www.chicagotribune.com Open in urlscan Pro
2a02:26f0:11a::217:9a50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi...
Submission: On December 20 via manual (December 20th 2022, 10:05:27 pm UTC) from US — Scanned from DE

Summary HTTP 220 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 56 IPs in 4 countries across 39 domains to perform 220 HTTP transactions. The main IP is 2a02:26f0:11a::217:9a50, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.chicagotribune.com. The Cisco Umbrella rank of the primary domain is 37102.
TLS certificate: Issued by R3 on October 24th 2022. Valid for: 3 months.

This is the only time www.chicagotribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2a02:26f0:11a... 2a02:26f0:11a::217:9a50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
10	13.32.110.126 13.32.110.126	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:116b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2.18.37.49 2.18.37.49	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:205... 2600:9000:2057:e400:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.56 13.225.78.56	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.215.80 143.204.215.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:802::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:dc:... 2a02:26f0:dc:18c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2 5	23.64.52.69 23.64.52.69	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.160.249.74 18.160.249.74	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:3600:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
5	2600:1901:0:d... 2600:1901:0:d733::1	15169 (GOOGLE) (GOOGLE)
1	18.66.112.11 18.66.112.11	16509 (AMAZON-02) (AMAZON-02)
4	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	13.32.2.61 13.32.2.61	16509 (AMAZON-02) (AMAZON-02)
1	54.230.18.13 54.230.18.13	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.110.63 13.32.110.63	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
2	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
6	52.203.252.49 52.203.252.49	14618 (AMAZON-AES) (AMAZON-AES)
1	107.20.111.5 107.20.111.5	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223f:a800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	52.44.88.224 52.44.88.224	14618 (AMAZON-AES) (AMAZON-AES)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:4200:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	52.223.1.76 52.223.1.76	16509 (AMAZON-02) (AMAZON-02)
3	34.224.131.223 34.224.131.223	14618 (AMAZON-AES) (AMAZON-AES)
50	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	34.215.225.95 34.215.225.95	16509 (AMAZON-02) (AMAZON-02)
1	13.32.110.42 13.32.110.42	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:dc:... 2a02:26f0:dc:383::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.86.240.58 99.86.240.58	16509 (AMAZON-02) (AMAZON-02)
1 8	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
5	13.32.110.67 13.32.110.67	16509 (AMAZON-02) (AMAZON-02)
1	52.222.139.112 52.222.139.112	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.113 65.9.66.113	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
7	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
1 1	2.18.79.141 2.18.79.141	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.18.79.138 2.18.79.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:11a... 2a02:26f0:11a::217:9a5a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	() ()
220	56

36 2a02:26f0:11a::217:9a50 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

www.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.110.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-126.vie50.r.cloudfront.net

r610.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.37.49 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-49.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:e400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-56.fra2.r.cloudfront.net

assets.zephr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-80.fra53.r.cloudfront.net

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:18c::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0217991c.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.64.52.69 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-69.deploy.static.akamaitechnologies.com

www.tribdss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssor.tribdss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.249.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-249-74.ord58.r.cloudfront.net

dynpaywall-api-chicagotribune.ml.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:3600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

smoggysnakes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-11.fra56.r.cloudfront.net

tribune-chicagotribune.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.2.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-61.vie50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.18.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-18-13.ord51.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-63.vie50.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.203.252.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-252-49.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.111.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-111-5.compute-1.amazonaws.com

tribune.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:a800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.88.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-88-224.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:4200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com

collector2.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.224.131.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-131-223.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.225.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-225-95.us-west-2.compute.amazonaws.com

authenticate.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-42.vie50.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:383::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.240.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-58.vie50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80e::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.110.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-67.vie50.r.cloudfront.net

zephr.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-112.ams50.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-113.fra56.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.141 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-141.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.138 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-138.deploy.static.akamaitechnologies.com

3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::217:9a5a (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 937 trc.taboola.com — Cisco Umbrella Rank: 664 trc-events.taboola.com — Cisco Umbrella Rank: 1573 am-trc-events.taboola.com — Cisco Umbrella Rank: 16662	264 KB
52	chicagotribune.com www.chicagotribune.com — Cisco Umbrella Rank: 37102 r610.chicagotribune.com — Cisco Umbrella Rank: 85439 authenticate.chicagotribune.com — Cisco Umbrella Rank: 157688 zephr.chicagotribune.com — Cisco Umbrella Rank: 96695	2 MB
16	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 5891 play.google.com — Cisco Umbrella Rank: 15 www.google.com — Cisco Umbrella Rank: 2	62 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	241 KB
10	sophi.io dynpaywall-api-chicagotribune.ml.sophi.io — Cisco Umbrella Rank: 154884 cdn.sophi.io — Cisco Umbrella Rank: 19336 collector2.sophi.io — Cisco Umbrella Rank: 24770	43 KB
6	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 971	4 KB
6	remixd.com tags.remixd.com — Cisco Umbrella Rank: 19721 pubcast-files.remixd.com — Cisco Umbrella Rank: 20764 player-files.remixd.com — Cisco Umbrella Rank: 21917	82 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 10226 www.i.matheranalytics.com — Cisco Umbrella Rank: 9916	44 KB
5	smoggysnakes.com smoggysnakes.com — Cisco Umbrella Rank: 63439	21 KB
5	tribdss.com 2 redirects www.tribdss.com — Cisco Umbrella Rank: 45663 ssor.tribdss.com — Cisco Umbrella Rank: 46503	39 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1958 3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1956 eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net	1 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 7316 launchpad.privacymanager.io — Cisco Umbrella Rank: 6447 geo.privacymanager.io — Cisco Umbrella Rank: 1638	11 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3416 onesignal.com — Cisco Umbrella Rank: 1310	82 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1412 mab.chartbeat.com — Cisco Umbrella Rank: 2280	25 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3532	191 B
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1227	401 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 154	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2773 p1.parsely.com — Cisco Umbrella Rank: 2076	21 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 6416	94 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1239 c.go-mpulse.net — Cisco Umbrella Rank: 602	51 KB
2	zephr.com assets.zephr.com — Cisco Umbrella Rank: 50755	17 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383	93 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 296	48 KB
1	facebook.com www.facebook.com	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 6041	548 B
1	akstat.io 0217991c.akstat.io — Cisco Umbrella Rank: 59497	207 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	2 KB
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 15235
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 15556	18 KB
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2620	42 KB
1	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3197	2 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 587	465 B
1	blueconic.net tribune.blueconic.net — Cisco Umbrella Rank: 56114	698 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	zeustechnology.com tribune-chicagotribune.zeustechnology.com — Cisco Umbrella Rank: 99339	73 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	97 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3120	149 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1392	422 B
220	39

	Domain	Requested by
45	am-trc-events.taboola.com	www.chicagotribune.com
36	www.chicagotribune.com	www.chicagotribune.com
10	r610.chicagotribune.com	www.chicagotribune.com r610.chicagotribune.com cmp.osano.com
8	news.google.com	1 redirects cmp.osano.com news.google.com www.chicagotribune.com www.gstatic.com
8	collector2.sophi.io	cdn.sophi.io
7	play.google.com	www.gstatic.com
6	jadserve.postrelease.com	s.ntv.io www.chicagotribune.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	news.google.com www.gstatic.com
5	zephr.chicagotribune.com	assets.zephr.com
5	trc-events.taboola.com	www.chicagotribune.com
5	smoggysnakes.com	www.chicagotribune.com smoggysnakes.com
4	www.tribdss.com	2 redirects www.chicagotribune.com
4	fonts.googleapis.com	www.chicagotribune.com client
3	player-files.remixd.com	www.chicagotribune.com
3	www.i.matheranalytics.com	www.chicagotribune.com
3	cdn.taboola.com	www.chicagotribune.com cdn.taboola.com
2	pixel.sitescout.com	www.chicagotribune.com
2	onesignal.com	cmp.osano.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	trc.taboola.com	cdn.taboola.com
2	ping.chartbeat.net	www.chicagotribune.com
2	sb.scorecardresearch.com	www.chicagotribune.com cdn.taboola.com
2	js.matheranalytics.com	1 redirects www.chicagotribune.com
2	cmp.osano.com	www.chicagotribune.com cmp.osano.com
2	tags.remixd.com	www.chicagotribune.com tags.remixd.com
2	cdn.onesignal.com	www.chicagotribune.com cdn.onesignal.com
2	assets.zephr.com	www.chicagotribune.com
2	static.chartbeat.com	www.chicagotribune.com
2	cdn.confiant-integrations.net	www.chicagotribune.com cdn.confiant-integrations.net
2	c.amazon-adsystem.com	www.chicagotribune.com c.amazon-adsystem.com
1	www.facebook.com
1	eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	www.google.de
1	www.google.com
1	0217991c.akstat.io	s.go-mpulse.net
1	googleads.g.doubleclick.net	cmp.osano.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	cdn-gateflipp.flippback.com	cdn.taboola.com
1	c.go-mpulse.net	s.go-mpulse.net
1	launchpad.privacymanager.io	cmp.osano.com
1	authenticate.chicagotribune.com	cmp.osano.com
1	cdn.jwplayer.com	tags.remixd.com
1	p1.parsely.com	www.chicagotribune.com
1	widget.perfectmarket.com	cdn.taboola.com
1	static.adsafeprotected.com	smoggysnakes.com
1	tribune.blueconic.net	r610.chicagotribune.com
1	cdn.sophi.io	www.chicagotribune.com
1	www.google-analytics.com	www.googletagmanager.com
1	launchpad-wrapper.privacymanager.io	www.googletagmanager.com
1	cdn.parsely.com	www.googletagmanager.com
1	mab.chartbeat.com	static.chartbeat.com
1	pubcast-files.remixd.com	tags.remixd.com
1	tribune-chicagotribune.zeustechnology.com	www.chicagotribune.com
1	dynpaywall-api-chicagotribune.ml.sophi.io	www.chicagotribune.com
1	ssor.tribdss.com	www.chicagotribune.com
1	s.go-mpulse.net	www.chicagotribune.com
1	www.googletagmanager.com	www.chicagotribune.com
1	s.ntv.io	www.chicagotribune.com
1	polyfill.io	www.chicagotribune.com
220	63

This site contains links to these domains. Also see Links.

Domain
membership.chicagotribune.com
join.chicagotribune.com
myaccount.chicagotribune.com
www.tribpub.com
digitaledition.chicagotribune.com
digitaledition.aurorabeaconnews.chicagotribune.com
digitaledition.elgincouriernews.chicagotribune.com
digitaledition.dailysouthtown.chicagotribune.com
digitaledition.newssunonline.chicagotribune.com
digitaledition.napersun.chicagotribune.com
digitaledition.post-trib.chicagotribune.com
digitaledition.napervillemagazine.chicagotribune.com
placeanad.chicagotribune.com
store.chicagotribune.com
www.tkqlhce.com
fun.chicagotribune.com
www.legacy.com
www.publicnoticeillinois.com
www.facebook.com
twitter.com
www.nydailynews.com
www.orlandosentinel.com
www.mcall.com
www.dailypress.com
www.studio1847.io
www.baltimoresun.com
www.sun-sentinel.com
www.courant.com
www.pilotonline.com
careers.tribpub.com
www.chicagotribunemediagroup.com
mylocal.chicagotribune.com
rogiestemelugin.com
popup.taboola.com
om.forgeofempires.com
www.enpal.de
sneakly.at

Subject Issuer	Validity	Valid
tronc.web.arc-cdn.net R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
r610.chicagotribune.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
assets.zephr.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.remixd.com Amazon	`2022-03-11` - `2023-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.trbimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-27` - `2023-05-30`	a year	crt.sh
dynpaywall-api-chicagotribune.ml.sophi.io Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
cmp.osano.com Amazon	`2022-09-02` - `2023-09-30`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
smoggysnakes.com R3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
*.zeustechnology.com Amazon	`2022-04-15` - `2023-05-14`	a year	crt.sh
pubcast-files.remixd.com GTS CA 1D4	`2022-12-01` - `2023-03-01`	3 months	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
cdn.sophi.io Amazon	`2022-10-18` - `2023-11-15`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.postrelease.com Amazon	`2022-11-27` - `2023-12-25`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
jwplayer.com Amazon	`2022-11-27` - `2023-12-25`	a year	crt.sh
*.sophi.io Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
www.i.matheranalytics.com Amazon	`2022-12-14` - `2024-01-13`	a year	crt.sh
player-files.remixd.com GTS CA 1D4	`2022-12-10` - `2023-03-10`	3 months	crt.sh
authenticate.baltimoresun.com Amazon	`2022-09-11` - `2023-10-09`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
zephr.sun-sentinel.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.flippback.com Amazon	`2022-07-01` - `2023-07-29`	a year	crt.sh
flipp.com Amazon	`2022-08-31` - `2023-09-28`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-29` - `2022-12-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Frame ID: 485B503F9F7B72D2368D8E15AFF204FB
Requests: 187 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: CEA104468212EF6E91299EE126352076
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: F65B6CDD9644E35FAF6598FB30050EA3
Requests: 7 HTTP requests in this frame

Frame: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Frame ID: A4DBB804265A263B688AFBA2F735D13D
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com
Frame ID: 97F61B824B9A3507B4DBF7BC9AEEEA81
Requests: 12 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 4B3629533E2471DCA65E8A13F1F3B685
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lansing woman turns tragedy into generosity through MJG MovementGroup 3Group 3Group 3Group 3

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

220
Requests

96 %
HTTPS

43 %
IPv6

39
Domains

63
Subdomains

56
IPs

4
Countries

3231 kB
Transfer

10153 kB
Size

27
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: https://membership.chicagotribune.com/newsletters#nt=primarynavbar
Title: Newsletters & Alerts(Opens in new window)

Search URL Search Domain Scan URL

URL: http://join.chicagotribune.com/#nt=primarynavbar
Title: Subscribe here(Opens in new window)

Search URL Search Domain Scan URL

URL: http://membership.chicagotribune.com/#nt=primarynavbar
Title: Subscriber Services(Opens in new window)

Search URL Search Domain Scan URL

URL: https://myaccount.chicagotribune.com/300/autopaymanage#nt=secondarynavbar
Title: EZ Pay(Opens in new window)

Search URL Search Domain Scan URL

URL: https://myaccount.chicagotribune.com/300/temporarystop#nt=secondarynavbar
Title: Vacation Stop(Opens in new window)

Search URL Search Domain Scan URL

URL: https://myaccount.chicagotribune.com/300/complaint#nt=secondarynavbar
Title: Delivery Issue(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/subscriber-terms-and-conditions/#nt=secondarynavbar
Title: Subscriber Terms(Opens in new window)

Search URL Search Domain Scan URL

URL: http://membership.chicagotribune.com/faq#nt=secondarynavbar
Title: FAQ(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.chicagotribune.com/#nt=primarynavbar
Title: eNewspaper(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.chicagotribune.com/#nt=secondarynavbar
Title: Chicago Tribune(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.chicagotribune.com/eveningedition#nt=secondarynavbar
Title: Evening Edition(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.aurorabeaconnews.chicagotribune.com/#nt=secondarynavbar
Title: The Beacon-News(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.elgincouriernews.chicagotribune.com/#nt=secondarynavbar
Title: The Courier-News(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.dailysouthtown.chicagotribune.com/#nt=secondarynavbar
Title: Daily Southtown(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.newssunonline.chicagotribune.com/#nt=secondarynavbar
Title: Lake County News-Sun(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.napersun.chicagotribune.com/#nt=secondarynavbar
Title: Naperville Sun(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.post-trib.chicagotribune.com/#nt=secondarynavbar
Title: Post-Tribune(Opens in new window)

Search URL Search Domain Scan URL

URL: https://digitaledition.napervillemagazine.chicagotribune.com/#nt=secondarynavbar
Title: Naperville Magazine(Opens in new window)

Search URL Search Domain Scan URL

URL: http://placeanad.chicagotribune.com/#nt=primarynavbar
Title: Advertise with Us(Opens in new window)

Search URL Search Domain Scan URL

URL: https://store.chicagotribune.com/store/?utm_campaign=evergreen&utm_medium=referral&utm_source=navigation&utm_content=&utm_term=#nt=secondarynavbar
Title: Chicago Tribune Store(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/click-8479616-11570746?url=https%3A%2F%2Fchicagotribune.newspapers.com%2F%3Fxid%3D2301%26utm_campaign%3Devergreen%26utm_medium%3Dreferral%26utm_source%3Dnavigation%26utm_content%3D%26utm_term%3DChicago%20Tribune#nt=secondarynavbar
Title: Tribune Archives(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/#notice_opt_out#nt=secondarynavbar
Title: Do not sell my info(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/#nt=secondarynavbar
Title: Privacy policy(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/central-terms-of-service/#nt=secondarynavbar
Title: Terms of service(Opens in new window)

Search URL Search Domain Scan URL

URL: https://placeanad.chicagotribune.com/whos-who#nt=secondarynavbar
Title: Who's who(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/#nt=secondarynavbar
Title: Fun & Games(Opens in new window)

Search URL Search Domain Scan URL

URL: http://membership.chicagotribune.com/newsletters#nt=secondarynavbar
Title: Daywatch Briefing(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/chicagotribune#nt=secondarynavbar
Title: Death Notice Listings(Opens in new window)

Search URL Search Domain Scan URL

URL: http://placeanad.chicagotribune.com/death-notices#nt=secondarynavbar
Title: Place a notice(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.publicnoticeillinois.com/#nt=primarynavbar
Title: Public Notices(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/#nt=primarynavbar
Title: Puzzles and Games(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/game/tca-la-times-daily-crossword#nt=secondarynavbar
Title: Daily Crossword(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/game/tca-jumble-daily#nt=secondarynavbar
Title: Daily Jumble(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/game/daily-solitaire#nt=secondarynavbar
Title: Daily Solitaire(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/chicagotribune

Search URL Search Domain Scan URL

URL: https://twitter.com/chicagotribune

Search URL Search Domain Scan URL

URL: https://www.nydailynews.com/
Title: New York Daily News

Search URL Search Domain Scan URL

URL: https://www.orlandosentinel.com/
Title: Orlando Sentinel

Search URL Search Domain Scan URL

URL: https://www.mcall.com/
Title: The Morning Call of Pa.

Search URL Search Domain Scan URL

URL: https://www.dailypress.com/
Title: Daily Press of Va.

Search URL Search Domain Scan URL

URL: https://www.studio1847.io/
Title: Studio 1847

Search URL Search Domain Scan URL

URL: https://www.baltimoresun.com/
Title: The Baltimore Sun

Search URL Search Domain Scan URL

URL: https://www.sun-sentinel.com/
Title: Sun Sentinel of Fla.

Search URL Search Domain Scan URL

URL: https://www.courant.com/
Title: Hartford Courant

Search URL Search Domain Scan URL

URL: https://www.pilotonline.com/
Title: The Virginian-Pilot

Search URL Search Domain Scan URL

URL: https://careers.tribpub.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/central-terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.chicagotribunemediagroup.com/
Title: Media kit

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/click-8479616-11570746?url=https%3A%2F%2Fchicagotribune.newspapers.com%3Fxid%3D2301%26utm_campaign%3Devergreen%26utm_medium%3Dreferral%26utm_source%3Dnavigation%26utm_content%3D%26utm_term%3DChicago%20Tribune
Title: Archives

Search URL Search Domain Scan URL

URL: https://mylocal.chicagotribune.com/
Title: Local print ads

Search URL Search Domain Scan URL

URL: https://store.chicagotribune.com/?utm_campaign=evergreen&utm_medium=referral&utm_source=footer&utm_content=&utm_term=
Title: Chicago Tribune Store

Search URL Search Domain Scan URL

URL: https://rogiestemelugin.com/5861e86f-c0ab-4988-b212-f5cdf2ef8cce?site=tribunedigital-chicagotribune&site_id=1008941&title=Zuschuss+Treppenlift%3A+Diesen+Trick+kennt+noch+niemand&platform=Desktop&campaign_id=17653734&campaign_item_id=3593343047&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fdb12c5ab7329ee7bcb5ce3434a256667.png&click_id=GiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCDdzU0oo6v_96G469Rc&tblci=GiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCDdzU0oo6v_96G469Rc#tblciGiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCDdzU0oo6v_96G469Rc
Title: Treppenlift-Hauslift.de

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de22&&external_param=3582137393&pid=tribunedigital-chicagotribune&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1d106f6c8729ca44649d076581d85be2.jpeg&tblci=GiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCDJqD8oqKOB0ZiX28ZR#tblciGiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCDJqD8oqKOB0ZiX28ZR
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel2/die-solaranlage-die-alles-kann-bekannt-aus-tv?utm_source=taboola_home&utm_medium=referral&utm_campaign=21716157&utm_site_t=tribunedigital-chicagotribune&utm_thumbnail_t=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F64a1ec6015fb4a162d4100fbafd12d6b.jpeg&utm_title_t=Extrem+unbekannt%3A+1.+Komplettpaket+aus+Solaranlage+%2B+Speicher+%2B+Wallbox+f%C3%BCr+0%E2%82%AC+Anschaffung&utm_time_t=2022-12-20+22%3A05%3A20&utm_term=Desktop&utm_content=3594289322&utm_site-id_t=1008941&tblci=GiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCD0k1Uozcn4ko7siqNj#tblciGiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCD0k1Uozcn4ko7siqNj
Title: Enpal

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://sneakly.at/air?utm_source=taboola&utm_medium=referral&utm_term=tribunedigital-chicagotribune&sl=SN+%7C+ABO+%7C+23.09.22+%7C+AIR&tblci=GiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCDgm1ooqvH-upTDvtOnAQ#tblciGiCXL2FukQzOorqWUiOW8D5pkJ4VdmmgObwjROfS3CgilCDgm1ooqvH-upTDvtOnAQ
Title: SNEAKLY

Search URL Search Domain Scan URL

URL: https://membership.chicagotribune.com/checkout/MTRDigital2/81016?g2i_or_o=MD&g2i_or_p=Modal_T&g2i_or_os=CTWS22&int=ct_digitaladshouse_winter-sale-22_acquisition-subscriber_arc_button_modal_T_______bxca
Title: Save Now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.tribdss.com/meter/chiarc.min.js HTTP 302
https://www.tribdss.com/meter/chiarc.min.js?disabled=international

Request Chain 56

https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1612 HTTP 301
https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js

Request Chain 149

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js HTTP 302
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

Request Chain 161

https://news.google.com/swg/_/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com

Request Chain 205

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p13ppaf78 HTTP 302
https://3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 206

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p13ppaf78 HTTP 302
https://eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net/eum/results.txt

220 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html Show response
www.chicagotribune.com/suburbs/daily-southtown/ 282 KB
64 KB 587ms
88ms Document
text/html 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

505f4f1efb4dd0ba26720499f728fa85b276cbe2161fa73846b3a277a780314b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 22:05:18 GMT
etag: W/"4544a-l++re9JFOJTJaXSWVeykaveAuMg"
expires: Tue, 20 Dec 2022 22:06:18 GMT
last-modified: Tue, 20 Dec 2022 21:52:56 GMT
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=1 origin; dur=252
vary: Accept-Encoding
x-akamai-transformed: 9 63250 0 pmb=mRUM,2

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 69ms
6ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:31:02 GMT
content-encoding: gzip
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2056
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: HGfuQ2PwQaLy9VBTewapP9SsqNkRm_Kya4Yl3yz1hfnSyK3gf8NDaA==

GET
H2 200 script.js Show response
r610.chicagotribune.com/ 133 KB
40 KB 392ms
58ms Script
text/javascript 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/script.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

4fff4fdf9ddb97b73d60aff93cc19a5dfbf9951d3f678f210e87c1718230c05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
age: 124
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 40744
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2022 22:00:20 GMT
server: -
etag: f3d350cdb800c769d2131067550cf16a
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: U_EAvI2SLUdrwQuvIz7-JYTTu6Y58srBYexm9sZzqsOnkkmILeR-DQ==
expires: Tue, 20 Dec 2022 22:13:15 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
422 B 45ms
17ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2CElement.prototype.prepend%2CElement.prototype.remove%2CArray.prototype.find%2CArray.prototype.includes
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: br
last-modified: Wed, 07 Dec 2022 23:49:52 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/108.0.0
server-timing: cache-hhn-etou8220092, PASS, fastly;desc="Edge time";dur=10
accept-ranges: bytes
content-length: 94

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/ 112 KB
26 KB 54ms
23ms Script
text/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5d69cad366a44745729e8bfc3f02b15980701da6ad6fcc6d4158d4eea476df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Dec 2022 21:59:24 GMT
server: cloudflare
x-amz-request-id: F05YT9EE5PKQV0JE
age: 317
etag: W/"8f92cd5a4ee9aa04c89dffca463ee356"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 77cbadc03d2b6937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iMCC/xtaKbvURmN1trVniZ/iexlqfXBrRjeBE5VkGHRb3CpI/Cvq9H3no6ErRPeteVPdUtQTLvw=

GET
H2 200 react.js Show response
www.chicagotribune.com/pf/dist/engine/ 339 KB
96 KB 22ms
22ms Script
application/javascript 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

261cd8c87248d6bc2e29d1a4c90b82020faa40bb6243a1b73054e0657b0d9ce3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ02X53FW7JRCBGB
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 98109
x-amz-id-2: z0g3tu2mHc4TvsC2soJ32US2bjh3kR+rTZ+Pgd89zqRZTg8y2z5cPMl64Nlq4e/7lma5zAHkSxE=
last-modified: Tue, 20 Dec 2022 16:20:03 GMT
server: openresty
etag: W/"32027284f47ce5d1a343154740bf3964"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 22:05:18 GMT

GET
H2 200 default.js Show response
www.chicagotribune.com/pf/dist/components/combinations/ 851 KB
217 KB 28ms
25ms Script
application/javascript 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9a2b97d7aae47bba79d3c507aa950e05461e43928d0aee51201e5fdcb95cfc94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ0E03T82BAPBGQA
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 221624
x-amz-id-2: 11npEcPAs98jWjmT2jawlcIGnkf5/xt/Wl6fPM3EvzrIBXoSft2sJ+PF9dXGguPE4cugmIZaSWU=
last-modified: Tue, 20 Dec 2022 16:20:03 GMT
server: openresty
etag: W/"2bf172334117df33c5d6d9550a0c5719"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 22:05:18 GMT

GET
H2 200 default.css
www.chicagotribune.com/pf/dist/components/output-types/ 34 KB
5 KB 39ms
38ms Stylesheet
text/css 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/output-types/default.css?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e8ea3c65df3dbc6a61526b4630dd65bca327a04024120f8dd5d6b7a6fcc53b0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ0DJ8ES5TBHV8D0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 4608
x-amz-id-2: 28Ntb9rOt/bEGS98FZeb8Hynztl4A7RKB6X0j32xNBj9Iar0lRjJdekF6LpKmo9ORFfzGk4UJE0=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"d0a2e46cd4452139116ccfbafdc8c0ec"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 22:05:18 GMT

GET
H2 200 default.css
www.chicagotribune.com/pf/dist/components/combinations/ 71 KB
12 KB 50ms
49ms Stylesheet
text/css 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/combinations/default.css?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a17a94273cff2fca97148e7ac2b20a58c467ae02b6033eccb02f9e96747b07fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ025978QQQKJRDD
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11825
x-amz-id-2: G7Jn4WEwV7UK8WJsi+bkqbiVOPl/au+0rZyrM3fAsp8F05xcHPwD4yikn4vhpQc7H4aU1bPuNFw=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"1a601fd3073f2daabc4076a1cbc6fccc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 22:05:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 104ms
42ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 21:58:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 22:05:18 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 536 KB
149 KB 209ms
47ms Script
application/x-javascript 2.18.37.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-49.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 22:05:19 GMT
Content-Encoding: gzip
x-amz-request-id: 024RJ0834T5680MH
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: TiB2yBJzoUp36g794ZZInBwhOu5qsBLHzu3nTAxO2dfeFO6I6W+VVGePX3xFj9CNlhAvPIfal+c=
Last-Modified: Fri, 16 Dec 2022 21:32:35 GMT
Server: AmazonS3
ETag: "4f9f244a6d1c98dafe98c9b8b18b1fbb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 98ms
6ms Script
application/x-javascript 2600:9000:2057:e400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 00:43:34 GMT
content-encoding: gzip
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 76904
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: FrqtyrLMJt77nDFJMN1tGO3fWmb8_Bg5FUrSLMVQTGNyN_qKTFrXDA==
expires: Wed, 21 Dec 2022 00:43:34 GMT

GET
H2 200 zephr-browser.umd.js Show response
assets.zephr.com/zephr-browser/1.3.9/ 39 KB
16 KB 67ms
7ms Script
application/javascript 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:50:49 GMT
content-encoding: gzip
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 11:02:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 12284
etag: W/"c531ce77a9ff6380e9671dee680a2102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: eQgfPVgXRaYrpEK4-n4Ug0k0MVIvdLQCt5YJz6iZzKzjaAu7xynTBA==

GET
H2 200 zephr-minify.1.0.1.js Show response
assets.zephr.com/tribune/ 1 KB
1008 B 67ms
7ms Script
application/javascript 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zephr.com/tribune/zephr-minify.1.0.1.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 09:02:10 GMT
content-encoding: gzip
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 11:32:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 47001
etag: W/"d9f4fec80c2b61c13ef9d38b99f5708c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 0Hrh9X5C2cwZp_yTklVsGWLDZirP6JkX_4J19yAZrpO2HxORG91IEA==

GET
H2 200 HXNYRVY5HNCL5CE63SGLJM3EWI.jpg
www.chicagotribune.com/resizer/DMdvRIh4qq-5cgzOTbZL2DqQF-Q=/800x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 52 KB
52 KB 341ms
339ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/DMdvRIh4qq-5cgzOTbZL2DqQF-Q=/800x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/HXNYRVY5HNCL5CE63SGLJM3EWI.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

14db414b93ad787c1dbff2a9810bad726d4a668f9771d14f7b9e0ac4a07fcd16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 16 Dec 2022 11:00:31 GMT
x-serial: 1328
server: Akamai Image Manager
x-check-cacheable: YES
etag: "649b925633a3b43cdea9e3cbb99b61fd740e43b2"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31150418
server-timing: cdn-cache; desc=HIT, edge; dur=305
content-length: 53105
expires: Sat, 16 Dec 2023 10:58:57 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 73ms
40ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1389
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 77cbadc0ee70bb71-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 23 Dec 2022 22:05:18 GMT

GET
H2 200 Menu_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 1 KB
974 B 42ms
40ms Image
image/svg+xml 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/icons/Menu_Icon.svg?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: TP6BH29YHYG3H6PG
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 505
x-amz-id-2: a+AIGJRngf2OVBYVYXjCiKk5I+YuxMWqzl8T5UHu38BBEAqFHmYQF9H+dtC2QeCZ3xbWnoOEJ6c=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"3078b03aa176e280460db6374ed5934b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 22:05:18 GMT

GET
H2 200 Search_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 1 KB
1 KB 42ms
40ms Image
image/svg+xml 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/icons/Search_Icon.svg?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ00DDT0X4MN0VWK
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 700
x-amz-id-2: ans4xHWboKshPeDQD4ND56SWfF9JjZ4G0oQ1b4zgaP8sR0a/HrVTSmNqwXtSnVadydZRtZxMczk=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"d947de375e50e50a1aa4f7951e3c56b0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 22:05:18 GMT

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 34 KB
10 KB 67ms
8ms Script
text/javascript 143.204.215.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-80.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:13 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 15:31:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 23
etag: "57b6f8ad4125903b7e06bb427c232d10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=1800
accept-ranges: bytes
content-length: 10041
x-amz-cf-id: bdKt0FOImpfYw-TEjPzQqqRlvZUwXDX6jCyXblD_Omp8IRyaBRXtvg==

GET
H2 200 ct.svg
www.chicagotribune.com/pf/resources/images/stacked/ 727 B
927 B 47ms
45ms Image
image/svg+xml 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/images/stacked/ct.svg?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4de3df3f8c41b969312c7f8fb0ec105ca4ceebfeff99e9c4c6552f017c8aeb2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ0CXCZPWZXHK507
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 460
x-amz-id-2: 5GdDPFrFHTJBk5ztmLC85Of6d2OY4+F6xu3W/e36eMoAY95ahZj1dNT3WmkmWe+FDgQcbK8moTM=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"95a011625b282ce688af84fdec6cf2ed"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 22:05:18 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 19ms
6ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 06:03:40 GMT
x-amz-cf-pop: FRA56-P6
age: 57699
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: udzouH0ks2C592RtKna3ldGppOc6S4MhdCbHdDOLDcpG-adVGGxxig==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
97 KB 165ms
103ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

139cfda4f3825f41d13529632bc3c69b6663d87012a50365edf567dff773badd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98542
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 21:17:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Dec 2022 22:05:18 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212121148/ 210 KB
66 KB 22ms
20ms Script
application/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 16:50:50 GMT
server: cloudflare
x-amz-request-id: G89CHWBR1F32XCA0
age: 702759
etag: W/"a295e934190c6de7fe47fed7fbac382f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77cbadc0bdfc6937-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4GpgSms8oQ5ATg41F7JTDDJQ9OYtz7muzLdiCjgFOWuSuhK/U3YWAVtadGQu0gDeDGi4nKLCDoQ=

GET
H2 200 DA9NK-5NF4A-5FWA6-EFVPV-RL87Z Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 57ms
18ms Script
application/javascript 2a02:26f0:dc:18c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:18c::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:18 GMT
content-encoding: br
last-modified: Fri, 25 Nov 2022 22:17:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 80ms
20ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:53:44 GMT
x-content-type-options: nosniff
age: 97894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 18:53:44 GMT

GET
H2 200 DFHD762CSRCTNNGL4RTUVKZBOY.jpg
www.chicagotribune.com/resizer/jhXHlM93zL8poRBvwtHD6kfvMuQ=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 90 KB
90 KB 345ms
343ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/jhXHlM93zL8poRBvwtHD6kfvMuQ=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/DFHD762CSRCTNNGL4RTUVKZBOY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2e8abd1bd35c53e27e8217456b80f258f45b0c4f0a7c4eefb30f9749f055c1cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 16 Dec 2022 11:00:33 GMT
x-serial: 1084
server: Akamai Image Manager
x-check-cacheable: YES
etag: "b1ddc51f6101ef238372428ed47782e9c9a7eae8"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31150408
server-timing: cdn-cache; desc=HIT, edge; dur=314
content-length: 91895
expires: Sat, 16 Dec 2023 10:58:47 GMT

GET
H2 200 G5MBQKC4PRH5NLY5W5XHXSJZRQ.jpg
www.chicagotribune.com/resizer/-eZjkZdn54LvcKHBU2qc6ElM-Lc=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 108 KB
109 KB 338ms
336ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/-eZjkZdn54LvcKHBU2qc6ElM-Lc=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/G5MBQKC4PRH5NLY5W5XHXSJZRQ.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9a9cc873978e850d993c6ea059d54da6a4a1d7be8b3b11d83ffc5e34ba97d32f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 16 Dec 2022 11:00:32 GMT
server: Akamai Image Manager
etag: "30a31246f16fde7efc6571019039f9d843a75b9d"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31150661
server-timing: cdn-cache; desc=HIT, edge; dur=306
content-length: 110569
expires: Sat, 16 Dec 2023 11:03:00 GMT

GET
H2 200 TFXJ7V35BKCGBDCNEXRJDBNM4Y.jpg
www.chicagotribune.com/resizer/QjR7ysm8FJZRY4eICWf1BPS9p38=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 266 KB
267 KB 55ms
54ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/QjR7ysm8FJZRY4eICWf1BPS9p38=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/TFXJ7V35BKCGBDCNEXRJDBNM4Y.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

baff27315285aafa5071a85603694284141f69ad88c77ef68241ff8555e5f1fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:51:31 GMT
x-serial: 1904
server: Akamai Image Manager
x-check-cacheable: YES
etag: "69abbc9273f44519760edb8546ace485e9b55577"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31535130
server-timing: cdn-cache; desc=HIT, edge; dur=15
content-length: 272705
expires: Wed, 20 Dec 2023 21:50:48 GMT

GET
H2 200 DKP7Z2BUMZFRXPN2HOI5SD4YWY.jpg
www.chicagotribune.com/resizer/3PD4RtZ8TkE0hqyf0KNGE_wGWLg=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 171 KB
172 KB 59ms
58ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/3PD4RtZ8TkE0hqyf0KNGE_wGWLg=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/DKP7Z2BUMZFRXPN2HOI5SD4YWY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4af436546062a267e25a9ff089d0d1a2dc9e0baf86765c2a382f770e9365a6b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:46:33 GMT
server: Akamai Image Manager
etag: "57223bd400794a019150ef05f9edbeda5ae9818b"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31534812
server-timing: cdn-cache; desc=HIT, edge; dur=8
content-length: 175107
expires: Wed, 20 Dec 2023 21:45:30 GMT

GET
H2 200 HEEDCWVT2NEBBLEM5KPRDBZFCA.jpg
www.chicagotribune.com/resizer/gBe87piCZyMrpw4tBmzncEl9B8I=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 78 KB
79 KB 59ms
58ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/gBe87piCZyMrpw4tBmzncEl9B8I=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/HEEDCWVT2NEBBLEM5KPRDBZFCA.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4de5a2bd3f00d6c188b3caa2f8c0c6cc3080941985328ede8274e2da5b8e323e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:41:33 GMT
server: Akamai Image Manager
etag: "2fad57657eeddacc3d7a8784b9fb4ff9314517d7"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31534460
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 79856
expires: Wed, 20 Dec 2023 21:39:38 GMT

GET
H2 200 ESZM5JXL2RE3ZKWT4PAYUT4IEQ.jpg
www.chicagotribune.com/resizer/w8eqnztvVOgnJOsIQT0cIgSVUJc=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/TPu-HKCOJJo-BfY75QcLhWCXI4s=/cloudfront-us-east-1.images.arcpublis... 3 KB
3 KB 87ms
85ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/w8eqnztvVOgnJOsIQT0cIgSVUJc=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/TPu-HKCOJJo-BfY75QcLhWCXI4s=/cloudfront-us-east-1.images.arcpublishing.com/tronc/ESZM5JXL2RE3ZKWT4PAYUT4IEQ.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5b96b81ae4d12086287a1d75eb13d2377f035cc91c20e4a5ee8421ad96719540

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:46:47 GMT
server: Akamai Image Manager
etag: "d115604c1931e7d88fe1d8bc520e85edb89e6de6"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31534887
server-timing: cdn-cache; desc=HIT, edge; dur=59
content-length: 3011
expires: Wed, 20 Dec 2023 21:46:46 GMT

GET
H2 200 S2MXVC44FJAEDJ7ZB4JTHZ6KRY.jpg
www.chicagotribune.com/resizer/LsH7slqpLe3dPNAgbavWE1qerlc=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/42OlyWBlKCX-sqAOS71Bgb7Qix0=/cloudfront-us-east-1.images.arcpublis... 3 KB
3 KB 99ms
97ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/LsH7slqpLe3dPNAgbavWE1qerlc=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/42OlyWBlKCX-sqAOS71Bgb7Qix0=/cloudfront-us-east-1.images.arcpublishing.com/tronc/S2MXVC44FJAEDJ7ZB4JTHZ6KRY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

848a34a269b0a7e7e682362ed5189ee271f6995f85621315c3c1937139a00c26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 19 Dec 2022 17:52:09 GMT
x-serial: 162
server: Akamai Image Manager
x-check-cacheable: YES
etag: "57503da4e31a0c03ad7120807468c0fde9139d0a"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31434355
server-timing: cdn-cache; desc=HIT, edge; dur=45
content-length: 2911
expires: Tue, 19 Dec 2023 17:51:14 GMT

GET
H2 200 IPQXHX4VBNFV5M6U5C5QVU6NLM.jpg
www.chicagotribune.com/resizer/sHc5ZOtdtWIh3371x1bmgPN5FEQ=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/7GPNiZ91M6Mnae-zl5J5kscdC4I=/cloudfront-us-east-1.images.arcpublis... 2 KB
2 KB 86ms
84ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/sHc5ZOtdtWIh3371x1bmgPN5FEQ=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/7GPNiZ91M6Mnae-zl5J5kscdC4I=/cloudfront-us-east-1.images.arcpublishing.com/tronc/IPQXHX4VBNFV5M6U5C5QVU6NLM.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

17f12ac7f20e79425daf1c3a77824a189660b2154063ea202a32199cbfd8d4b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 11:36:58 GMT
server: Akamai Image Manager
etag: "f76b5d88406f41a78d652fa10f14a1f492e7fc94"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31498301
server-timing: cdn-cache; desc=HIT, edge; dur=36
content-length: 2145
expires: Wed, 20 Dec 2023 11:37:00 GMT

GET
H2 200 E6PGMATEJFFQPD64OZHUJIFXZQ.jpg
www.chicagotribune.com/resizer/d77MMDBNNHyNwwVLLMZbCDKelxc=/105x105/filters:format(jpg):quality(70):focal(1028x809:1038x819)/www.chicagotribune.com/resizer/atZCz5W490j1ubWEeTBdO3Rkhas=/cloudfront-u... 3 KB
3 KB 102ms
101ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/d77MMDBNNHyNwwVLLMZbCDKelxc=/105x105/filters:format(jpg):quality(70):focal(1028x809:1038x819)/www.chicagotribune.com/resizer/atZCz5W490j1ubWEeTBdO3Rkhas=/cloudfront-us-east-1.images.arcpublishing.com/tronc/E6PGMATEJFFQPD64OZHUJIFXZQ.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

daea45ab775badcc8428a74d2676ac1993213cd6c7bd0352b6e96eb2f29b37ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 20:21:51 GMT
server: Akamai Image Manager
etag: "6a5b40aa603d954449447ac47e9332ec45881335"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31529685
server-timing: cdn-cache; desc=HIT, edge; dur=43
content-length: 2618
expires: Wed, 20 Dec 2023 20:20:04 GMT

GET
H2 200 NAMOBSOGKZGHRD2B4DP7MFOGGY.jpg
www.chicagotribune.com/resizer/b7yF9ohMkUOWrqgV17ZeXbNp7wU=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/fWvdnaiOZ0IzwLJAnUh9PkHSwnw=/cloudfront-us-east-1.images.arcpublis... 3 KB
3 KB 85ms
84ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/b7yF9ohMkUOWrqgV17ZeXbNp7wU=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/fWvdnaiOZ0IzwLJAnUh9PkHSwnw=/cloudfront-us-east-1.images.arcpublishing.com/tronc/NAMOBSOGKZGHRD2B4DP7MFOGGY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e5915fd5813ede0116e919c3154a6ff305c5c5d28489b6ed44df905514c9a52b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 14:37:42 GMT
server: Akamai Image Manager
etag: "d24f388b895bc1798697cc33968b6ea6d4f1b4fe"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31509208
server-timing: cdn-cache; desc=HIT, edge; dur=45
content-length: 2837
expires: Wed, 20 Dec 2023 14:38:47 GMT

GET
H2 200 site-service-hierarchy Show response
www.chicagotribune.com/pf/api/v3/content/fetch/ 21 KB
5 KB 177ms
177ms Fetch
application/json 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/api/v3/content/fetch/site-service-hierarchy?query=%7B%22hierarchy%22%3A%22main-nav%22%7D&filter=%7Bchildren%7B_id%2Cchildren%7B_id%2Cdisplay_name%2Cinactive%2Cname%2Cnode_type%2Csite%7Bsite_url%7D%2Curl%7D%2Cdisplay_name%2Cinactive%2Cname%2Cnode_type%2Csite%7Bsite_url%7D%2Curl%7D%7D&d=106&_website=chicago-tribune

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

567946e88d6703fd35ed019e14364116e86a093ba599a190d68b98fd66609cb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
If-Modified-Since: 1671572972072
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 99
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:59:32 GMT
server: openresty
etag: W/"5274-zsyXtYruCVSkdK9tzS6SAn6/gcU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=25
server-timing: cdn-cache; desc=HIT, edge; dur=130
content-length: 4752
expires: Tue, 20 Dec 2022 22:05:44 GMT

GET
H2 200 chartbeat-most-read Show response
www.chicagotribune.com/pf/api/v3/content/fetch/ 9 KB
4 KB 202ms
202ms Fetch
application/json 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/api/v3/content/fetch/chartbeat-most-read?query=%7B%22environment%22%3A%22prod%22%2C%22feature%22%3A%22news-ticker%22%2C%22feedSize%22%3A15%7D&filter=%7Bcontent_elements%7B_id%2Ccanonical_url%2Cheadlines%7Bbasic%7D%2Cpromo_items%7Bbasic%7Bresized_params%7B105x105%7D%2Ctype%2Curl%7D%7D%7D%7D&d=106&_website=chicago-tribune

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

de66e99944f3507999ccf07632627cf80f1771534cffd2e2411cd62cd754d45e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
If-Modified-Since: 1671573101916
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 287
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 22:01:42 GMT
server: openresty
etag: W/"225d-nEFyJb5tZeReb6EQ5jncVvdJGOQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=83
server-timing: cdn-cache; desc=HIT, edge; dur=163
content-length: 3580
expires: Tue, 20 Dec 2022 22:06:42 GMT

GET
H2 200 story-feed-sections Show response
www.chicagotribune.com/pf/api/v3/content/fetch/ 56 KB
11 KB 204ms
203ms Fetch
application/json 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/api/v3/content/fetch/story-feed-sections?query=%7B%22excludeSections%22%3A%22%2Fespanol%2C%2Fopinion%2Fletters%2F%2C%2Fhoroscopes%2C%2Flifestyles%2Fchi-lottery%22%2C%22feedSize%22%3A3%2C%22includeSections%22%3A%22%2Fnews%2C%2Fbusiness%2C%2Fsports%2C%2Fdining%2C%2Fcoronavirus%2C%2Fpolitics%2C%2Fpeople%2C%2Fentertainment%2C%2Fweather%2C%2Fnation-world%2C%2Fopinion%2C%2Fsuburbs%2C%2Fhistory%22%7D&d=106&_website=chicago-tribune

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

36bfd4fb80f699d28d8cda6f8cf6ac9f6ef6be68cd3545fb3d565f463e528d5b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
If-Modified-Since: 1671573088256
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 241
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 22:01:28 GMT
server: openresty
etag: W/"e010-O9sbGCcMPfYUSyEW6O3uxMTw2+8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=69
server-timing: cdn-cache; desc=HIT, edge; dur=162
content-length: 11147
expires: Tue, 20 Dec 2022 22:06:28 GMT

GET
H2 200 site-service-hierarchy-custom Show response
www.chicagotribune.com/pf/api/v3/content/fetch/ 2 KB
1 KB 111ms
111ms Fetch
application/json 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/api/v3/content/fetch/site-service-hierarchy-custom?query=%7B%22feature%22%3A%22footer%22%2C%22hierarchy%22%3A%22footer%22%7D&filter=%7Bchildren%7B_id%2Cchildren%7B_id%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%7D&d=106&_website=chicago-tribune

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

90e2f780ff286005bb9f847a01515cc6e36d1fbd731b2e7e262b7462b18ea820

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
If-Modified-Since: 1671573099837
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 219
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 22:01:40 GMT
server: openresty
etag: W/"8af-mXt9ZX7p4ERjJaeJvh/AJRBgVds"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=81
server-timing: cdn-cache; desc=HIT, edge; dur=62
content-length: 864
expires: Tue, 20 Dec 2022 22:06:40 GMT

GET
H2 200 site-service-hierarchy-custom Show response
www.chicagotribune.com/pf/api/v3/content/fetch/ 1 KB
847 B 110ms
110ms Fetch
application/json 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/api/v3/content/fetch/site-service-hierarchy-custom?query=%7B%22feature%22%3A%22footer%22%2C%22hierarchy%22%3A%22trib-pub-sister-footer%22%7D&filter=%7Bchildren%7B_id%2Cchildren%7B_id%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%7D&d=106&_website=chicago-tribune

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4201feb643210f3f9cccf2babbb890abfa064be8c3d01932183e635951b04854

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
If-Modified-Since: 1671573094183
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 231
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 22:01:34 GMT
server: openresty
etag: W/"542-BLHjJSsQuQ2WhlWONaZh8oZMJCA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=75
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=74
content-length: 510
expires: Tue, 20 Dec 2022 22:06:34 GMT

GET
H/1.1

200
OK

chiarc.min.js Show response
www.tribdss.com/meter/
Redirect Chain

https://www.tribdss.com/meter/chiarc.min.js
https://www.tribdss.com/meter/chiarc.min.js?disabled=international

34 KB
12 KB

53ms
53ms

Script
text/javascript

23.64.52.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tribdss.com/meter/chiarc.min.js?disabled=international

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

HTTP/1.1

Server

23.64.52.69 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-52-69.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

34ec1683d2642299e982025227fedb587004b36ef9d3abcf47999e7f62a8afff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 22:05:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 11338
X-Request-Id: 8c1ccf2ce6b0d0d6951850f1d519b83e
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.013004
X-Content-Digest: edc59c57da0cb7d5cdcceb066e2be3ce240b497d
Last-Modified: Tue, 27 Sep 2022 09:54:52 GMT
Server: Apache
X-Host-Info: b4e2aeed9012,; 6bc1041e00adf70b2570b8110e71a863d7d26646 (HEAD -> refs/heads/release/2208.1.0, refs/remotes/origin/release/2208.1.0, refs/remotes/origin/release/2207.1.0) dss-17031 added service account for health check app
ETag: 5978707471600083914R
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, must-revalidate, max-age=730
Httpd-Identifier: b4e2aeed9012
X-Rack-Cache: fresh

Redirect headers

Location: /meter/chiarc.min.js?disabled=international
Date: Tue, 20 Dec 2022 22:05:20 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK chiarc.min.js Show response
ssor.tribdss.com/reg/tribune/ 34 KB
12 KB 421ms
92ms Script
text/javascript 23.64.52.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssor.tribdss.com/reg/tribune/chiarc.min.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.64.52.69 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-52-69.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

46b10e0974a2a15ad1594ac1f02cb48260dc542ba0996ad7e25f35f80e7c163b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 22:05:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 11130
X-Request-Id: 398672c788adac204f0e7df093389212
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.006387
X-Content-Digest: f391532eb599cdd48bdef9c59c51370620dee8ad
Last-Modified: Tue, 13 Dec 2022 08:14:22 GMT
Server: Apache
X-Host-Info: f37e4f406fd6,; bd49cf49d42dfa391aa74c90a928b0c527730a90 (HEAD -> refs/heads/release/2211.1.1, refs/remotes/origin/release/2211.1.1) Added null check for authserver
ETag: 14505511593112256871
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, must-revalidate, max-age=600
Httpd-Identifier: 90cb5872d3de
X-Rack-Cache: fresh

GET
H2 200 / Show response
dynpaywall-api-chicagotribune.ml.sophi.io/v1// 50 B
327 B 500ms
230ms XHR
application/json 18.160.249.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dynpaywall-api-chicagotribune.ml.sophi.io/v1//?domain_userid=&content_id=2FTXQBXQG5GUFLNHRHU6YB6SYI&user_id=&localtime=2022-12-20%2022:5:19%20GMT0000&section=/suburbs/daily-southtown&referrer=
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.249.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-249-74.ord58.r.cloudfront.net
Software: CloudFront /
Resource Hash: f0f6487e04faf01177ca123beb1fa1c5683887295609275f1a5badafae5ec7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
via: 1.1 4d474be393d7ef3b27b89fddae035482.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ORD58-P5
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 50
x-amz-cf-id: adIRbeo22lZT90a4RKLJA8leoiiALg9-b-mzlrLIkYfsbIxB5kDmQw==

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ 357 KB
93 KB 90ms
9ms Script
application/javascript 2600:9000:211e:3600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6522f662c8debcda2820aaf8d8d34f30061896419eded83d4e57fb1ac98d41ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 41717
x-cache: Hit from cloudfront
content-length: 94299
x-xss-protection: mode=block
last-modified: Wed, 23 Nov 2022 18:13:43 GMT
server: CloudFront
etag: "5eac0df3bf74fd75f7b85ddbed5ca2f5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: VXICuy7SfCHQOGzfQp6olfkitAOtxvhczPgkBf3QoegjfcLvksm5aQ==

GET
H2 200 resize-image-api-client Show response
www.chicagotribune.com/pf/api/v3/content/fetch/ 216 B
523 B 192ms
192ms Fetch
application/json 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/api/v3/content/fetch/resize-image-api-client?query=%7B%22raw_image_url%22%3A%22https%3A%2F%2Fcloudfront-us-east-1.images.arcpublishing.com%2Ftronc%2FFZFZTFMV6NHMJCQOCNHBU3T2CY.jpg%22%7D&filter=%7B377x0%2C600x0%7D&d=106&_website=chicago-tribune

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

8b992185e4480c6985018878a97c716fb566d4438398fe60aba7a9e1d9c06059

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:59:14 GMT
server: openresty
etag: W/"d8-rfA7gHRzBNuGz6dtPoIO84DX24c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=9
server-timing: cdn-cache; desc=MISS, edge; dur=147, origin; dur=10
content-length: 187
expires: Tue, 20 Dec 2022 22:05:28 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tribunedigital-network/ 2 MB
90 KB 45ms
12ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd03e70c1b849ea7e586ad1b46a8a6ef0215f2f8113f869f22b0802977253fa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: O.fJ7HxgG04p524SOVLMbeucZDyYaqay
content-encoding: gzip
via: 1.1 varnish
date: Tue, 20 Dec 2022 22:05:19 GMT
x-amz-request-id: A92B7VJK0TKRMED0
age: 162
x-cache: HIT
content-length: 92142
x-amz-id-2: 5L/MfM0oAIr9CwT6KcBS4XSWJsxfca+SGP8OeT0YxwKYqXem4sfYfsjY51650UBzt8ofDVzNDco=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Mon, 19 Dec 2022 14:52:02 GMT
server: AmazonS3
x-timer: S1671573919.141983,VS0,VE1
etag: "9787875405cbdf6a2b2e577eb5319051"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 51
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih Show response
smoggysnakes.com/ 60 KB
21 KB 76ms
23ms Script
text/javascript 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

c840a97f1ee47067faca78272f458910ca19af0e56eb238ce60833ccdc8cc717

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Tue, 20 Dec 2022 22:05:19 GMT
x-datacenter: gce-europe-west1
etag: "002fcc286cb43746b53b0047b9fa8813f5fe7e13473f9286835ae49dda78b1f0"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 718439402
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 main.js Show response
tribune-chicagotribune.zeustechnology.com/ 340 KB
73 KB 58ms
8ms Script
application/javascript 18.66.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribune-chicagotribune.zeustechnology.com/main.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d12cb94d68d465e2823cd9b692413eef5e6ea8b58482c265e49a7cd6d23b9ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: .WsHO0K0QtOCGbTigDdCUkkhCJBx10k2
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 21:10:21 GMT
last-modified: Tue, 29 Nov 2022 20:25:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 3342
etag: W/"bd4836d7426fdf59e5af9ed60ae45796"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,s-maxage=3600
x-amz-cf-id: nTTAavkqH-0tvVc0RGGYaKsNyuCJx1hbQBIZjfpFuEpfiKD_-u356g==

GET
H2 200 Chicago_Tribune-chiblue.svg
www.chicagotribune.com/pf/resources/logo/ 13 KB
5 KB 41ms
41ms Image
image/svg+xml 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/logo/Chicago_Tribune-chiblue.svg?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: M7D9DRE0821W91WY
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 5118
x-amz-id-2: 4dic0wcTGDKB3GoomH9avtTqXbrpZSvSaEnTlQQ8UMeSD3QHadkD+LUMejUX9A5lgUpVB56/Tl0HqEktiKfxqA==
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"71456cc06238c3a185cccb135bec0329"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 22:05:19 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 34ms
24ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1392
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 77cbadc2a951995d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 23 Dec 2022 22:05:19 GMT

GET
H2 200 chicagotribune.com Show response
pubcast-files.remixd.com/player-configs/ 41 KB
42 KB 55ms
7ms Fetch
application/json 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/chicagotribune.com
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f486dcad1402002af6f9fee8cbe1f301710b828ea0740abfe8672137ef6e02f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:13:08 GMT
age: 3131
x-guploader-uploadid: ADPycdvQwBjuMeY3zIHvLBHFujtO8SPlpL-cB2gAVHpXVc2fohC1NsOhbsXYSClrE6SIsfPCpbj3pNW5xEeLFsHVRoL8og
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41910
last-modified: Tue, 06 Dec 2022 21:00:08 GMT
server: UploadServer
etag: "5a254665d4a4c7aceb33b05d7ef91bd9"
x-goog-generation: 1670360408860858
x-goog-hash: crc32c=5ElQGQ==, md5=WiVGZdSkx6zrM7Bdfvkb2Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-meta-cache-control: public, no-cache, must-revalidate
x-goog-stored-content-length: 41910
accept-ranges: bytes
content-type: application/json
expires: Tue, 20 Dec 2022 22:13:08 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 276 B
564 B 80ms
12ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=chicagotribune.com&domain=chicagotribune.com&path=%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 96ccf982c4d6f90c3a1a86ec1115c794b8aff5c09cacfb0c54357946abd0a3a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 1
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 709
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 206
x-served-by: cache-hhn-etou8220069-HHN
x-timer: S1671573919.228807,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 18 Dec 2022 21:53:29 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/chicagotribune.com/ 56 KB
21 KB 103ms
25ms Script
application/javascript 13.32.2.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/chicagotribune.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-61.vie50.r.cloudfront.net
Software: nginx /
Resource Hash: 6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Tue, 20 Dec 2022 00:43:53 GMT
content-encoding: gzip
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jan 2022 19:15:41 GMT
server: nginx
x-amz-cf-pop: VIE50-C2
age: 76886
etag: W/"61d5ee5d-df47"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: AeiMQthTQNQHAN9NHG3RwITRgSy7Y0uBo2xr_zEUh188CN-zYiMhNQ==
expires: Wed, 21 Dec 2022 00:43:53 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/15aac723-64c8-4b23-ab62-e238fd624c21/ 3 KB
2 KB 353ms
111ms Script
text/javascript 54.230.18.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/15aac723-64c8-4b23-ab62-e238fd624c21/launchpad-liveramp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.18.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-18-13.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51ae82135498270faf7037bc1034285965dcde3c43476a24ac83ab3d14322522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:17:50 GMT
x-amz-version-id: QPdapfnTKadTbAF2NRlea4Urx3BTN8sm
content-encoding: gzip
via: 1.1 71f5a572c86c7c5dc9e816803de65014.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C3
age: 20850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Fri, 22 Apr 2022 17:52:36 GMT
server: AmazonS3
etag: W/"862af1285f6bfb523bc7fcb34a8cf69f"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: HomICBNUTY7K0K__ZDFLSyuOfJJbqllyxFIPooG0NqYHaYgausR1UA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 91ms
27ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 20:27:22 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5877
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 20 Dec 2022 22:27:22 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 7ms
6ms Script
application/x-javascript 2600:9000:2057:e400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 01:01:25 GMT
content-encoding: gzip
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 75834
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ONRGrOD9uGqT4KdzDIc_7MbnNXk2eVcxdpgMS1jBsnEaBDaECTr2uA==
expires: Wed, 21 Dec 2022 01:01:25 GMT

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/latest/ 124 KB
42 KB 88ms
27ms Script
application/javascript 13.32.110.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/sophi.min.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-63.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:17:36 GMT
content-encoding: br
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-version-id: 77yKHytHO_pcAyQcoklw1dHdk4sqBtp0
last-modified: Tue, 04 Oct 2022 14:09:32 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 6464
x-amz-server-side-encryption: AES256
etag: W/"dfd164092f8d8abc70b55ba8c1bc2e80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 1XikhqX56aBChlpgf5M_jUOuD3iXsJWYr3rXJcaFBSb_bnHsakl_4Q==

GET
H3

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma89701/fusion/9/
Redirect Chain

https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1612
https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js

150 KB
43 KB

22ms
7ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H3
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32e8506d2f282e7132820c2c989104e013938da8c2214f6442eaec6945918211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:02:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 26 May 2022 16:23:18 GMT
server: nginx
age: 3751
etag: "31cd74de581fdfc9a6c0d6883d695597"
vary: Accept-Encoding
x-cache: HIT Sun, 18 Dec 2022 05:36:18 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44258

Redirect headers

date: Tue, 20 Dec 2022 22:05:19 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 1-gc-europe-west6-8j340940

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 68ms
13ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1671573919169&ns_c=UTF-8&c8=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&c9=
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 3D0wM_mBIDxVhzosPP2tC2mQbTsCMdTDKfoYrcgmTFcpMbkC0Wp6Og==
x-cache: Miss from cloudfront

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
2 KB 330ms
108ms Script
text/javascript 52.203.252.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.252.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-252-49.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: cf276f8b30084449354a820d7830158827a9d732027394506346370fe56c4279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1135
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 cs Show response
tribune.blueconic.net/DG/DEFAULT/ 16 B
698 B 315ms
101ms Script
text/javascript 107.20.111.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tribune.blueconic.net/DG/DEFAULT/cs?&callback=bc_json138

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.20.111.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-111-5.compute-1.amazonaws.com

Software

- /

Resource Hash

a817b30fa0d97a561ee14a8a08300a12db396166f56ca8da39cf77c33de9cc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 standard-player.html Show response
tags.remixd.com/player/v5/players/ 129 KB
30 KB 27ms
11ms Fetch
text/html 143.204.215.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/players/standard-player.html
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-80.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24
x-cache: Hit from cloudfront
content-length: 29730
last-modified: Tue, 21 Jun 2022 15:31:59 GMT
server: AmazonS3
etag: "9a2e807a291cbaccaab15c40f0629813"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
cache-control: public,max-age=1800
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: mX75vI3RruCk9g91t0hJ05Pwar6lzcN8J3OAySgdvxQP4Ei0r4HOWQ==

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
465 B 62ms
7ms Script
application/javascript 2600:9000:223f:a800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 26640436
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: moos9DNtnADh8tm6xEoP10VnPZ7xPkgP1d24jZP0cvkprS6M4wJbjQ==

GET
H2 200 load.js Show response
widget.perfectmarket.com/tribunedigital-network/ 4 KB
2 KB 22ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/tribunedigital-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1772b2203205468529b2ce91b979cbfd4e7ac95f5cf55463fdbb313cf9708403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: .erCKV8rV4noOWlsx_.BL4YowH6CZP0S
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Dec 2022 22:05:19 GMT
x-amz-request-id: HPBZJWG2NP62G4RB
age: 241
x-cache: HIT, HIT
content-length: 1495
x-amz-id-2: iPkzCwgnrFlQTFq5AOUfc87yLbGVEyd1M/M4Ch/FNHOTNBDNoC/DymEfWD9s68BclniYPszXxn8=
x-served-by: cache-sna10730-LGB, cache-hhn-etou8220033-HHN
last-modified: Wed, 28 Sep 2022 00:04:05 GMT
server: AmazonS3
x-timer: S1671573919.379870,VS0,VE1
etag: "deaebca6acf5ec5384c07f3fead3d4a8"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 impl.20221219-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 699 KB
145 KB 12ms
12ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221219-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e02d29497d62ca80311fa65138ac0ea44d34c731ccf9d31276133e950ca8b6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5v1aH2SyKGoSO5ktl7JGSE9m6xWFfT8c
content-encoding: br
via: 1.1 varnish
date: Tue, 20 Dec 2022 22:05:19 GMT
x-amz-request-id: BB2RDMJ14078D7RQ
age: 8402
x-cache: HIT
content-length: 148577
x-amz-id-2: WQIGKZJ9DKzEDqTPM9/JZVrtOLaB2mPZxi7uS024IZ/IjFL7HqfgaaDMOVXhVAPoAr+3/er1Wyk=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Mon, 19 Dec 2022 11:45:16 GMT
server: AmazonS3-br
x-timer: S1671573919.370306,VS0,VE0
etag: "04502ef632cbf88ab074db3b7b1d2384"
vary: Accept-Encoding
content-type: application/javascript
abp: 35
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 28846

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 8ms
7ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 05:20:02 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 60318
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: vdVRMcHuvDhpCtJyNmBw5npuqIqalQsu3fF-2w_gc2KAL2gmUBa5xA==

GET
H2 200 / Show response
cmp.osano.com/ Frame CEA1 4 KB
1 KB 6ms
6ms Document
text/html 2600:9000:211e:3600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61036
content-encoding: gzip
content-type: text/html
date: Tue, 20 Dec 2022 05:08:04 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-id: ZCecerlR4PlBtC3Soj276BUIOadXHk0vYJtxugZWMHzxd98DnqV7-A==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK ae4a8daa-33ec-45e1-bb44-d6fc6b8a54d3
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/ae4a8daa-33ec-45e1-bb44-d6fc6b8a54d3
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 406ms
101ms Image
image/gif 52.44.88.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicagotribune.com&p=%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&u=gDGzvekv84J_v8w&d=chicagotribune.com&g=3906&g0=suburbs%2Csuburbs%3Adaily-southtown&g1=Bill%20Jones&n=1&f=00001&c=0&x=0&m=0&y=6083&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&b=1359&t=WWdGqCOrFU2Cl8SVZBI490zRddeT&V=139&i=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&tz=0&sn=1&sv=Dix02rBb7np1fAxJ2BoAgPTDAn1Zx&sd=1&im=067b0fff&_
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.88.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-88-224.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 22:05:19 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 149ms
29ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1671573919522&plid=63389800&idsite=chicagotribune.com&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&sref=&sts=1671573919522&slts=0&title=Lansing+woman+turns+tragedy+into+generosity+through+MJG+Movement&date=Tue+Dec+20+2022+22%3A05%3A19+GMT%2B0000+(GMT)&action=pageview&pvid=46909170&u=pid%3De59eb7871138f264b4435a0a297698ca
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 22:05:19 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 20-Dec-2022 22:05:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 FUtg69tL.js Show response
cdn.jwplayer.com/libraries/ Frame F65B 119 KB
42 KB 37ms
7ms Script
text/javascript 2600:9000:225e:4200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: dc2f56f86e6d72c3b804ce78768cf7f23b78bc957ec5d17000bd59eaccb1c483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:02:24 GMT
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 175
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 42343
x-amz-cf-id: r4YPLM3QNtrlyCCnhXNbZURvFBzs1slW7dfuaVLiesauFuWoqnqcyg==

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 364ms
96ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 600
content-length: 0
date: Tue, 20 Dec 2022 22:05:19 GMT
server: nginx

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
228 B 286ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 478ms
98ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&artpubt=1671188402&artsrc=Daily%20Southtown&artupt=1671208517&auth=Bill%20Jones&cms=fusion&hier=suburbs%7Cdaily-southtown&ptype=story&prem=metered&pubname=chicagotribune&sec=suburbs&wrdcnt=790&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=af66197e-85ae-4dcb-9857-3b7a9de906d6&pid=1d9e84bf-8b84-4f4a-9fcf-2ad677f6964d&dtm=1671573919588&qnm=_matherq&visible=1&tabid=839ca4fd-3277-4b2c-8195-e0f2abeade65&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&vp=1600x1200&ds=1600x6083&tofa=1671573920&vid=1&lvidt=1671573920&duid=a3671f5e8c198a35&fp=983239506&cid=ma89701&mrk=197837611&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3MTU3MzkxODEyOSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMy40bWIiLCJoZWFwVCI6IjE4LjJtYiIsImZzdFBhaW50IjoiNzA2IiwiZmV0Y2hTIjoiMCIsImRvbWFpblMiOiIxIiwiZG9tYWluRSI6IjQ0NyIsImNvbm5TIjoiNDQ3IiwiY29ubkUiOiI1MDAiLCJzc2xTIjoiNDY0IiwicmVxdVMiOiI1MDAiLCJyZXNwUyI6IjU4OCIsInJlc3BFIjoiNjQ5IiwiZG9tTG9hZCI6IjU5MCIsImRvbUludGVyIjoiNzM5IiwiZG9tTG9hZFMiOiI4MzkiLCJkb21Mb2FkRSI6IjkwOCJ9LCJhdWRpZW5jZSI6W3sicHJvdmlkZXIiOiJ1c2VyREIiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiIxZDllODRiZi04Yjg0LTRmNGEtOWZjZi0yYWQ2NzdmNjk2NGQifSx7InByb3ZpZGVyIjoiaVNlZ3MiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiIxZDllODRiZi04Yjg0LTRmNGEtOWZjZi0yYWQ2NzdmNjk2NGQifV19
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 20 Dec 2022 22:05:20 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 TFXJ7V35BKCGBDCNEXRJDBNM4Y.jpg
www.chicagotribune.com/resizer/Ga4O99PdOT3hQPCSjQi5oQ32Dr0=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/FuFV2bfTmfRbVpiLCN5nCpuqxk4=/cloudfront-us-east-1.images.arcpublis... 4 KB
4 KB 86ms
85ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/Ga4O99PdOT3hQPCSjQi5oQ32Dr0=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/FuFV2bfTmfRbVpiLCN5nCpuqxk4=/cloudfront-us-east-1.images.arcpublishing.com/tronc/TFXJ7V35BKCGBDCNEXRJDBNM4Y.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7c8dd5f7e9e33d9c03332640bb647808808c8fe14670f3fc01b44b7325277a6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:56:50 GMT
x-serial: 741
server: Akamai Image Manager
x-check-cacheable: YES
etag: "2825cfeee689d4d116f12f732af3bbd599a59b32"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31535428
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=77
content-length: 4115
expires: Wed, 20 Dec 2023 21:55:47 GMT

GET
H2 200 Q76MMJQDQ5AJDIRFGWJMSQTJGE.jpg
www.chicagotribune.com/resizer/jTYpzbM4R5_dINdkxYJjxtPF6Kw=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 19 KB
19 KB 75ms
74ms Image
image/webp 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/jTYpzbM4R5_dINdkxYJjxtPF6Kw=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/Q76MMJQDQ5AJDIRFGWJMSQTJGE.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

147f6d2e7f84b8b8722d4bfc779cc0a86ddf23b0de4e2f65118fbfbf3c7b38ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 07 Oct 2022 14:23:08 GMT
x-serial: 367
server: Akamai Image Manager
x-check-cacheable: YES
etag: "574e63f515d1edd5c1bbef99c39866ae31818c41"
content-type: image/webp
cache-control: private, no-transform, max-age=31019067
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=100
content-length: 19130
expires: Thu, 14 Dec 2023 22:29:46 GMT

GET
H2 200 ESZM5JXL2RE3ZKWT4PAYUT4IEQ.jpg
www.chicagotribune.com/resizer/VHTmdmqqsI6wQd2sqyJGwZ-Ct2M=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 122 KB
122 KB 71ms
71ms Image
image/jpeg 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/VHTmdmqqsI6wQd2sqyJGwZ-Ct2M=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ESZM5JXL2RE3ZKWT4PAYUT4IEQ.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4a51e76befc0c3fe8d4fe82c228c3d7bd47d6a60f9df6f161aa224194c84f618

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:34:37 GMT
server: Akamai Image Manager
etag: "57c56ec56a0254c52c2fa51966e4715069f7c6c4"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31534205
server-timing: cdn-cache; desc=HIT, edge; dur=20
content-length: 124453
expires: Wed, 20 Dec 2023 21:35:24 GMT

GET
H2 200 FZFZTFMV6NHMJCQOCNHBU3T2CY.jpg
www.chicagotribune.com/resizer/jG5aTsXhyjc0lFPorRdRW9JDvuU=/600x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 14 KB
15 KB 549ms
548ms Image
image/webp 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/jG5aTsXhyjc0lFPorRdRW9JDvuU=/600x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/FZFZTFMV6NHMJCQOCNHBU3T2CY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0c5ae34a674cdb6cdb2747b25bae3d663e862e1e064aad8fd2293a62b157c83a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 22:05:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 15 Nov 2022 19:10:28 GMT
server: Akamai Image Manager
etag: "58d1a89a83cf8179194b58084e8743214db66893"
content-type: image/webp
cache-control: private, no-transform, max-age=30783739
server-timing: cdn-cache; desc=HIT, edge; dur=514
content-length: 14414
expires: Tue, 12 Dec 2023 05:07:39 GMT

GET
H2 200 json Show response
trc.taboola.com/tribunedigital-chicagotribune/trc/3/ 74 KB
21 KB 391ms
377ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tribunedigital-chicagotribune/trc/3/json?tim=22%3A05%3A19.745&lti=deflated&data=%7B%22id%22%3A224%2C%22ii%22%3A%22%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1671461492044%2C%22vi%22%3A1671573919742%2C%22cv%22%3A%2220221219-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgGMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIF5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAA.YAAAAAAAAAAA%22%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%22%2C%22vpi%22%3A%22%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6083%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22below-article-thumbs_ARC%22%2C%22orig_uip%22%3A%22below-article-thumbs_ARC%22%2C%22cd%22%3A5443.65625%2C%22mw%22%3A946.65625%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22orig_uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22cd%22%3A2996.34375%2C%22mw%22%3A453.34375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%2Cbelow-article-thumbs_ARC%3Dthumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%2C%2Ctaboola-right-rail-thumbnails_arc%3Dthumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221219-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05aa3e4cb143051b5923abe76f14623533a78759f4eb8e4ea0e0a63cf93c2324

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 370
date: Tue, 20 Dec 2022 22:05:20 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220028-HHN
server: nginx
x-timer: S1671573920.758404,VS0,VE370
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.chicagotribune.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
90 B 219ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A19.738&type=info&msg=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&llvl=2&id=4442&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12640

GET
H2 204 debug
trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 219ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A19.738&type=info&msg=%7B%22mode%22%3A%22thumbs-1r%22%2C%22container%22%3A%22below-article-thumbs_ARC%22%2C%22placement%22%3A%22below-article-thumbs_ARC%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=3008&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12640

GET
H2 204 debug
trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 219ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A19.739&type=info&msg=%7B%22mode%22%3A%22thumbnails-rr2%22%2C%22container%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22placement%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=2236&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12640

GET
H2 204 debug
trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 219ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A19.744&type=info&msg=below-article-thumbs_ARC%20thumbs-1r&llvl=2&id=3858&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12640

GET
H2 204 debug
trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 220ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A19.744&type=info&msg=taboola-right-rail-thumbnails_arc%20thumbnails-rr2&llvl=2&id=6860&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12640

GET
H3 200 css2
fonts.googleapis.com/ Frame F65B 3 KB
492 B 94ms
42ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 22:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 20:38:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 22:05:19 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame F65B 43 B
582 B 160ms
109ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=0&sessionId=f2383c48-eecc-4803-9ca1-74becc547cf7&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
x-guploader-uploadid: ADPycdsSZk5V8S0b00d2jP-as5SA5SwVD_W2t6OaBhvkkwABMyWlCnKRwVyCpKBa8x2R1KfyKhq4V8cyX71jWbb0NJb7Ng
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 20 Dec 2023 22:05:19 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame F65B 43 B
191 B 261ms
210ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=f2383c48-eecc-4803-9ca1-74becc547cf7&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:19 GMT
x-guploader-uploadid: ADPycdsnyw9w_JkuXiphvhpredSyqN7QcJsjShrd1XyDDVYc9ty6rMLc2h7zfcWjefuBmtW00z3t82Pxjx1L-bcOGt_6vA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 20 Dec 2023 22:05:19 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame F65B 43 B
215 B 306ms
306ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=f2383c48-eecc-4803-9ca1-74becc547cf7&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
x-guploader-uploadid: ADPycdu3Q0dpyN3z_otkFrWKQLH7avgaQK7uOXjY0OV0mhwsIekZt8YW_oCXqnARZHvkAF9Q6LeWgBH6tAuX49aIHacPZw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 20 Dec 2023 22:05:20 GMT

POST
H3 200 v2nuq3PjLli_7eSETbqqyC1_ENY9HDpcsOEn8cugXoU0kJoxJCPrMQ0u4aGozKrV8OKwWcAD0 Show response
smoggysnakes.com/ 191 B
218 B 51ms
31ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2nuq3PjLli_7eSETbqqyC1_ENY9HDpcsOEn8cugXoU0kJoxJCPrMQ0u4aGozKrV8OKwWcAD0

Requested by

Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

670c450be55377c548c7de42762824d109c0e67f22b23ea58efceff0bdcd11ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 20 Dec 2022 22:05:19 GMT
via: 1.1 google
x-buildnumber: 718439402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Tue, 20 Dec 2022 22:05:18 GMT

GET
H2 200 read_auth Show response
authenticate.chicagotribune.com/ 101 B
661 B 1320ms
172ms Script
application/javascript 34.215.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://authenticate.chicagotribune.com/read_auth?product_code=chiarc&master_id=&callback=jQuery991821841425854800_516887747153899970

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.225.95 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-225-95.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8599e8835dc4fd0c9452dbb6fbaddedaa2a4d8fbbb96dd5d81320e0abee14ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-request-id: 6d948d51cf18b36accd834a3ca0e6f89
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.002556
server: Apache
x-host-info: f37e4f406fd6,; bd49cf49d42dfa391aa74c90a928b0c527730a90 (HEAD -> refs/heads/release/2211.1.1, refs/remotes/origin/release/2211.1.1) Added null check for authserver
etag: "f09635ce469c674cfe256d6bc12765e0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: must-revalidate, private, max-age=0
httpd-identifier: f37e4f406fd6
x-rack-cache: miss

POST
H2 200 137 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 56 KB
10 KB 434ms
433ms XHR
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/137?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=&bctempid=&overruleReferrer=&time=2022-12-20T22%3A05%3A19%2B00%3A00&ts=1671573919789

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

e9f1c060d1227dbb1e7272806bddce0fc3d8477675482564bb497ed55d54e01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 9609
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: AQWIIOtnaidAX5rKcDvOTrHjKktlqiyIsFZtUnJ2gAZFpJrIOx_BJQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 108ms
107ms Image
image/gif 52.203.252.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4566726&ntv_pl=1109740
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.252.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-252-49.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:19 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
101ms Image
image/gif 52.203.252.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=be00b3da-b7fc-4e96-a893-c229cf4c0896&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDZOqoqx7SRqmC9fHghq2cs5Un1ivsGrSqSvldHSe8Ba8bvRjfY5WW72_TnCfprBsKxDDEA_XY3JIp_BVJxh1bMXAgz5LjbAx-UxXe1hdjg7usf4rO00VNyrx5jbyD7UZvQkjiBFOQzJ9VuHkfoT0hlUshDdQjZo089na6NTR4979iBr943NsLkQ1EHd8BinUGm3rbwBesoQXZXEkEgiAU56mZ9XABgCoQUu3cDPMBpCog==&ntv_ht=nzGiYwA&ntv_at=303,302&ntv_a=AAAAAAAAAA7O4QA&ord=1671573919792&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.252.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-252-49.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:19 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
102ms Image
image/gif 52.203.252.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=be00b3da-b7fc-4e96-a893-c229cf4c0896&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDZOqoqx7SRqmC9fHghq2cs5Un1ivsGrSqSvldHSe8Ba8bvRjfY5WW72_TnCfprBsKxDDEA_XY3JIp_BVJxh1bMXAgz5LjbAx-UxXe1hdjg7usf4rO00VNyrx5jbyD7UZvQkjiBFOQzJ9VuHkfoT0hlUshDdQjZo089na6NTR4979iBr943NsLkQ1EHd8BinUGm3rbwBesoQXZXEkEgiAU56mZ9XABgCoQUu3cDPMBpCog==&ntv_ht=nzGiYwA&ntv_at=806&ntv_a=AAAAAAAAAA7O4QA&ntv_sat=5&ord=1671573919798&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.252.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-252-49.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:19 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 101ms
101ms Image
image/gif 52.203.252.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1115555&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.252.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-252-49.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:19 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
8 KB 87ms
18ms Script
application/x-javascript 13.32.110.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-42.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: br
via: 1.1 485f9ba84065b3ff587a6c536942e6c0.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 21:23:24 GMT
x-amz-cf-pop: VIE50-C2
age: 2517
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: KBc1EdLIed6Jv9yvrswdeQJiviqDKqE-f5muD2rLcCKmlcV5kZhavg==

POST
H3 200 v2nidfBfhguPscyDyDNViVqnG1m6lQ8L0BgozBeZxtAOxRg5dTMxxNcWXOm8it0C-ISzqDCJn Show response
smoggysnakes.com/ 3 B
27 B 19ms
18ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2nidfBfhguPscyDyDNViVqnG1m6lQ8L0BgozBeZxtAOxRg5dTMxxNcWXOm8it0C-ISzqDCJn

Requested by

Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 20 Dec 2022 22:05:19 GMT
via: 1.1 google
x-buildnumber: 718439402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 781 B
1 KB 73ms
35ms XHR
application/json 2a02:26f0:dc:383::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=DA9NK-5NF4A-5FWA6-EFVPV-RL87Z&d=www.chicagotribune.com&t=5571913&v=1.720.0&sl=0&si=56040cbd-4ce2-4a78-8ce8-2e399be6c59e-rn7mou&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=544467
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:383::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3abb626869ec51ffbbd335ab7ad0bc46e49ba32921eacee36e1fe00e3fb44783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Dec 2022 22:05:19 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 781
Content-Type: application/json

GET
H3 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame F65B 20 KB
20 KB 69ms
25ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:27:47 GMT
x-content-type-options: nosniff
age: 16652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 17:27:47 GMT

GET
H3 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame F65B 21 KB
21 KB 63ms
20ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 604362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 22:12:37 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
594 B 18ms
18ms Fetch
application/json 99.86.240.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-58.vie50.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 00:53:04 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront), 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, VIE50-C1
age: 76336
x-amzn-requestid: b698b88a-5475-4af6-a3b2-2b9ef90a9b23
x-amzn-trace-id: Root=1-63a10770-2e503743085253735c122108;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: da4ZmHkhDoEFlhw=
content-length: 30
x-amz-cf-id: PtYORN4h-Dhdtjqh36QGcIS2k3J_4JmEnP36ISKa724nyAHsyGbVFw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 225ms
174ms Preflight
application/json 99.86.240.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-58.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 20 Dec 2022 22:05:20 GMT
via: 1.1 f39b904b3d29bdb5e473689299f6dedc.cloudfront.net (CloudFront), 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
x-amz-apigw-id: ddyxEH48DoEFnTw=
x-amz-cf-id: HH0vVvq8tmKAjH8rxkLzcIo3FBvZKHP54lEswObY2mja6OPgG8bBPg==
x-amz-cf-pop: VIE50-C1 VIE50-C1
x-amzn-requestid: a2c46b7c-d85d-4ffb-add1-97a5fc3d51a4
x-cache: Miss from cloudfront

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
6ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 20 Dec 2022 22:05:20 GMT
x-amz-request-id: ZSYWDV613EWRQFZR
age: 59
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: zyoRYlp0DUQi7rOxqotjsUGVeDg2jXVIKZFqFlMrZ3FOAGkPB6oHKoLVv4lN564LBGSA15CQpCE=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1671573920.237003,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 35
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 78

GET
H2 204 supply-feature
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 18ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=0fbce72faac270620482ff29e5ef95b2&sd=v2_469122e658fce72a362f6b793aeae006_57ceb65b-a86c-47b1-8530-dbda469068ee-tucta9bb71f_1671573919_1671573919_CNawjgYQrco9GP6vx4zTMCABKAEwODib4wlAjIoQSKut2QNQqOwQWAFgAGjvhs2V9cu1kixwAA&ui=57ceb65b-a86c-47b1-8530-dbda469068ee-tucta9bb71f&pi=/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&wi=-7063177944300320461&pt=text&vi=1671573919742&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A05%3A20.162&id=4493&llvl=2&cv=20221219-7-RELEASE&
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 20 Dec 2022 22:05:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 18ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.170&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10526946%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=7645&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12564

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 17ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.177&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=2124&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12564

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 16ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.183&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=9163&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12564

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 16ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.193&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=3181&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12564

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.194&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=4900&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12564

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.194&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10526946%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=7742&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13413

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.195&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=2820&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13413

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.197&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=5465&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13413

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.199&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=9296&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13413

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.203&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=2569&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13413

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.205&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=3050&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13413

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.207&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=3540&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13309

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.209&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=1793&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13309

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.210&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=6872&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13309

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.212&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=2303&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13309

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.213&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=6971&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13309

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.216&type=info&msg=%7B%22name%22%3A%22below-article-thumbs_ARC%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22tribunedigital-network-feed-action-bucket-1628097850527%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=6340&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13309

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.219&type=info&msg=%7B%22name%22%3A%22below-article-thumbs_ARC%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22tribunedigital-network-feed-action-bucket-1628097850527%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=2512&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13329

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.220&type=info&msg=Start%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%201&llvl=2&id=6380&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13329

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.221&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%201&llvl=2&id=5119&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13329

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.223&type=info&msg=Start%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%202&llvl=2&id=5328&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13329

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.224&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%202&llvl=2&id=8814&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13329

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.226&type=info&msg=Start%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%203&llvl=2&id=4937&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13329

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.227&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%203&llvl=2&id=2889&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13304

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.229&type=info&msg=Start%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%204&llvl=2&id=1599&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13304

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.231&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%204&llvl=2&id=9496&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13304

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.232&type=info&msg=Start%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%205&llvl=2&id=8331&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13304

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.233&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%205&llvl=2&id=3114&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13304

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.252&type=info&msg=Load%20publisher%20card%3A%20%23taboola-skip%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23taboola-skip%20succeed&llvl=2&id=3777&cv=20221219-7-RELEASE&lt=deflated&idx=pc&pc=%23taboola-skip&st=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13304

GET
H2 204 abtests
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=AM:AM:V&lti=deflated&ri=0fbce72faac270620482ff29e5ef95b2&sd=v2_469122e658fce72a362f6b793aeae006_57ceb65b-a86c-47b1-8530-dbda469068ee-tucta9bb71f_1671573919_1671573919_CNawjgYQrco9GP6vx4zTMCABKAEwODib4wlAjIoQSKut2QNQqOwQWAFgAGjvhs2V9cu1kixwAA&ui=57ceb65b-a86c-47b1-8530-dbda469068ee-tucta9bb71f&pi=/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&wi=-7063177944300320461&pt=text&vi=1671573919742&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3Anull%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1671573920253%7D&tim=22%3A05%3A20.253&id=8129&llvl=2&cv=20221219-7-RELEASE&
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 20 Dec 2022 22:05:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.270&type=info&msg=Start%20Rendering%20taboola-right-rail-thumbnails_arc&llvl=2&id=3291&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13376

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.272&type=info&msg=Finish%20Rendering%20taboola-right-rail-thumbnails_arc&llvl=2&id=5551&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13376

GET
H2 204 abtests
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=AM:AM:V&lti=deflated&ri=0fbce72faac270620482ff29e5ef95b2&sd=v2_469122e658fce72a362f6b793aeae006_57ceb65b-a86c-47b1-8530-dbda469068ee-tucta9bb71f_1671573919_1671573919_CNawjgYQrco9GP6vx4zTMCABKAEwODib4wlAjIoQSKut2QNQqOwQWAFgAGjvhs2V9cu1kixwAA&ui=57ceb65b-a86c-47b1-8530-dbda469068ee-tucta9bb71f&pi=/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&wi=-7063177944300320461&pt=text&vi=1671573919742&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1671573920278%7D&tim=22%3A05%3A20.278&id=5496&llvl=2&cv=20221219-7-RELEASE&
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 20 Dec 2022 22:05:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.284&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=3382&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13376

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.285&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=5198&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13376

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.285&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=9296&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13333

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.286&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=6707&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13333

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.286&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=6649&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13333

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.287&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%201&llvl=2&id=8487&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13333

GET
H2 200 a475492201ad42f44e372d681523577f Show response
r610.chicagotribune.com/plugin/plugin/ 106 KB
26 KB 19ms
19ms Script
text/javascript 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/plugin/plugin/a475492201ad42f44e372d681523577f

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

9eb6599bb360c2bbd998e8fbb24087b36a03220670ca2a20e91d388bfccaf95d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
age: 111696
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 25847
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Dec 2022 15:03:44 GMT
server: -
etag: a475492201ad42f44e372d681523577f
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: fEGZCxVjEivk2Sv5Uc7AL7mbqoiKBg-XJdJOv3rLWVcpzgw4Y2S-MQ==
expires: Tue, 19 Dec 2023 15:03:44 GMT

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.300&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%202&llvl=2&id=5627&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13333

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.301&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%203&llvl=2&id=8718&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13333

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.302&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%204&llvl=2&id=1810&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13312

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.303&type=info&msg=Finish%20Rendering%20below-article-thumbs_ARC%20%7C%20Card%205&llvl=2&id=4878&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13312

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=22%3A05%3A20.330&type=info&msg=Finish%20Rendering%20taboola-right-rail-thumbnails_arc&llvl=2&id=7409&cv=20221219-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13312

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 149 KB
46 KB 174ms
20ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb567b470c90efa50fbe96b8593b4605f2eb5ef2c5ef8a7d8f915ee8efa8982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46775
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 15:05:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 22:13:00 GMT

GET
H/1.1

200
OK

chiarc-reaction-1q2w3-1580939748189956228.min.js Show response
www.tribdss.com/meter/assets/
Redirect Chain

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

64 KB
15 KB

47ms
47ms

Script
text/javascript

23.64.52.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

HTTP/1.1

Server

23.64.52.69 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-52-69.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 22:05:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 14251
X-Request-Id: 36790d8fb9e612530b4ba84a3465a1e4
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.009261
X-Content-Digest: c9ca80d4d04a3c68e0ddbe3fb7bf02448f0875e0
Last-Modified: Tue, 27 Sep 2022 09:54:52 GMT
Server: Apache
X-Host-Info: b4e2aeed9012,; 6bc1041e00adf70b2570b8110e71a863d7d26646 (HEAD -> refs/heads/release/2208.1.0, refs/remotes/origin/release/2208.1.0, refs/remotes/origin/release/2207.1.0) dss-17031 added service account for health check app
ETag: 1580939748189956228
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=24234632
Httpd-Identifier: b4e2aeed9012
X-Rack-Cache: fresh

Redirect headers

Location: /meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international
Date: Tue, 20 Dec 2022 22:05:20 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 features Show response
zephr.chicagotribune.com/zephr/ 3 KB
1 KB 274ms
104ms Fetch
application/json 13.32.110.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/features
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-67.vie50.r.cloudfront.net
Software: /
Resource Hash: 65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
content-encoding: gzip
via: 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: public, max-age=300
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: PspMmbeRno6O48_Orj9ILvpGH2amLOwlLlENPf7-Ea2CEBOO0LCAmA==
x-blaize-request: ffffffff9c770d4a

GET
H2 200 c550b882848919ee080e14e3a3a084ea Show response
r610.chicagotribune.com/plugin/library/ 292 KB
92 KB 26ms
26ms Script
text/javascript 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/plugin/library/c550b882848919ee080e14e3a3a084ea

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

87eecb67faf2ab19e08c7f364ddef4c22a194a29ed08a7aeab1250d763ee44aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 17:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
age: 706401
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 93905
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Dec 2022 17:51:59 GMT
server: -
etag: c550b882848919ee080e14e3a3a084ea
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8zekrSJnwGgZzmAceuRPxLN5_xKqG92sBty_H2zwSV52jo-rhxOSDw==
expires: Tue, 12 Dec 2023 17:51:59 GMT

POST
H2 200 LB-Zone-2 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/137/ 2 KB
2 KB 434ms
434ms XHR
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/137/LB-Zone-2?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=&bctempid=8753bbb7-0b45-47a8-96aa-c0f33e41385c&overruleReferrer=&time=2022-12-20T22%3A05%3A20%2B00%3A00&ts=1671573920398

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

5db3774df39f79998d74169102bed48953aac311893269360d1d4b324681a514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 846
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: EriBJMuyNTpF907NmS-qYZFe6muI1hz3hErAEvSMRkKs5WHzq2LBpg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
227 B 97ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Tue, 20 Dec 2022 22:05:20 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 97ms
96ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 600
content-length: 0
date: Tue, 20 Dec 2022 22:05:20 GMT
server: nginx

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 65ms
21ms Stylesheet
text/css 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 22:10:26 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 54ms
20ms Other
image/svg+xml 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 22:52:15 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/chicagotribune.com/ 2 B
58 B 197ms
166ms Fetch
application/json 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/chicagotribune.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 feature-decisions Show response
zephr.chicagotribune.com/zephr/ 27 KB
6 KB 154ms
115ms Fetch
application/json 13.32.110.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-67.vie50.r.cloudfront.net
Software: /
Resource Hash: 093cadbebd584635caf3e7b67181b1554f23ec758b7d5848118832f974746c9b

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 22:05:20 GMT
content-encoding: gzip
via: 1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: 4b3orenNnEQiV7N33q_y0G7IKw6qQzlbk32TeoyiWWjv_t85Bq3zCA==
x-blaize-request: 322bf537

OPTIONS
H2 200 feature-decisions
zephr.chicagotribune.com/zephr/ Frame 0
0 102ms
102ms Preflight 13.32.110.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-67.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin: https://www.chicagotribune.com
content-length: 0
date: Tue, 20 Dec 2022 22:05:20 GMT
via: 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
x-amz-cf-id: UB1T0qMsfuKSPO3ZTr2R1vE40Zjyd00p18-9b3QHFwSnCf5q_v5jKw==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ Frame A4DB 55 KB
18 KB 83ms
16ms Script
application/javascript 52.222.139.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221219-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-112.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6b49eeea8cc90c785e459aa7cd32f705759e84741f3421cfa7bc4685210c2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:04:36 GMT
content-encoding: br
via: 1.1 618e94643d6094e9ff9adbaaa8ed3aee.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 10:30:24 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 116
etag: W/"695e5fa6c95a1c9169972d0e7f5c09c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: N7OXAnU4G33TJllxcLxRNLq8iaXu53f5HDXHfTy0IObJDx9V2lvPWg==

GET
H3

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 97F6
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com
https://news.google.com/swg/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com

16 KB
7 KB

167ms
167ms

Document
text/html

2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f9de907e4bd4fb82b1ce817bc28411f5313cc75af86bd75aee712be9dffa4c0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-I6nRXAx-fTSm1Wgt-IQ2Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-I6nRXAx-fTSm1Wgt-IQ2Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Tue, 20 Dec 2022 22:05:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-Cf3Lxs-Yoa45tsg6XA3hLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: application/binary
cross-origin-resource-policy: same-site
date: Tue, 20 Dec 2022 22:05:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 stats Show response
r610.chicagotribune.com/rest/recommendations/ 14 B
849 B 420ms
420ms Script
text/javascript 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/rest/recommendations/stats?storeId=699df7a9-502c-4c05-85b0-78cce8b0f987&action=view&itemId=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&profileId=8753bbb7-0b45-47a8-96aa-c0f33e41385c&isEntrypage=true&hash=1ff764f066a30934d63e19cac57b01ee&lastmodified=1671208516000&&callback=bc_json139

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

d96c2ac8423b6e35af5cd40b205eef69ce1f21237ceee3295d622fd58716b1d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 34
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
x-amz-cf-id: LDQGZQp5QsB7XHbs8_-4xBOrltg3MKLBnuMJ6h38ULlIzmP-p3rw1A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 137 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 383 B
1 KB 436ms
436ms XHR
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/137?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=8753bbb7-0b45-47a8-96aa-c0f33e41385c&bctempid=&overruleReferrer=&time=2022-12-20T22%3A05%3A20%2B00%3A00&ts=1671573920891

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

19789a25de316aafa0cdcef2940eb6fe36b17c7219e7acaaf6275a10de01b45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 181
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Ln9_RKt6kPHgHTHTDSDvhBcVtBWfGiqu5YQtxvDGoDwPiD-Z-W3gNg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 137 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 192 B
1 KB 429ms
429ms XHR
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/137?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=8753bbb7-0b45-47a8-96aa-c0f33e41385c&bctempid=&overruleReferrer=&time=2022-12-20T22%3A05%3A20%2B00%3A00&ts=1671573920891

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

4b8ac6cf78850dd4df1813d44fdfb823f948a35f53870f6898d6026eb4f75f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: OUxKQ4GWvbE25hjI3i5mr1RCVUxHuN4_n3Wp80USqcb8-b77VyF8-g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 v2dnfMqHNNM6HBqXcE5KZrFOuH65xv93N9RYEDZ7o9N09c9uObhTe8YLLao-k6kzB_i_pbJSCUA
smoggysnakes.com/ 2 B
28 B 37ms
15ms Ping
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2dnfMqHNNM6HBqXcE5KZrFOuH65xv93N9RYEDZ7o9N09c9uObhTe8YLLao-k6kzB_i_pbJSCUA

Requested by

Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 20 Dec 2022 22:05:20 GMT
via: 1.1 google
x-buildnumber: 718439402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Tue, 20 Dec 2022 22:05:19 GMT

POST
H2 200 137 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 2 KB
2 KB 440ms
440ms XHR
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/137?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=8753bbb7-0b45-47a8-96aa-c0f33e41385c&bctempid=&overruleReferrer=&time=2022-12-20T22%3A05%3A20%2B00%3A00&ts=1671573920900

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

80bffc1f5d484df0221c64591bd553e659f58c2f06611b86b50a3079af705d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 897
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: tgldRr_Fb2hIZQ4fNu21H410Hzqyx8KMeB0bHqP-NM1xyCEiQt5RZQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
425 B 43ms
42ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 22:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 20:55:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 22:05:20 GMT

GET
H2 200 banner-winter-sale.png
www.chicagotribune.com/subscriptions/modal-global/img/ 2 KB
2 KB 111ms
110ms Image
image/png 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/banner-winter-sale.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

51af71cfd26e8ccf3dcdfad67fbf0af3bd1b852c077f78ab85bb2484385bc7d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-amz-version-id: OQDTwwu36yq52uSZKhbD80q9AdYsxX9p
date: Tue, 20 Dec 2022 22:05:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 10 Nov 2022 23:18:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "487366d6b1684b4be1ff355511d4b74a"
content-type: image/png
cache-control: private, max-age=1
content-length: 2077
x-amz-cf-id: EvOsNPEHE9TCI8OTpJvUhOWc6EuRPaAC5XYQLJiacTZHoDWZ7PT4jQ==
expires: Tue, 20 Dec 2022 22:05:22 GMT

GET
H2 200 arrow.svg
www.chicagotribune.com/subscriptions/modal-global/img/ 862 B
970 B 112ms
110ms Image
image/svg+xml 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/arrow.svg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e032575ce4b515c457c0cf6c2dc05a33265351dfc72365e353669418cfc047d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120
x-amz-version-id: 8UVaenlHzAE6BRrrl0X5eatDHeivHExx
content-encoding: gzip
date: Tue, 20 Dec 2022 22:05:21 GMT
last-modified: Mon, 17 Oct 2022 20:54:33 GMT
server: AmazonS3
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C2
etag: "961aedd1fed3b3c87e42a9b9f48e8975"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=1
x-amz-cf-id: TzKSRq9IxuGQlRDuk7v7Z0Ogw8MfM4dw2HdPNR-Zw3D_2P3mXlFYBQ==
content-length: 544
expires: Tue, 20 Dec 2022 22:05:22 GMT

GET
H2 200 icon-laptop.png
www.chicagotribune.com/subscriptions/modal-global/img/ 4 KB
5 KB 99ms
98ms Image
image/png 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/icon-laptop.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc96ea6e178463aae045454a8bb583cb8678f20c922a20723bbcdb0b0f242816

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-amz-version-id: tebKdJyUpG0Byn4LBF9J0h7iC0PNneV_
date: Tue, 20 Dec 2022 22:05:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 17 Oct 2022 20:54:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "10c5ddda2dce705aa29de726fdd86de3"
content-type: image/png
cache-control: private, max-age=1
content-length: 4400
x-amz-cf-id: qmfNzwLnMDfnWAgrIEctjL2FFkfoLmCwpXgzcMSjGlfeLBSQT7T4pA==
expires: Tue, 20 Dec 2022 22:05:22 GMT

GET
H2 200 icon-noads.png
www.chicagotribune.com/subscriptions/modal-global/img/ 3 KB
3 KB 98ms
97ms Image
image/png 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/icon-noads.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9ff4bae221a902760c0269d72a02a8e7abdb54597f9a1872a4212f4a5a463ed5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-amz-version-id: zZWudYECO5ZTTqCVOSz6Qjb.BU5KmHfs
date: Tue, 20 Dec 2022 22:05:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 17 Oct 2022 20:54:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "4e1d08e642478b4ec71c8fd0b9c256a2"
content-type: image/png
cache-control: private, max-age=1
content-length: 2577
x-amz-cf-id: 2ELAX6kW1d_04YyNAc9hdJdBZMfmfoX_CZTKwT7PJOWq6-oob_XajQ==
expires: Tue, 20 Dec 2022 22:05:22 GMT

GET
H2 200 icon-tablet.png
www.chicagotribune.com/subscriptions/modal-global/img/ 2 KB
2 KB 103ms
102ms Image
image/png 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/icon-tablet.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20d36b1439759089674dc4d2a6bc17436719a75911b63398b54772458dc709c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120
x-amz-version-id: w2CA2N0lZbRRgAIOV7FuPXyRsQcxjcTZ
date: Tue, 20 Dec 2022 22:05:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 17 Oct 2022 20:54:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "f30c900e60e4064f42517091db8b501b"
content-type: image/png
cache-control: private, max-age=1
content-length: 1911
x-amz-cf-id: idl6xOT3bBJvskcY8_9Yzn5S9qIt1samFdsmo_YtkWwjcOWpvRNx-w==
expires: Tue, 20 Dec 2022 22:05:22 GMT

GET
H2 200 icon-phone.png
www.chicagotribune.com/subscriptions/modal-global/img/ 4 KB
5 KB 96ms
95ms Image
image/png 2a02:26f0:11a::217:9a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/icon-phone.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3298bdfdcf3cc6b8bac3088bb71036c0be9eba411cff6c6902b1d53e63124adc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-amz-version-id: XTPYNp8GXdmkOVzf9BRCbDM4HFWxEZwE
date: Tue, 20 Dec 2022 22:05:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 17 Oct 2022 20:54:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "9a86e435cce562f363835eb199472583"
content-type: image/png
cache-control: private, max-age=1
content-length: 4359
x-amz-cf-id: dfjzHz9pDna4uoaRvH_7EKgd-jLbnx45rMZTc22pXWQ_Hwy2ajgxpQ==
expires: Tue, 20 Dec 2022 22:05:22 GMT

POST
H2 200 feature-decisions Show response
zephr.chicagotribune.com/zephr/ 29 KB
7 KB 144ms
144ms Fetch
application/json 13.32.110.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-67.vie50.r.cloudfront.net
Software: /
Resource Hash: bbdddf2a5d99879f620e7090c5e5267ef9b9c77f219fbfd2ef57e87c83f1a3d7

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
via: 1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: sjKHDfeKGXqz0mUIcD0gP-zlIhMiqI5dt817oVWiqtBXJ49h9_PH0A==
x-blaize-request: ffffffffa0ed7c2b

OPTIONS
H2 200 feature-decisions
zephr.chicagotribune.com/zephr/ Frame 0
0 112ms
111ms Preflight 13.32.110.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-67.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin: https://www.chicagotribune.com
content-length: 0
date: Tue, 20 Dec 2022 22:05:21 GMT
via: 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
x-amz-cf-id: h4saVLL-b47S3i5Q1o1DYOdsaGPj91Q-68_N7gqCUqotegNmnNDQWg==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

POST
H2 204 beacons
p.flipp.com/ Frame A4DB 0
0 242ms
191ms Fetch 65.9.66.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-113.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.chicagotribune.com
access-control-allow-credentials: true
x-amz-cf-id: DfErlhRI72RRV_7P8dHugQ7zvDyGRpbaOnjnZLddZSqBZsCkwbG56w==

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 22ms
21ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 09:00:35 GMT
x-content-type-options: nosniff
age: 47086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 09:00:35 GMT

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 23ms
22ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:03:18 GMT
x-content-type-options: nosniff
age: 108123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:03:18 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 26ms
26ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:21:12 GMT
x-content-type-options: nosniff
age: 24249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:21:12 GMT

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 97F6 0
25 B 153ms
153ms Other
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-IjaTn4gG2Vhxh8P2mFjzhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-IjaTn4gG2Vhxh8P2mFjzhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/ed=1/rs=ABXTjI6zNgbp0ztkvGYfAWesWB-cKdjyjQ/ Frame 97F6 521 B
1 KB 83ms
20ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/ed=1/rs=ABXTjI6zNgbp0ztkvGYfAWesWB-cKdjyjQ/m=serviceiframeview,_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:10:33 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/am=GgYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI... Frame 97F6 176 KB
62 KB 84ms
22ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/am=GgYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5kQhw5oQdMiBGXDStRLpTNvEZWDQ/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464326&publicationId=chicagotribune.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

340bb38f9a3f5dcfa80608fc72824216a6cc60a87bf912a37bca85bce3bbd519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63398
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:21:26 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
427 B 43ms
43ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

690ccd1d5147450547924d553c47ba22f8d9c3fc79c5357e5e51df1f709cca1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 22:01:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 22:05:21 GMT

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 97ms
96ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 600
content-length: 0
date: Tue, 20 Dec 2022 22:05:21 GMT
server: nginx

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
227 B 97ms
96ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Tue, 20 Dec 2022 22:05:21 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1... Frame 97F6 133 KB
45 KB 66ms
25ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI50r2QK7NBzlD-SO11S1tli0FVHVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/am=GgYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5kQhw5oQdMiBGXDStRLpTNvEZWDQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53c3d2c02b226f255e8119f89eabc6db3d2d38c5a5e4e358c37ffea398693b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45699
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:21:29 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1... Frame 97F6 17 KB
7 KB 59ms
21ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI50r2QK7NBzlD-SO11S1tli0FVHVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5dee40e5037f7928e9497a2f838a6e592ea848f62dd035340e43c3d55f1934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7277
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:21:29 GMT

POST
H2 204 bulk Show response
trc.taboola.com/tribunedigital-chicagotribune/log/3/ 0
112 B 29ms
29ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tribunedigital-chicagotribune/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=13
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221219-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Tue, 20 Dec 2022 22:05:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220028-HHN
server: nginx
x-timer: S1671573921.335202,VS0,VE11
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.chicagotribune.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 137 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 383 B
1 KB 430ms
430ms XHR
application/json 13.32.110.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/137?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=8753bbb7-0b45-47a8-96aa-c0f33e41385c&bctempid=&overruleReferrer=&time=2022-12-20T22%3A05%3A21%2B00%3A00&ts=1671573921349

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-126.vie50.r.cloudfront.net

Software

- /

Resource Hash

3b24a1d8f54f779baa6601e905bd5783bc76b517db85eb99d7ada786bdac602d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 181
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: fPDrye91XEhHA4NpYreDJCrcqsw2pMxJ0AYyur0lBR47QLOA46rx5Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/3f49be5a-bc89-48d8-b745-f51873a6c36f/ 6 KB
2 KB 29ms
15ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/3f49be5a-bc89-48d8-b745-f51873a6c36f/web?callback=__jp0

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c711fdba3808afd9a546eaeb08529bef76c2395104d4cb50b1ed3a7f3f3986

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 864
cf-polished: origSize=5659
status: 200 OK
x-envoy-upstream-service-time: 25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4b96832a-a91d-44c4-8fc1-be21d110af64
x-runtime: 0.023912
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"239e7cc738123139484a0b63bb9c1673"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 77cbadd08afbbb71-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 20 Dec 2022 23:05:21 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 4B36 0
0 63ms
11ms Document
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 20 Dec 2022 22:05:21 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 204 c780cfde9d493686
pixel.sitescout.com/iap/ 0
191 B 57ms
12ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/c780cfde9d493686
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 20 Dec 2022 22:05:21 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
BLOB 200
OK 3896dd5a-0f9c-4fd6-9ae9-3c03ceb3c39b
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/3896dd5a-0f9c-4fd6-9ae9-3c03ceb3c39b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK e851eed8-607f-44c3-85f1-748dc7ae876b
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/e851eed8-607f-44c3-85f1-748dc7ae876b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1... Frame 97F6 1 KB
739 B 20ms
20ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI50r2QK7NBzlD-SO11S1tli0FVHVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2c770b76bc4e66b27eb5596867e285ba2dae76e72550d6046c36297e13b2249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 713
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:21:30 GMT

POST
H2 200 log Show response
play.google.com/ Frame 97F6 131 B
672 B 117ms
56ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 22:05:21 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1052291973/ 2 KB
2 KB 110ms
48ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052291973/?random=1671573921376&cv=11&fst=1671573921376&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&tiba=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&us_privacy=1---&uaw=0&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a6520279328ec05c06d8bc12e817c5ed80b94b01d83081e3f8a78836c647c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 97F6 509 B
384 B 168ms
168ms XHR
application/json 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-6074354347734530836&bl=boq_subscribewithgoogleclientserver_20221219.08_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=79522&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2326b53a2415ec3a8471572c831b9c96d4cde4d6e6fe88fea21cd562902b71b0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
0217991c.akstat.io/ 0
207 B 80ms
79ms Ping
image/gif 2a02:26f0:dc:18c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://0217991c.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:dc:18c::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:21 GMT
content-type: image/gif
access-control-allow-origin: https://www.chicagotribune.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Tue, 20 Dec 2022 22:05:21 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 24ms
23ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1394
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 77cbadd12c0c995d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Jan 2023 22:05:21 GMT

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
227 B 98ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Tue, 20 Dec 2022 22:05:21 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 97ms
96ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 600
content-length: 0
date: Tue, 20 Dec 2022 22:05:21 GMT
server: nginx

GET
H2 200 /
www.google.com/pagead/1p-user-list/1052291973/ 42 B
548 B 109ms
46ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1052291973/?random=1671573921376&cv=11&fst=1671573600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&tiba=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&fmt=3&is_vtc=1&random=1255278795&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1052291973/ 42 B
548 B 108ms
46ms Image
image/gif 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1052291973/?random=1671573921376&cv=11&fst=1671573600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&tiba=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&fmt=3&is_vtc=1&random=1255278795&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

results.txt Show response
3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p13ppaf78
https://3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

228ms
38ms

XHR
text/plain

2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 22:05:22 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Tue, 20 Dec 2022 22:05:21 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p13ppaf78
https://eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

160ms
17ms

XHR
text/plain

2a02:26f0:11a::217:9a5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:11a::217:9a5a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 22:05:21 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Tue, 20 Dec 2022 22:05:21 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 99ms
99ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=8a64fd60-b913-4da7-b19d-6a7e7bcff2b1&pid=1d9e84bf-8b84-4f4a-9fcf-2ad677f6964d&dtm=1671573921590&qnm=_matherq&visible=1&tabid=839ca4fd-3277-4b2c-8195-e0f2abeade65&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&vp=1600x1200&ds=1600x1200&tofa=1671573920&vid=1&lvidt=1671573920&duid=a3671f5e8c198a35&fp=983239506&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsidHlwZSI6InBheXdhbGwiLCJjYXRlZ29yeSI6ImJsb2NrIiwiYWN0aW9uIjoic3RvcCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJQcm9kIENUIE1ldGVyIiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vNjYiLCJvdXRjb21lTGFiZWwiOiJTb3BoaSBDTVAgUGF5d2FsbCBSZWN1cmx5IEFub24ifV0sIm1ldGVyIjp7fSwidHJpYWxUcmFja2luZ0RldGFpbCI6e30sInZlbmRvciI6InplcGhyIiwiZmxvd3JlZiI6eyJkYXkwIjp7ImZsb3ciOiJwYXl3YWxsIiwidGlkIjoiOGE2NGZkNjAtYjkxMy00ZGE3LWIxOWQtNmE3ZTdiY2ZmMmIxIiwidGltZSI6IjE2NzE1NzM5MjIifSwiZGF5NSI6eyJ0aW1lIjoiMTY3MTU3MzkyMiJ9LCJkYXkzMCI6eyJ0aW1lIjoiMTY3MTU3MzkyMiJ9fX0sImF1ZGllbmNlIjpbeyJwcm92aWRlciI6InVzZXJEQiIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6IjFkOWU4NGJmLThiODQtNGY0YS05ZmNmLTJhZDY3N2Y2OTY0ZCJ9LHsicHJvdmlkZXIiOiJpU2VncyIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6IjFkOWU4NGJmLThiODQtNGY0YS05ZmNmLTJhZDY3N2Y2OTY0ZCJ9XX0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 20 Dec 2022 22:05:21 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H3 200 log Show response
play.google.com/ Frame 97F6 131 B
155 B 93ms
54ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 22:05:21 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 92ms
51ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 22:05:21 GMT
expires: Tue, 20 Dec 2022 22:05:21 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 97F6 131 B
155 B 95ms
55ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 22:05:21 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 91ms
51ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 22:05:21 GMT
expires: Tue, 20 Dec 2022 22:05:21 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 97F6 131 B
155 B 93ms
54ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 22:05:21 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 22:05:21 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 92ms
52ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 22:05:21 GMT
expires: Tue, 20 Dec 2022 22:05:21 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 98ms
97ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=bc9401d6-e29c-4b19-a7e8-d1c59f5f74a0&pid=1d9e84bf-8b84-4f4a-9fcf-2ad677f6964d&dtm=1671573921593&qnm=_matherq&visible=1&tabid=839ca4fd-3277-4b2c-8195-e0f2abeade65&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&vp=1600x1200&ds=1600x1200&tofa=1671573920&vid=1&lvidt=1671573920&duid=a3671f5e8c198a35&fp=983239506&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoiY29udGVudCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJQcm9kIENUIE1ldGVyIiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vNjYiLCJvdXRjb21lTGFiZWwiOiJTb3BoaSBDTVAgUGF5d2FsbCBSZWN1cmx5IEFub24ifSx7ImZlYXR1cmVMYWJlbCI6IlRvYXN0ZXIiLCJvdXRjb21lSWQiOiJ0cmFuc2Zvcm1hdGlvbi8xNDciLCJvdXRjb21lTGFiZWwiOiJDLUNULUlaLUQtTi1Uc3QifV0sIm1ldGVyIjp7fSwidHJpYWxUcmFja2luZ0RldGFpbCI6e30sIm91dGNvbWVMYWJlbCI6IlNvcGhpIENNUCBQYXl3YWxsIFJlY3VybHkgQW5vbiIsInZlbmRvciI6InplcGhyIiwidHlwZSI6InVua25vd24ifSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiMWQ5ZTg0YmYtOGI4NC00ZjRhLTlmY2YtMmFkNjc3ZjY5NjRkIn0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiMWQ5ZTg0YmYtOGI4NC00ZjRhLTlmY2YtMmFkNjc3ZjY5NjRkIn1dfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 20 Dec 2022 22:05:21 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 101ms
101ms Image
image/gif 52.44.88.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicagotribune.com&p=%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&u=gDGzvekv84J_v8w&d=chicagotribune.com&g=3906&g0=suburbs%2Csuburbs%3Adaily-southtown&g1=Bill%20Jones&n=1&f=00001&c=0.05&x=0&m=0&y=5864&o=1600&w=1200&j=30&R=1&W=0&I=0&E=2&e=2&r=&PA=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&b=1359&t=WWdGqCOrFU2Cl8SVZBI490zRddeT&V=139&tz=0&_acct=anon&sn=2&sv=Dix02rBb7np1fAxJ2BoAgPTDAn1Zx&sd=1&im=067b0fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.88.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-88-224.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 22:05:22 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
101ms Image
image/gif 52.203.252.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=be00b3da-b7fc-4e96-a893-c229cf4c0896&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDZOqoqx7SRqmC9fHghq2cs5Un1ivsGrSqSvldHSe8Ba8bvRjfY5WW72_TnCfprBsKxDDEA_XY3JIp_BVJxh1bMXAgz5LjbAx-UxXe1hdjg7usf4rO00VNyrx5jbyD7UZvQkjiBFOQzJ9VuHkfoT0hlUshDdQjZo089na6NTR4979iBr943NsLkQ1EHd8BinUGm3rbwBesoQXZXEkEgiAU56mZ9XABgCoQUu3cDPMBpCog==&ntv_ht=nzGiYwA&ntv_at=808&ntv_a=AAAAAAAAAA7O4QA&ntv_sat=5&ord=1671573923148&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.252.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-252-49.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 22:05:23 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H3 200 v2dnfMqHNNM6HBqXcE5KZrFOuH65xv93N9RYEDZ7o9N09c9uObhTe8YLLao-k6kzB_i_pbJSCUA
smoggysnakes.com/ 2 B
28 B 15ms
15ms Ping
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2dnfMqHNNM6HBqXcE5KZrFOuH65xv93N9RYEDZ7o9N09c9uObhTe8YLLao-k6kzB_i_pbJSCUA

Requested by

Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 20 Dec 2022 22:05:24 GMT
via: 1.1 google
x-buildnumber: 718439402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
x-hostname: fen-hoothoot-europe-west1-spot-b0wm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Tue, 20 Dec 2022 22:05:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 79ms
21ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1757361571160924&ev=ViewContent&ts=1671573925388&it=1671573925388&v=2.7.21&if=false&cd[article_content_tier]=free&cd[is_subscriber]=true&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&rl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Dec 2022 22:05:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chicagotribune.com/subscriptions/modal-global/img	1970-01-20 17:05:09	Name: _lbz Value: 0
.chicagotribune.com/suburbs/daily-southtown	1970-01-20 17:05:09	Name: _lbz Value: 0
r610.chicagotribune.com/DG/DEFAULT	1970-01-20 17:55:33	Name: BCSessionID Value: 8753bbb7-0b45-47a8-96aa-c0f33e41385c
.chicagotribune.com/	1970-01-20 08:19:34	Name: _lb Value: 2
.chicagotribune.com/	1970-01-20 08:19:37	Name: AKA_A2 Value: A
tribune.blueconic.net/	1970-01-20 08:29:38	Name: AWSALBCORS Value: I/lqjT+LsJAEtJt6n0WzMYpzdrwXE8Fi4FKaEFwae5IPDnobeEV7bR6PNNBw5CPbv83mUyXYrkgyDjs0nWtTE7u5nGKyKLWPu/fNlm1toyr6ApsGNB83RyeJh8sm
.postrelease.com/	1970-01-20 17:05:09	Name: opt_out Value: 1
.www.chicagotribune.com/	1970-01-20 08:19:35	Name: sophiTagses.7165 Value: *
.chicagotribune.com/	1970-01-20 08:19:35	Name: _ml_ses Value: *
.chicagotribune.com/	1970-01-20 17:55:33	Name: _matheriSegs Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/	1970-01-20 17:55:33	Name: _matherSegments Value: MATHER_U9_FIRSTTIMEMET2_20191016
www.chicagotribune.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":4566726,"placementID":1109740,"lastInteraction":1671573919790,"sessionStart":1671573919790,"sessionEndDate":1671580800000,"experiment":""}
.chicagotribune.com/	1970-01-20 17:55:33	Name: _awl Value: 2.1671573919.5-62ff758f33bf715e21cfb880fd021ad0-6763652d6575726f70652d7765737431-0
www.chicagotribune.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 8753bbb7-0b45-47a8-96aa-c0f33e41385c
www.chicagotribune.com/	1970-01-20 17:05:09	Name: flipp-uid Value: e308a310-0a27-4742-9a9e-52e02053c95a
zephr.chicagotribune.com/	1970-01-20 11:41:09	Name: blaize_session Value: 04a3ad25-b58a-431c-a25e-792e93aee20b
zephr.chicagotribune.com/	1970-01-20 17:55:33	Name: blaize_tracking_id Value: a5061384-8d85-4d52-ae52-b4c58ccfe787
.chicagotribune.com/	1970-01-20 12:38:45	Name: c_mId Value:
.chicagotribune.com/	1970-01-20 12:38:45	Name: c_PUID Value:
zephr.chicagotribune.com/	1970-01-20 08:29:38	Name: AWSALB Value: 6b2PkualBSiWmPfe3+pOMLERZgPCLdI0ZbR6RvD1h34XTaDt12UqJQ7lGq+DMng4nn97x78vljxBVPM5K8ruOrDdZALvtuLtvJjLGm/BMDnKlsjemqu9xx6UD+wp
zephr.chicagotribune.com/	1970-01-20 08:29:38	Name: AWSALBCORS Value: 6b2PkualBSiWmPfe3+pOMLERZgPCLdI0ZbR6RvD1h34XTaDt12UqJQ7lGq+DMng4nn97x78vljxBVPM5K8ruOrDdZALvtuLtvJjLGm/BMDnKlsjemqu9xx6UD+wp
.p.flipp.com/	1970-01-20 17:55:33	Name: gid Value: "55JyGwAAkvgJIq3rAJJtqQ=="
.www.chicagotribune.com/	1970-01-20 17:55:33	Name: sophiTagid.7165 Value: 43451b91-e0f1-4cc1-9b5b-27beea414cdf.1671573920.1.1671573921.1671573920.ef657e9e-bf1c-4156-a067-49e12afad77d
.doubleclick.net/	1970-01-20 08:19:34	Name: test_cookie Value: CheckForPermission
.chicagotribune.com/	1970-01-20 17:55:33	Name: _ml_id Value: a3671f5e8c198a35.1671573920.1.1671573922.1671573920
r610.chicagotribune.com/	1970-01-20 08:29:38	Name: AWSALB Value: mNTvb0TK4KipenuTr4mwJPraT0XjQLDVV9qIGALFIcwL42Q9WHKhPG9TCC3A+Qg66C/OWsn7TE58WUV+T5KC07sG//vb41RmS/OBOkOavjoMLGti4XXsNmlQd600
r610.chicagotribune.com/	1970-01-20 08:29:38	Name: AWSALBCORS Value: mNTvb0TK4KipenuTr4mwJPraT0XjQLDVV9qIGALFIcwL42Q9WHKhPG9TCC3A+Qg66C/OWsn7TE58WUV+T5KC07sG//vb41RmS/OBOkOavjoMLGti4XXsNmlQd600

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991c.akstat.io
3gfmfiyccjhy2y5cggqq-p13ppa-c2da7b282-clientnsv4-s.akamaihd.net
am-trc-events.taboola.com
assets.zephr.com
authenticate.chicagotribune.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn-gateflipp.flippback.com
cdn.confiant-integrations.net
cdn.jwplayer.com
cdn.onesignal.com
cdn.parsely.com
cdn.sophi.io
cdn.taboola.com
cmp.osano.com
collector2.sophi.io
dynpaywall-api-chicagotribune.ml.sophi.io
eaaqvsaaea6aakqce3yacgqaabr2emnb-p13ppa-8eeda1186-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
googleads.g.doubleclick.net
jadserve.postrelease.com
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
mab.chartbeat.com
news.google.com
onesignal.com
p.flipp.com
p1.parsely.com
ping.chartbeat.net
pixel.sitescout.com
play.google.com
player-files.remixd.com
polyfill.io
pubcast-files.remixd.com
r610.chicagotribune.com
s.go-mpulse.net
s.ntv.io
sb.scorecardresearch.com
smoggysnakes.com
ssor.tribdss.com
static.adsafeprotected.com
static.chartbeat.com
tags.remixd.com
trc-events.taboola.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
tribune-chicagotribune.zeustechnology.com
tribune.blueconic.net
widget.perfectmarket.com
www.chicagotribune.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.i.matheranalytics.com
www.tribdss.com
zephr.chicagotribune.com
107.178.250.234
107.20.111.5
108.138.4.10
13.225.78.56
13.32.110.126
13.32.110.42
13.32.110.63
13.32.110.67
13.32.2.61
13.32.99.90
141.226.228.48
143.204.215.80
151.101.1.44
151.101.65.44
18.160.249.74
18.66.112.11
2.18.37.49
2.18.79.138
2.18.79.141
23.64.52.69
2600:1901:0:d733::1
2600:9000:2057:e400:18:1fcd:351:7bc1
2600:9000:211e:3600:3:b7e:8940:93a1
2600:9000:223f:a800:8:48e:53c0:93a1
2600:9000:225e:4200:1:a3fa:7cc0:93a1
2606:4700::6812:116b
2606:4700::6812:e234
2a00:1450:400d:802::2008
2a00:1450:400d:806::2003
2a00:1450:400d:807::2003
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2003
2a00:1450:400d:80e::200a
2a00:1450:400d:80e::200e
2a02:26f0:11a::217:9a50
2a02:26f0:11a::217:9a5a
2a02:26f0:dc:18c::11a6
2a02:26f0:dc:383::11a6
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:200::282
2a04:4e42::714
34.215.225.95
34.224.131.223
35.190.38.143
52.203.252.49
52.222.139.112
52.223.1.76
52.44.88.224
54.155.18.159
54.230.18.13
65.9.66.113
98.98.134.241
99.86.240.58
05aa3e4cb143051b5923abe76f14623533a78759f4eb8e4ea0e0a63cf93c2324
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
093cadbebd584635caf3e7b67181b1554f23ec758b7d5848118832f974746c9b
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0c5ae34a674cdb6cdb2747b25bae3d663e862e1e064aad8fd2293a62b157c83a
139cfda4f3825f41d13529632bc3c69b6663d87012a50365edf567dff773badd
147f6d2e7f84b8b8722d4bfc779cc0a86ddf23b0de4e2f65118fbfbf3c7b38ed
14db414b93ad787c1dbff2a9810bad726d4a668f9771d14f7b9e0ac4a07fcd16
14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5
1772b2203205468529b2ce91b979cbfd4e7ac95f5cf55463fdbb313cf9708403
17f12ac7f20e79425daf1c3a77824a189660b2154063ea202a32199cbfd8d4b4
19789a25de316aafa0cdcef2940eb6fe36b17c7219e7acaaf6275a10de01b45e
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
20d36b1439759089674dc4d2a6bc17436719a75911b63398b54772458dc709c2
2326b53a2415ec3a8471572c831b9c96d4cde4d6e6fe88fea21cd562902b71b0
261cd8c87248d6bc2e29d1a4c90b82020faa40bb6243a1b73054e0657b0d9ce3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e8abd1bd35c53e27e8217456b80f258f45b0c4f0a7c4eefb30f9749f055c1cc
3298bdfdcf3cc6b8bac3088bb71036c0be9eba411cff6c6902b1d53e63124adc
32e8506d2f282e7132820c2c989104e013938da8c2214f6442eaec6945918211
340bb38f9a3f5dcfa80608fc72824216a6cc60a87bf912a37bca85bce3bbd519
34ec1683d2642299e982025227fedb587004b36ef9d3abcf47999e7f62a8afff
36bfd4fb80f699d28d8cda6f8cf6ac9f6ef6be68cd3545fb3d565f463e528d5b
37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3abb626869ec51ffbbd335ab7ad0bc46e49ba32921eacee36e1fe00e3fb44783
3b24a1d8f54f779baa6601e905bd5783bc76b517db85eb99d7ada786bdac602d
3c5d69cad366a44745729e8bfc3f02b15980701da6ad6fcc6d4158d4eea476df
4201feb643210f3f9cccf2babbb890abfa064be8c3d01932183e635951b04854
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b10e0974a2a15ad1594ac1f02cb48260dc542ba0996ad7e25f35f80e7c163b
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
4a51e76befc0c3fe8d4fe82c228c3d7bd47d6a60f9df6f161aa224194c84f618
4af436546062a267e25a9ff089d0d1a2dc9e0baf86765c2a382f770e9365a6b2
4b8ac6cf78850dd4df1813d44fdfb823f948a35f53870f6898d6026eb4f75f17
4de3df3f8c41b969312c7f8fb0ec105ca4ceebfeff99e9c4c6552f017c8aeb2e
4de5a2bd3f00d6c188b3caa2f8c0c6cc3080941985328ede8274e2da5b8e323e
4fff4fdf9ddb97b73d60aff93cc19a5dfbf9951d3f678f210e87c1718230c05f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
505f4f1efb4dd0ba26720499f728fa85b276cbe2161fa73846b3a277a780314b
51ae82135498270faf7037bc1034285965dcde3c43476a24ac83ab3d14322522
51af71cfd26e8ccf3dcdfad67fbf0af3bd1b852c077f78ab85bb2484385bc7d4
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
53c3d2c02b226f255e8119f89eabc6db3d2d38c5a5e4e358c37ffea398693b11
567946e88d6703fd35ed019e14364116e86a093ba599a190d68b98fd66609cb2
5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7
5b96b81ae4d12086287a1d75eb13d2377f035cc91c20e4a5ee8421ad96719540
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5db3774df39f79998d74169102bed48953aac311893269360d1d4b324681a514
5f9de907e4bd4fb82b1ce817bc28411f5313cc75af86bd75aee712be9dffa4c0
6522f662c8debcda2820aaf8d8d34f30061896419eded83d4e57fb1ac98d41ff
65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
670c450be55377c548c7de42762824d109c0e67f22b23ea58efceff0bdcd11ba
690ccd1d5147450547924d553c47ba22f8d9c3fc79c5357e5e51df1f709cca1e
6d12cb94d68d465e2823cd9b692413eef5e6ea8b58482c265e49a7cd6d23b9ad
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c8dd5f7e9e33d9c03332640bb647808808c8fe14670f3fc01b44b7325277a6e
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32
80bffc1f5d484df0221c64591bd553e659f58c2f06611b86b50a3079af705d13
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
848a34a269b0a7e7e682362ed5189ee271f6995f85621315c3c1937139a00c26
8599e8835dc4fd0c9452dbb6fbaddedaa2a4d8fbbb96dd5d81320e0abee14ddd
87eecb67faf2ab19e08c7f364ddef4c22a194a29ed08a7aeab1250d763ee44aa
8a6520279328ec05c06d8bc12e817c5ed80b94b01d83081e3f8a78836c647c58
8b992185e4480c6985018878a97c716fb566d4438398fe60aba7a9e1d9c06059
8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334
90e2f780ff286005bb9f847a01515cc6e36d1fbd731b2e7e262b7462b18ea820
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468
96ccf982c4d6f90c3a1a86ec1115c794b8aff5c09cacfb0c54357946abd0a3a8
9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2
9a2b97d7aae47bba79d3c507aa950e05461e43928d0aee51201e5fdcb95cfc94
9a9cc873978e850d993c6ea059d54da6a4a1d7be8b3b11d83ffc5e34ba97d32f
9eb6599bb360c2bbd998e8fbb24087b36a03220670ca2a20e91d388bfccaf95d
9ff4bae221a902760c0269d72a02a8e7abdb54597f9a1872a4212f4a5a463ed5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a17a94273cff2fca97148e7ac2b20a58c467ae02b6033eccb02f9e96747b07fe
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a817b30fa0d97a561ee14a8a08300a12db396166f56ca8da39cf77c33de9cc7c
a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
baff27315285aafa5071a85603694284141f69ad88c77ef68241ff8555e5f1fc
bbdddf2a5d99879f620e7090c5e5267ef9b9c77f219fbfd2ef57e87c83f1a3d7
bc96ea6e178463aae045454a8bb583cb8678f20c922a20723bbcdb0b0f242816
bd03e70c1b849ea7e586ad1b46a8a6ef0215f2f8113f869f22b0802977253fa6
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c2c770b76bc4e66b27eb5596867e285ba2dae76e72550d6046c36297e13b2249
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c840a97f1ee47067faca78272f458910ca19af0e56eb238ce60833ccdc8cc717
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
cf276f8b30084449354a820d7830158827a9d732027394506346370fe56c4279
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5dee40e5037f7928e9497a2f838a6e592ea848f62dd035340e43c3d55f1934
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d96c2ac8423b6e35af5cd40b205eef69ce1f21237ceee3295d622fd58716b1d2
daea45ab775badcc8428a74d2676ac1993213cd6c7bd0352b6e96eb2f29b37ce
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc2f56f86e6d72c3b804ce78768cf7f23b78bc957ec5d17000bd59eaccb1c483
de66e99944f3507999ccf07632627cf80f1771534cffd2e2411cd62cd754d45e
e02d29497d62ca80311fa65138ac0ea44d34c731ccf9d31276133e950ca8b6dd
e032575ce4b515c457c0cf6c2dc05a33265351dfc72365e353669418cfc047d0
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e5915fd5813ede0116e919c3154a6ff305c5c5d28489b6ed44df905514c9a52b
e8ea3c65df3dbc6a61526b4630dd65bca327a04024120f8dd5d6b7a6fcc53b0f
e9f1c060d1227dbb1e7272806bddce0fc3d8477675482564bb497ed55d54e01c
ebb567b470c90efa50fbe96b8593b4605f2eb5ef2c5ef8a7d8f915ee8efa8982
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f6487e04faf01177ca123beb1fa1c5683887295609275f1a5badafae5ec7cf
f486dcad1402002af6f9fee8cbe1f301710b828ea0740abfe8672137ef6e02f8
f5c711fdba3808afd9a546eaeb08529bef76c2395104d4cb50b1ed3a7f3f3986
f6b49eeea8cc90c785e459aa7cd32f705759e84741f3421cfa7bc4685210c2a6
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

www.chicagotribune.com Open in urlscan Pro 2a02:26f0:11a::217:9a50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

220 Requests

96 %HTTPS

43 %IPv6

39 Domains

63 Subdomains

56 IPs

4 Countries

3231 kBTransfer

10153 kBSize

27 Cookies

59 Outgoing links

Redirected requests

220 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.chicagotribune.com Open in urlscan Pro
2a02:26f0:11a::217:9a50 Public Scan

Screenshot
Live screenshot

Full Image

220
Requests

96 %
HTTPS

43 %
IPv6

39
Domains

63
Subdomains

56
IPs

4
Countries

3231 kB
Transfer

10153 kB
Size

27
Cookies

220 HTTP transactions
0 data transactions