36edfe083aa0031713629a6f2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28bd191bba13945f81b09f2df5f54b9208309f4da0e7bb202c1e61c7adf039b9
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
29beb4490953eb97f62f5663ca5f79bc46eea6a46b165ecef579f2169869ba39
2d4d2bd4e48ab5e89d0a54696735152558f0ab07ad226d992afe385b40615f6d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eac634c1f9fc692c8d77e151e0a83bd3d5f277d8e448b563e2feae0c320a47e
2effac50ad5a154ab9945476113a5608cded0f8b3d60804b84bd84dacc1cd9c0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3298bdfdcf3cc6b8bac3088bb71036c0be9eba411cff6c6902b1d53e63124adc
3328466a419a882471ab33ac36e8340f1ec0cb1da5589a4cd9667d738799c3c3
3382451087cc8fedf4501fc59e173c8a5700c5dd049b2b402f98b8a7dea27c29
33f14ae9673d45e6bbb13b1ba87ad7c921a94aac50a784ada02492975b9af009
34945e57183f095b83b2afddd4768243e33633e4431a9bc7dc06a421dacee7b3
36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b
385b775f1349e9d369a6c6f63a0aafc11c22515ca8c97f2303038a2c6cdaf858
38b61616241485eb77e31163c5823ad28536f8a6a3dc816a0e45371fd60572e1
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39418a8ea55e8f834cc763a97291657a316eb88dd4791a1d4e5e6a8664ebc427
3a3c1e3853ef1b0e2c22faf221e7d93dbd774af6df2915cbf7483272d6c9f098
3a67fe1e3752a0a0fa3db75543bb7eaa6acc2e9627f903967e93225e205eb987
3b69084537e14d513867b7fb87e613b80d41f7ba755043e42884a2b3a2054412
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f965e488c6facd9314e8f10cf2c0602d17013476800678e32cd6914d76e342b
3fa367d34569889ac9e1e8bb31eca0070e5fc83593e767664a7df5932209ba6e
3fc4c29adc43c41f1e51626a3303ac4167de485cff7944b8da081c594dcb52b5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41e8c3a8fee9181a498f995942d949653cb52ca4373bea78f05287c9f52615f0
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
436945ce21d8665b3ab00705d2f41902ab5f361898b4b20c848ece6cf54d3add
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4480e33331a1b012e906d76c1825d6ae300c0b6fa4d1cda7885687f7647326a1
44d6b391dd5b74340f595ae2281740da78b8373ab78173f51112e3aef23d3011
4636bd76eb8e4327db8ed5adb0c85f9b56b70bceae25d6c8559ff583c0eee8ba
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469d50d4062e614cc418587b0125a2940cb999b28ba9827f22fa300f55e74edb
47a91e2c6b3a88f4bd6b4ac87812b75db9ccd280c8086cd6389985572083ff9e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e5e7b0ac8673aecdc794f8379d9211aeb61a232a41c0bc9fa3daad6c109ad7
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4a22a285f4b33ee0625fd971bc53ee27c3c43748bba6e2116487eb118e11f446
4cbe8ac6e6af6eac54852138a1cd53677312319aa07fb5554914c83bc3801473
4de3df3f8c41b969312c7f8fb0ec105ca4ceebfeff99e9c4c6552f017c8aeb2e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51540eb57b2c3e809c1a6f8609bb3fea3df63ef7b56787365d051e505ecf9b30
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
5434522c8761b36afc7dcb489bee6c4a3e76aae979f038b208cde46dc266880e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5686bcb387468aa4aee44c7777977fb187f48cd6c324171647e2342ebfac423b
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5853ec4c84ebfe02e00df7f648a94bc665aa0122de1fb8913b9ea22f33c80ddb
586d99048ed73602bfb66b9b75d5f3c6dcd8f637f505beb2d4bd208e0353b410
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58fbc2127a1f3c82b13902836898549eb42d325f23e6c662d886ad7a160d3ebf
59a12246a69e87f41550d1ed2ba66ba5b2554fe02422f9c2a4efe1543d1cf055
5a279f09619c0564f394333bad7eed4ff0bcb434c0c90a78360ae4c340a194c5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad0bf69a3ce13da070ab7b786b102513383c7bd40e250b34ecbdfa88190a568
5c7c5fa13d5a9b7c3d11627a2c19cd4f84fbb489180c121d7d84a00f8efd344e
5fb9ac579910ab536e751ed81269bc3b689929d2511b1b8c12a4cc35ad5211df
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6160a40c7dd384878881cbdddbc1b39feb9b61922a7618a1644592ad46543635
61fb9ecb56528cc228f4d64f01e4318c7810d78466892c55b741832d53452468
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
690c68b9897f318844a2f28a0e56d24a1abb22d38fbc076d7adeaa0eac7c50b8
69676c18aa998429f13027fc42adf38f122e3c1fbcc2e1bd36e3b39372eb79bf
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6ac4ad55b2c03f95d4937ac643e15e9b6403c392153db295845ce92cef515ad1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c86a31c37afcc73acab5acf33237be17ed5b6ccf524fb37cddfd91a75a523d9
7054e9ff15ada74061b157c6c0ca6c15a41190bd178a49e4cf9b59d75088ae18
71ace2500d5609dbd1dfc05d418a942eb1b973aceaaa32b38fc1c0c136dc4be1
7230caae5170b5f9f84e9f447a59024c3623fae4af07c3bd51c4e9dfb0ccbec4
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
742448ea31bdb64f0f8b8fbd4ba6cbdcd52918345e3dabbcd211107ad8d9b8bd
75a54ec4d564ac9b82d7c73f1415c72422ffb9b2f13150a8305d027805abe8f8
76ca11ae21d918eccd53e6128283a0e7e8a84a2cb528a092e7be0ce31934b345
780c6bbb6af26bfd0e7fe7d36eab7dd6cfe905656061f72763a54719834afef0
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
793b1e3ce4434890057ad13bbeb745a152ca517e5fb962266b2679fd161d4f35
7a273cb605b12cece1b2553c8b15c9c540b8792ef54225fe11d7f0ca1c0da13b
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425
7a8c3a779627c3f4bae104822dc8c1012abe052e23f952f437dfa4465777a30e
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7f73b7bd2f95f7f086c8fd4b30dd9319cae31317d20ac4a8a72ebc36f8735337
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
804c82c1f71019d6f077585d76d632a0359fffe3ef1c5b3a3cbfc80319b4aff3
80d40cf8e722e9c6e8a441de6f1d8dbebf07a901f460df19101d07230a8a143b
818b515528e75d20a6c1714a3b808a2877a724d51c984a0bd9e8c244ce9ce3d8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8526d182c11b6c19f332b046c999f09f0c142e41356638b924b138240870c328
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be
879bc781024f699dc1df4d5c78e103e6768e94a875d7eac185dc0fef072c195f
8b5c370454ff106b1643e3455112829656290a3990a42d23f2d4fcf77d903771
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
933ff38629199ba200d23e1a3afda3ca9cae06352169926a4609942ab4d3742b
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468
94f21bce369a8f9527205fdbdd4d7a310695cd522d20af1c189768865b41737c
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
9cc3e2b1b1eb51fd9db6b68802f83503494da68bfc842c7ec252a2d7a599cc19
9dfeecf1f5ac97918efd75174c242389d32601c8a385026998c5e3e8cd89622f
9e2cd5cf5ac2a6b89e15b8cce5a8101933df50f00c9edab5c4b916a5fc26a32f
9ff4bae221a902760c0269d72a02a8e7abdb54597f9a1872a4212f4a5a463ed5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a127b945b9378e8f1dededc5fbabbf87867f3f70862000590e6f0ee2fe2147d8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2b6f5da3d243d7c21c75017ec2b82047f3b9a0bc63e9d5eb7224b361d8cdee6
a429760b51e3faf5f09115441a59177dd751344d10ee2b71c1d4196657ba6072
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5409ed14e9dff7a05818b8dbedd143cf9dbfb9dafc9cb643c7c8b7b75ed94d7
a6c169dbf34be0654a382729b525a36d66d224d217b7304ee98f60b5e2855141
a8d71dfa24aafe0bf43ab5e34305a2985b03aed36cefc87083d200a38258564e
aa960feba6b3eb0b485b606c7772798fcff550a32b19ae0b7d7f5ea0b410972e
ab2075a3fa792bf635d66e2f7b5f14ea12e0fc69dda30872fc6035168ba4f9d9
ab92b18a59665c47cc5f96d3fbc51c8f534d7e502311a05f9c842ec06badd8ba
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae425bb9fff120229fc66feeaee0d88d697f13d2b29bf148f539861917d4ff6f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af23b8f21cea418d2f5e814675580bb5ab5b5215dad3aa741ee42f8725c9b70c
af4566bb9dc17bbdac65cb62445451255ccec18c0698ac5d04c825ccb1b12e24
af8901207a222a14c439b55f98ce12946fe2e5c8a2848d01a0fa614c5dd0d52b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0cafd16bf0a7c3f7217d764a4d01f1394bc19052eb6b2cef6ff6800ef7e9459
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b179305b9fc7a2031f6689b48fd50173230d548a98a8818d6275ca1dcfe2ed6c
b21e569b1ca6bf7d2bcfde00202b46f8dd9aa4fc41857959656f3b9dae8e1351
b452c0f212e8bf33965905032f5ba1fae29cd6f9539dcbc673704e66ce943b2b
b59d95c1e06a1f6e95dc2866e03eb15bc1b7aba96f38dbd418eea32922d941b8
b6b7fdb86156778e845356bd7e5a5115fa013e525f6ddb6e604b8f31de1f5b7a
b85b06dca3cce8ec606cb50ebeba6a38e08afd939ef539ca2bae0d9fa663da5b
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
b96832ee49d210ef7b2adf148c33b05b9cf79278df177af263e13731769fa352
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f
b9f892139e697bb9ea1db18fdec0a6ec24e17e388e833963adfcc783bb110d4f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc96ea6e178463aae045454a8bb583cb8678f20c922a20723bbcdb0b0f242816
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c030976160d2f94ee3af14a29df23f12d62e14fb9c9864e0078b69e7628eea82
c0517007ea2c25cd1f1638d862e7640c7e5ae5221670a65c9f47f413933a9d75
c18c7f74402ed48d7965211e912562fe04fd341627655f10f481071fe7fe2339
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c7807a63bfb99c4cd39153c49a80faab37763222231c7ec804944d6b621c7b
c552d48560eff4890e02cf29c6f7cdb7ebebfcabaa47e11fa8c6545bfcad677c
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c76875c22e10441844237aa49697e7e41574fc3e908b234284b5cb1d751bff75
cc0c1be5c480b126b4c776ad4c2b29bee9663e1da188a965f2c0beea327dc558
cc23c5ade7aec2044bf18d58a59e25695b11c9ff084cb8e3d9ef55ee05fca7a3
cd5305aaccbc382fb52ae0a1f144049762378d831f3037daa6b24568e0f09be6
cf31b0ede186f90ce285c23edb0f0ce01017b8c0ea6d84704ead5e3d0c458472
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7ae5594d7b69e87e8ebf8db4114699053bfecfbd004bfb7332df943055a506
d0ef3c7799e3c9c428e77633c733c2ba9eee2abb80a35284bdeaeb47650b7afd
d29bc0e97e4af8d4ed85e818acc3ae8d8925cdbaa49b8fd1156e55301a1311f2
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26
d457248269e139ab67869b96c91f7fc79743b4f588c4528ae933ccfdea3d491c
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d91fbcc8e4a27568606581483913e6e04b5bae65e14cc762e92548a869c92f9e
d9e057fabfeefd905697e28192598d51e244a2f91caa08593ff51d120628c108
dacd4dfdb76f7718da8064f80da26c4e441a0a200849023714dcb3ac7e300d33
db474dcae6035d74edd4ebc274e72dfd03922a986af20695b13e292c817b78c7
db605a80bbf93129d351ebc9ef9e229f9534e541f32790d61a22d17331d1888c
dbdbcd8746cbfdf2ad800f09c5e6ef1e9d0047aca8418beb8dc8d37f37900ee6
dd54a7a394c63521472537a1acb1676439548119d0f575b78b5cf47f38cc5fc6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def6a9d822627b0ea4a61278103db2436736304a64d6c3efb2557984528f8f25
dfa2ab5be05560c78bf62374a8810f6d11a44dc50a8764840f2616f2c70d6610
e032575ce4b515c457c0cf6c2dc05a33265351dfc72365e353669418cfc047d0
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e20265ee3992793f8dc4bf778201758df1125d7f930a5dc3419942caea567563
e35a8d4b011d3286bffa7bd82d942eb9aba91825d5bd838791a1ff53614e0101
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e442d8fbdfdb56a0fa6620ffc49acd02a509264e1658ffddb863880ceabe12b3
e7a7a7844900f4f74946b5f6fd65cab891175e81f0d79eb03a2907a927cd2bce
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5
e852b386d3ae06783482fded53687535e89177a2ec9b80bc9a8d5397a0ff86ac
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ebd99e04866a4c3d4ba640525753d0a33aefad222968799e05fcede5bdb2878f
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05d0ca07142e2322ffc74112922cd44ee6b77ea348b8904694f81d1633aff69
f25e5ffa2192907bd3d6a53115ba872c84831dbf2ea103607a49e719b077edca
f35a7a3eb28e1da39e87276b8f75d6203b808e26b63218ffb0be3fd62e0de605
f3c47ba93a22247b51ab1096b4ab259a3bd8651ba1d67255773fd3bfcc603e36
f486dcad1402002af6f9fee8cbe1f301710b828ea0740abfe8672137ef6e02f8
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f619b5db5fde67c6d3adc8de287afd737e9198b8a20e862f236648562905d09d
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f687aa3c27e9693d1f4c151ea2c0ebdf3638c6319dc8b490a7ec9f57ecfcee9f
f74bdc0200f9c8d50423e581ea9592e46e5d4301096345087336c6b8e13a184c
f858ae5e5c135532fcf7416e240b27352ce451f1ddc83523b6e8ad747c14030f
f98b6ba4ba3ea18e7befc51c3a053323486afd895074632aa8e19e178a928a02
f9cc5780a760ef346eca5cdb510b313cb32c6de66fa7f850d94defc49171c764
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbbd74a23df8bf9e61fc6839f10c2b016f6466f87aad6b919860a3252605ad37
fca1b23045b6c777d30be22aea1e625ed8240bbc298886c7f3c1fce209ebbac2
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f
fd829029d2e658294db89024b1cdd87d2f2460abc9e5e6fa4efaed2181108ed5