www.chicagotribune.com Open in urlscan Pro
2a02:26f0:3500:12::1730:17c0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi...
Submission Tags: falconsandbox
Submission: On December 20 via api (December 20th 2022, 9:53:35 pm UTC) from US — Scanned from DE

Summary HTTP 158 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 53 IPs in 4 countries across 37 domains to perform 158 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:17c0, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.chicagotribune.com. The Cisco Umbrella rank of the primary domain is 37102.
TLS certificate: Issued by R3 on October 24th 2022. Valid for: 3 months.

This is the only time www.chicagotribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2a02:26f0:350... 2a02:26f0:3500:12::1730:17c0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
10	143.204.215.110 143.204.215.110	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:106b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	23.35.237.64 23.35.237.64	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:205... 2600:9000:2057:a00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.122 143.204.215.122	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.215.24 143.204.215.24	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	54.160.47.101 54.160.47.101	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:350... 2a02:26f0:3500:586::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::714	54113 (FASTLY) (FASTLY)
2 5	96.16.138.112 96.16.138.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.3 65.9.66.3	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:7000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	2600:1901:0:d... 2600:1901:0:d733::1	15169 (GOOGLE) (GOOGLE)
1	99.86.4.41 99.86.4.41	16509 (AMAZON-02) (AMAZON-02)
6	34.246.233.4 34.246.233.4	16509 (AMAZON-02) (AMAZON-02)
4	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.79 65.9.66.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.66.15 65.9.66.15	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
2	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:2800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
6	52.223.1.76 52.223.1.76	16509 (AMAZON-02) (AMAZON-02)
2	18.213.117.153 18.213.117.153	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.27.115 13.32.27.115	16509 (AMAZON-02) (AMAZON-02)
5	13.32.27.7 13.32.27.7	16509 (AMAZON-02) (AMAZON-02)
3	3.217.241.65 3.217.241.65	14618 (AMAZON-AES) (AMAZON-AES)
1	34.215.225.95 34.215.225.95	16509 (AMAZON-02) (AMAZON-02)
1 8	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:de00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.111 143.204.215.111	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
7	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.66.128 65.9.66.128	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.7 65.9.66.7	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	() ()
158	53

28 2a02:26f0:3500:12::1730:17c0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.215.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-110.fra53.r.cloudfront.net

r610.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:a00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-122.fra53.r.cloudfront.net

assets.zephr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-24.fra53.r.cloudfront.net

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.47.101 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-47-101.compute-1.amazonaws.com

tribune.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:586::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 96.16.138.112 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-138-112.deploy.static.akamaitechnologies.com

www.tribdss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssor.tribdss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-3.fra56.r.cloudfront.net

dynpaywall-api-chicagotribune.ml.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:7000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

smoggysnakes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-41.fra6.r.cloudfront.net

tribune-chicagotribune.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.246.233.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-79.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-15.fra56.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:2800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com

collector2.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.117.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-117-153.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-115.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net

zephr.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.217.241.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-241-65.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.225.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-225-95.us-west-2.compute.amazonaws.com

authenticate.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:de00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-111.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-128.fra56.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-7.fra56.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	chicagotribune.com www.chicagotribune.com — Cisco Umbrella Rank: 37102 r610.chicagotribune.com — Cisco Umbrella Rank: 85439 zephr.chicagotribune.com — Cisco Umbrella Rank: 96695 authenticate.chicagotribune.com — Cisco Umbrella Rank: 157688	1 MB
16	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 5891 play.google.com — Cisco Umbrella Rank: 15 www.google.com — Cisco Umbrella Rank: 2	62 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	241 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 937 trc.taboola.com — Cisco Umbrella Rank: 664 am-trc-events.taboola.com — Cisco Umbrella Rank: 16662	257 KB
8	sophi.io dynpaywall-api-chicagotribune.ml.sophi.io — Cisco Umbrella Rank: 154884 cdn.sophi.io — Cisco Umbrella Rank: 19336 collector2.sophi.io — Cisco Umbrella Rank: 24770	43 KB
6	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 971	4 KB
6	remixd.com tags.remixd.com — Cisco Umbrella Rank: 19721 pubcast-files.remixd.com — Cisco Umbrella Rank: 20764 player-files.remixd.com — Cisco Umbrella Rank: 21917	82 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 10226 www.i.matheranalytics.com — Cisco Umbrella Rank: 9916	44 KB
5	tribdss.com 2 redirects www.tribdss.com — Cisco Umbrella Rank: 45663 ssor.tribdss.com — Cisco Umbrella Rank: 46503	39 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 7316 launchpad.privacymanager.io — Cisco Umbrella Rank: 6447 geo.privacymanager.io — Cisco Umbrella Rank: 1638	11 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3416 onesignal.com — Cisco Umbrella Rank: 1310	82 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
3	smoggysnakes.com smoggysnakes.com — Cisco Umbrella Rank: 63439	21 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1412 mab.chartbeat.com — Cisco Umbrella Rank: 2280	25 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3532	191 B
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1227	401 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 154	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2773 p1.parsely.com — Cisco Umbrella Rank: 2076	21 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 6416	94 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1239 c.go-mpulse.net — Cisco Umbrella Rank: 602	50 KB
2	zephr.com assets.zephr.com — Cisco Umbrella Rank: 50755	16 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383	92 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 296	48 KB
1	facebook.com www.facebook.com	185 B
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 15235
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 15556	18 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6041	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	2 KB
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2620	42 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 587	466 B
1	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3197	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	zeustechnology.com tribune-chicagotribune.zeustechnology.com — Cisco Umbrella Rank: 99339	58 KB
1	blueconic.net tribune.blueconic.net — Cisco Umbrella Rank: 56114	697 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	97 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3120	149 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1392	422 B
158	37

	Domain	Requested by
28	www.chicagotribune.com	www.chicagotribune.com
10	r610.chicagotribune.com	www.chicagotribune.com r610.chicagotribune.com cmp.osano.com
8	news.google.com	1 redirects cmp.osano.com news.google.com www.chicagotribune.com www.gstatic.com
7	play.google.com	www.gstatic.com
6	collector2.sophi.io	cdn.sophi.io
6	jadserve.postrelease.com	s.ntv.io www.chicagotribune.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	news.google.com www.gstatic.com
5	zephr.chicagotribune.com	assets.zephr.com
4	am-trc-events.taboola.com	www.chicagotribune.com
4	www.tribdss.com	2 redirects www.chicagotribune.com
4	fonts.googleapis.com	www.chicagotribune.com client
3	player-files.remixd.com	www.chicagotribune.com
3	www.i.matheranalytics.com	www.chicagotribune.com
3	smoggysnakes.com	www.chicagotribune.com smoggysnakes.com
2	pixel.sitescout.com	www.chicagotribune.com
2	onesignal.com	cmp.osano.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	trc.taboola.com	cdn.taboola.com
2	ping.chartbeat.net	www.chicagotribune.com
2	sb.scorecardresearch.com	www.chicagotribune.com cdn.taboola.com
2	js.matheranalytics.com	1 redirects www.chicagotribune.com
2	cdn.taboola.com	www.chicagotribune.com cdn.taboola.com
2	cmp.osano.com	www.chicagotribune.com cmp.osano.com
2	tags.remixd.com	www.chicagotribune.com tags.remixd.com
2	cdn.onesignal.com	www.chicagotribune.com cdn.onesignal.com
2	assets.zephr.com	www.chicagotribune.com
2	static.chartbeat.com	www.chicagotribune.com
2	cdn.confiant-integrations.net	www.chicagotribune.com cdn.confiant-integrations.net
2	c.amazon-adsystem.com	www.chicagotribune.com c.amazon-adsystem.com
1	www.facebook.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	cdn-gateflipp.flippback.com	cdn.taboola.com
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	cmp.osano.com
1	c.go-mpulse.net	s.go-mpulse.net
1	cdn.jwplayer.com	tags.remixd.com
1	authenticate.chicagotribune.com	cmp.osano.com
1	launchpad.privacymanager.io	cmp.osano.com
1	p1.parsely.com	www.chicagotribune.com
1	static.adsafeprotected.com	smoggysnakes.com
1	widget.perfectmarket.com	cdn.taboola.com
1	cdn.sophi.io	www.chicagotribune.com
1	www.google-analytics.com	www.googletagmanager.com
1	launchpad-wrapper.privacymanager.io	www.googletagmanager.com
1	cdn.parsely.com	www.googletagmanager.com
1	pubcast-files.remixd.com	tags.remixd.com
1	tribune-chicagotribune.zeustechnology.com	www.chicagotribune.com
1	dynpaywall-api-chicagotribune.ml.sophi.io	www.chicagotribune.com
1	ssor.tribdss.com	www.chicagotribune.com
1	mab.chartbeat.com	static.chartbeat.com
1	s.go-mpulse.net	www.chicagotribune.com
1	tribune.blueconic.net	r610.chicagotribune.com
1	www.googletagmanager.com	www.chicagotribune.com
1	s.ntv.io	www.chicagotribune.com
1	polyfill.io	www.chicagotribune.com
158	57

This site contains links to these domains. Also see Links.

Domain
membership.chicagotribune.com
join.chicagotribune.com
myaccount.chicagotribune.com
www.tribpub.com
digitaledition.chicagotribune.com
digitaledition.aurorabeaconnews.chicagotribune.com
digitaledition.elgincouriernews.chicagotribune.com
digitaledition.dailysouthtown.chicagotribune.com
digitaledition.newssunonline.chicagotribune.com
digitaledition.napersun.chicagotribune.com
digitaledition.post-trib.chicagotribune.com
digitaledition.napervillemagazine.chicagotribune.com
placeanad.chicagotribune.com
store.chicagotribune.com
www.tkqlhce.com
fun.chicagotribune.com
www.legacy.com
www.publicnoticeillinois.com
www.facebook.com
twitter.com
www.nydailynews.com
www.orlandosentinel.com
www.mcall.com
www.dailypress.com
www.studio1847.io
www.baltimoresun.com
www.sun-sentinel.com
www.courant.com
www.pilotonline.com
careers.tribpub.com
www.chicagotribunemediagroup.com
mylocal.chicagotribune.com
www.aquilea.com
popup.taboola.com
www.deejo.de
www.austria.info
www.luoccia.com

Subject Issuer	Validity	Valid
tronc.web.arc-cdn.net R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
r610.chicagotribune.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
assets.zephr.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.remixd.com Amazon	`2022-03-11` - `2023-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.trbimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-27` - `2023-05-30`	a year	crt.sh
dynpaywall-api-chicagotribune.ml.sophi.io Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
cmp.osano.com Amazon	`2022-09-02` - `2023-09-30`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
smoggysnakes.com R3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
*.zeustechnology.com Amazon	`2022-04-15` - `2023-05-14`	a year	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
pubcast-files.remixd.com GTS CA 1D4	`2022-12-01` - `2023-03-01`	3 months	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
cdn.sophi.io Amazon	`2022-10-18` - `2023-11-15`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.sophi.io Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
zephr.sun-sentinel.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
www.i.matheranalytics.com Amazon	`2022-12-14` - `2024-01-13`	a year	crt.sh
authenticate.baltimoresun.com Amazon	`2022-09-11` - `2023-10-09`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
jwplayer.com Amazon	`2022-11-27` - `2023-12-25`	a year	crt.sh
player-files.remixd.com GTS CA 1D4	`2022-12-10` - `2023-03-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.flippback.com Amazon	`2022-07-01` - `2023-07-29`	a year	crt.sh
flipp.com Amazon	`2022-08-31` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-29` - `2022-12-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Frame ID: BDA0E2A36D20E31FC9215BED43CC3B7F
Requests: 126 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 8F3049CDF12CBA056650B56CB65A84A5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: D25720A2063EFA72D477B6338A98099B
Requests: 7 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com
Frame ID: 3B3633138935E442DE5C848A8789B8CF
Requests: 12 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 0B49C18D80AF760828AC535B25CA4611
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Frame ID: 5F94FF6C9C9B7DF57109BB9A43A0DC3D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lansing woman turns tragedy into generosity through MJG MovementGroup 3Group 3Group 3Group 3

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

96 %
HTTPS

44 %
IPv6

37
Domains

57
Subdomains

53
IPs

4
Countries

3041 kB
Transfer

9913 kB
Size

28
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: https://membership.chicagotribune.com/newsletters#nt=primarynavbar
Title: Newsletters & Alerts(Opens in new window)

Search URL Search Domain Scan URL

URL: http://join.chicagotribune.com/#nt=primarynavbar
Title: Subscribe here(Opens in new window)

Search URL Search Domain Scan URL

URL: http://membership.chicagotribune.com/#nt=primarynavbar
Title: Subscriber Services(Opens in new window)

Search URL Search Domain Scan URL

URL: https://myaccount.chicagotribune.com/300/autopaymanage#nt=secondarynavbar
Title: EZ Pay(Opens in new window)

Search URL Search Domain Scan URL

URL: https://myaccount.chicagotribune.com/300/temporarystop#nt=secondarynavbar
Title: Vacation Stop(Opens in new window)

Search URL Search Domain Scan URL

URL: https://myaccount.chicagotribune.com/300/complaint#nt=secondarynavbar
Title: Delivery Issue(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/subscriber-terms-and-conditions/#nt=secondarynavbar
Title: Subscriber Terms(Opens in new window)

Search URL Search Domain Scan URL

URL: http://membership.chicagotribune.com/faq#nt=secondarynavbar
Title: FAQ(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.chicagotribune.com/#nt=primarynavbar
Title: eNewspaper(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.chicagotribune.com/#nt=secondarynavbar
Title: Chicago Tribune(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.chicagotribune.com/eveningedition#nt=secondarynavbar
Title: Evening Edition(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.aurorabeaconnews.chicagotribune.com/#nt=secondarynavbar
Title: The Beacon-News(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.elgincouriernews.chicagotribune.com/#nt=secondarynavbar
Title: The Courier-News(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.dailysouthtown.chicagotribune.com/#nt=secondarynavbar
Title: Daily Southtown(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.newssunonline.chicagotribune.com/#nt=secondarynavbar
Title: Lake County News-Sun(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.napersun.chicagotribune.com/#nt=secondarynavbar
Title: Naperville Sun(Opens in new window)

Search URL Search Domain Scan URL

URL: http://digitaledition.post-trib.chicagotribune.com/#nt=secondarynavbar
Title: Post-Tribune(Opens in new window)

Search URL Search Domain Scan URL

URL: https://digitaledition.napervillemagazine.chicagotribune.com/#nt=secondarynavbar
Title: Naperville Magazine(Opens in new window)

Search URL Search Domain Scan URL

URL: http://placeanad.chicagotribune.com/#nt=primarynavbar
Title: Advertise with Us(Opens in new window)

Search URL Search Domain Scan URL

URL: https://store.chicagotribune.com/store/?utm_campaign=evergreen&utm_medium=referral&utm_source=navigation&utm_content=&utm_term=#nt=secondarynavbar
Title: Chicago Tribune Store(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/click-8479616-11570746?url=https%3A%2F%2Fchicagotribune.newspapers.com%2F%3Fxid%3D2301%26utm_campaign%3Devergreen%26utm_medium%3Dreferral%26utm_source%3Dnavigation%26utm_content%3D%26utm_term%3DChicago%20Tribune#nt=secondarynavbar
Title: Tribune Archives(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/#notice_opt_out#nt=secondarynavbar
Title: Do not sell my info(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/#nt=secondarynavbar
Title: Privacy policy(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/central-terms-of-service/#nt=secondarynavbar
Title: Terms of service(Opens in new window)

Search URL Search Domain Scan URL

URL: https://placeanad.chicagotribune.com/whos-who#nt=secondarynavbar
Title: Who's who(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/#nt=secondarynavbar
Title: Fun & Games(Opens in new window)

Search URL Search Domain Scan URL

URL: http://membership.chicagotribune.com/newsletters#nt=secondarynavbar
Title: Daywatch Briefing(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/chicagotribune#nt=secondarynavbar
Title: Death Notice Listings(Opens in new window)

Search URL Search Domain Scan URL

URL: http://placeanad.chicagotribune.com/death-notices#nt=secondarynavbar
Title: Place a notice(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.publicnoticeillinois.com/#nt=primarynavbar
Title: Public Notices(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/#nt=primarynavbar
Title: Puzzles and Games(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/game/tca-la-times-daily-crossword#nt=secondarynavbar
Title: Daily Crossword(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/game/tca-jumble-daily#nt=secondarynavbar
Title: Daily Jumble(Opens in new window)

Search URL Search Domain Scan URL

URL: https://fun.chicagotribune.com/game/daily-solitaire#nt=secondarynavbar
Title: Daily Solitaire(Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/chicagotribune

Search URL Search Domain Scan URL

URL: https://twitter.com/chicagotribune

Search URL Search Domain Scan URL

URL: https://www.nydailynews.com/
Title: New York Daily News

Search URL Search Domain Scan URL

URL: https://www.orlandosentinel.com/
Title: Orlando Sentinel

Search URL Search Domain Scan URL

URL: https://www.mcall.com/
Title: The Morning Call of Pa.

Search URL Search Domain Scan URL

URL: https://www.dailypress.com/
Title: Daily Press of Va.

Search URL Search Domain Scan URL

URL: https://www.studio1847.io/
Title: Studio 1847

Search URL Search Domain Scan URL

URL: https://www.baltimoresun.com/
Title: The Baltimore Sun

Search URL Search Domain Scan URL

URL: https://www.sun-sentinel.com/
Title: Sun Sentinel of Fla.

Search URL Search Domain Scan URL

URL: https://www.courant.com/
Title: Hartford Courant

Search URL Search Domain Scan URL

URL: https://www.pilotonline.com/
Title: The Virginian-Pilot

Search URL Search Domain Scan URL

URL: https://careers.tribpub.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/central-terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.chicagotribunemediagroup.com/
Title: Media kit

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/click-8479616-11570746?url=https%3A%2F%2Fchicagotribune.newspapers.com%3Fxid%3D2301%26utm_campaign%3Devergreen%26utm_medium%3Dreferral%26utm_source%3Dnavigation%26utm_content%3D%26utm_term%3DChicago%20Tribune
Title: Archives

Search URL Search Domain Scan URL

URL: https://mylocal.chicagotribune.com/
Title: Local print ads

Search URL Search Domain Scan URL

URL: https://store.chicagotribune.com/?utm_campaign=evergreen&utm_medium=referral&utm_source=footer&utm_content=&utm_term=
Title: Chicago Tribune Store

Search URL Search Domain Scan URL

URL: https://membership.chicagotribune.com/checkout/MTRDigital2/81016?g2i_or_o=MD&g2i_or_p=Modal_T&g2i_or_os=CTWS22&int=ct_digitaladshouse_winter-sale-22_acquisition-subscriber_arc_button_modal_T_______bxca
Title: Save Now

Search URL Search Domain Scan URL

URL: https://www.aquilea.com/de/produkte/schlaf/?utm_source=taboola&utm_medium=referral&utm_campaign=aquileacc1022&utm_content=desktop&tblci=GiBckfTEpsijELAoCUtmsCcQ2m2z3IvcqlqmwoAULPttByCt0lsoysqgm8jkgeFA#tblciGiBckfTEpsijELAoCUtmsCcQ2m2z3IvcqlqmwoAULPttByCt0lsoysqgm8jkgeFA
Title: Aquilea

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.deejo.de/de/die-welt-von-deejo/deejo-im-land-der-aufgehenden-sonne?utm_source=taboola&utm_medium=native-ads&utm_campaign=DE-taboola-fil-rouge-japon-DSK&utm_content=tribunedigital-chicagotribune#tblciGiBckfTEpsijELAoCUtmsCcQ2m2z3IvcqlqmwoAULPttByCP5kgo_qGd_IGi8pDgAQ
Title: Deejo

Search URL Search Domain Scan URL

URL: https://www.austria.info/de/aktuelle-angebote/vaya-zillertal?utm_source=taboola&utm_campaign=DEU_22_1-MPD-023-01_pak_digitalpaket_MM-20099&utm_medium=tribunedigital-chicagotribune&utm_content=MM-20099_D&tblci=GiBckfTEpsijELAoCUtmsCcQ2m2z3IvcqlqmwoAULPttByC_xlso9b20h4PA3tJP#tblciGiBckfTEpsijELAoCUtmsCcQ2m2z3IvcqlqmwoAULPttByC_xlso9b20h4PA3tJP
Title: Urlaub in Österreich

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.luoccia.com/products/professional-hair-clippe?utm_source=taboola&utm_medium=referral&tblci=GiBckfTEpsijELAoCUtmsCcQ2m2z3IvcqlqmwoAULPttByDV8FkomuqYs6Lto7Z7#tblciGiBckfTEpsijELAoCUtmsCcQ2m2z3IvcqlqmwoAULPttByDV8FkomuqYs6Lto7Z7
Title: Luoccia

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.tribdss.com/meter/chiarc.min.js HTTP 302
https://www.tribdss.com/meter/chiarc.min.js?disabled=international

Request Chain 53

https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1612 HTTP 301
https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js

Request Chain 79

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js HTTP 302
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

Request Chain 99

https://news.google.com/swg/_/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com

158 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html Show response
www.chicagotribune.com/suburbs/daily-southtown/ 282 KB
64 KB 619ms
508ms Document
text/html 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

86c762b00a29153ee3b4b8b34f9144bf601339d21756440985189005d34bd26e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 21:53:29 GMT
etag: W/"4544a-l++re9JFOJTJaXSWVeykaveAuMg"
expires: Tue, 20 Dec 2022 21:54:29 GMT
last-modified: Tue, 20 Dec 2022 21:52:56 GMT
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=240 origin; dur=252
vary: Accept-Encoding
x-akamai-transformed: 9 63250 0 pmb=mRUM,2

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 44ms
11ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:43:06 GMT
content-encoding: gzip
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 624
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: dPeN5taEMjD_2DkbfKPmJte9CYafwtkTPSb30cvy5adIXbo_IJk9xA==

GET
H2 200 script.js Show response
r610.chicagotribune.com/ 133 KB
40 KB 59ms
25ms Script
text/javascript 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/script.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

4fff4fdf9ddb97b73d60aff93cc19a5dfbf9951d3f678f210e87c1718230c05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
age: 26
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 40744
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2022 21:49:15 GMT
server: -
etag: f3d350cdb800c769d2131067550cf16a
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: YFUKdQwG_zJvs_yP3s2KJKjj4WQjgIo-Ro2WyRhAeGyXkrWgmiEJ1Q==
expires: Tue, 20 Dec 2022 22:03:03 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
422 B 48ms
19ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2CElement.prototype.prepend%2CElement.prototype.remove%2CArray.prototype.find%2CArray.prototype.includes
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: br
last-modified: Sat, 19 Nov 2022 11:32:22 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/108.0.0
server-timing: cache-fra-eddf8230025, PASS, fastly;desc="Edge time";dur=9
accept-ranges: bytes
content-length: 94

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/ 111 KB
26 KB 51ms
19ms Script
text/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1df8c8bd5df1d6988dc0269f139faaccf70acc820483387679da37d23b6509d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Dec 2022 20:23:13 GMT
server: cloudflare
x-amz-request-id: SQ8AKSVYMWQA611N
age: 309
etag: W/"837e6e99f09d9d0c39dd44fbec8c0b70"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 77cb9c6dff1390b2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7n5RIK3riawYgiTNvAMs1naRTx7wFP3Fgp3RRW1Bu27Rs3CCHIgZaX7aZQgmofs5qQuonEJEyOg=

GET
H2 200 react.js Show response
www.chicagotribune.com/pf/dist/engine/ 339 KB
96 KB 16ms
15ms Script
application/javascript 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

261cd8c87248d6bc2e29d1a4c90b82020faa40bb6243a1b73054e0657b0d9ce3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ02X53FW7JRCBGB
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 98109
x-amz-id-2: z0g3tu2mHc4TvsC2soJ32US2bjh3kR+rTZ+Pgd89zqRZTg8y2z5cPMl64Nlq4e/7lma5zAHkSxE=
last-modified: Tue, 20 Dec 2022 16:20:03 GMT
server: openresty
etag: W/"32027284f47ce5d1a343154740bf3964"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 21:53:29 GMT

GET
H2 200 default.js Show response
www.chicagotribune.com/pf/dist/components/combinations/ 851 KB
217 KB 23ms
23ms Script
application/javascript 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9a2b97d7aae47bba79d3c507aa950e05461e43928d0aee51201e5fdcb95cfc94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ0E03T82BAPBGQA
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 221624
x-amz-id-2: 11npEcPAs98jWjmT2jawlcIGnkf5/xt/Wl6fPM3EvzrIBXoSft2sJ+PF9dXGguPE4cugmIZaSWU=
last-modified: Tue, 20 Dec 2022 16:20:03 GMT
server: openresty
etag: W/"2bf172334117df33c5d6d9550a0c5719"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 21:53:29 GMT

GET
H2 200 default.css
www.chicagotribune.com/pf/dist/components/output-types/ 34 KB
5 KB 64ms
63ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/output-types/default.css?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e8ea3c65df3dbc6a61526b4630dd65bca327a04024120f8dd5d6b7a6fcc53b0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ0DJ8ES5TBHV8D0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 4608
x-amz-id-2: 28Ntb9rOt/bEGS98FZeb8Hynztl4A7RKB6X0j32xNBj9Iar0lRjJdekF6LpKmo9ORFfzGk4UJE0=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"d0a2e46cd4452139116ccfbafdc8c0ec"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 21:53:29 GMT

GET
H2 200 default.css
www.chicagotribune.com/pf/dist/components/combinations/ 71 KB
12 KB 108ms
107ms Stylesheet
text/css 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/combinations/default.css?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a17a94273cff2fca97148e7ac2b20a58c467ae02b6033eccb02f9e96747b07fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ025978QQQKJRDD
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11825
x-amz-id-2: G7Jn4WEwV7UK8WJsi+bkqbiVOPl/au+0rZyrM3fAsp8F05xcHPwD4yikn4vhpQc7H4aU1bPuNFw=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"1a601fd3073f2daabc4076a1cbc6fccc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 21:53:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 21:53:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 21:53:29 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 536 KB
149 KB 64ms
17ms Script
application/x-javascript 23.35.237.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 21:53:29 GMT
Content-Encoding: gzip
x-amz-request-id: 024KYDC99A6114MY
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 7tE+2CMLDD5BNDBqi1qfF94IVqOEVgapt9i7xklf+fhUWOnQyKQ4BAQZIhCTAtoLRKRXvzg49nM=
Last-Modified: Fri, 16 Dec 2022 21:32:35 GMT
Server: AmazonS3
ETag: "4f9f244a6d1c98dafe98c9b8b18b1fbb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 59ms
12ms Script
application/x-javascript 2600:9000:2057:a00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 00:43:34 GMT
content-encoding: gzip
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 76195
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: woiZHuFnCAPd1ygSXOs_Lo_gla_XrlA4Ahm0m09EGee-Elf_ynNMTw==
expires: Wed, 21 Dec 2022 00:43:34 GMT

GET
H2 200 zephr-browser.umd.js Show response
assets.zephr.com/zephr-browser/1.3.9/ 39 KB
15 KB 60ms
13ms Script
application/javascript 143.204.215.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-122.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:43:33 GMT
content-encoding: gzip
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 11:02:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 11575
etag: W/"c531ce77a9ff6380e9671dee680a2102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fUBqofyjJ1ExK0jXUK8l1ppdHo8qsc-a4rGHRBKukpD-f_GdC6ywrQ==

GET
H2 200 zephr-minify.1.0.1.js Show response
assets.zephr.com/tribune/ 1 KB
1008 B 60ms
14ms Script
application/javascript 143.204.215.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zephr.com/tribune/zephr-minify.1.0.1.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-122.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 09:02:27 GMT
content-encoding: gzip
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 11:32:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 46292
etag: W/"d9f4fec80c2b61c13ef9d38b99f5708c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8GsLKGE2sJEcL6qR7XMGAzFl_NQjSG09Xuoc_aKymqH0JeOd7ZSHyg==

GET
H2 200 HXNYRVY5HNCL5CE63SGLJM3EWI.jpg
www.chicagotribune.com/resizer/DMdvRIh4qq-5cgzOTbZL2DqQF-Q=/800x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 52 KB
52 KB 422ms
420ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/DMdvRIh4qq-5cgzOTbZL2DqQF-Q=/800x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/HXNYRVY5HNCL5CE63SGLJM3EWI.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

14db414b93ad787c1dbff2a9810bad726d4a668f9771d14f7b9e0ac4a07fcd16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 16 Dec 2022 11:00:31 GMT
x-serial: 1328
server: Akamai Image Manager
x-check-cacheable: YES
etag: "649b925633a3b43cdea9e3cbb99b61fd740e43b2"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31150984
server-timing: cdn-cache; desc=HIT, edge; dur=361
content-length: 53105
expires: Sat, 16 Dec 2023 10:56:33 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 77ms
31ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 682
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 77cb9c6ec83a5bed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 23 Dec 2022 21:53:29 GMT

GET
H2 200 Menu_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 1 KB
954 B 75ms
73ms Image
image/svg+xml 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/icons/Menu_Icon.svg?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: TP6BH29YHYG3H6PG
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 505
x-amz-id-2: a+AIGJRngf2OVBYVYXjCiKk5I+YuxMWqzl8T5UHu38BBEAqFHmYQF9H+dtC2QeCZ3xbWnoOEJ6c=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"3078b03aa176e280460db6374ed5934b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 21:53:29 GMT

GET
H2 200 Search_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 1 KB
1 KB 75ms
74ms Image
image/svg+xml 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/icons/Search_Icon.svg?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ00DDT0X4MN0VWK
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 700
x-amz-id-2: ans4xHWboKshPeDQD4ND56SWfF9JjZ4G0oQ1b4zgaP8sR0a/HrVTSmNqwXtSnVadydZRtZxMczk=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"d947de375e50e50a1aa4f7951e3c56b0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 21:53:29 GMT

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 34 KB
10 KB 116ms
70ms Script
text/javascript 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-24.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:52:50 GMT
content-encoding: gzip
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 15:31:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 40
etag: "57b6f8ad4125903b7e06bb427c232d10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=1800
accept-ranges: bytes
content-length: 10041
x-amz-cf-id: wTGTdD2S5tS6zqIl72JUDYBXvbnpiASaL3_Vl_viKaRmiB_O6WTGig==

GET
H2 200 ct.svg
www.chicagotribune.com/pf/resources/images/stacked/ 727 B
907 B 135ms
134ms Image
image/svg+xml 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/images/stacked/ct.svg?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4de3df3f8c41b969312c7f8fb0ec105ca4ceebfeff99e9c4c6552f017c8aeb2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: EQ0CXCZPWZXHK507
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 460
x-amz-id-2: 5GdDPFrFHTJBk5ztmLC85Of6d2OY4+F6xu3W/e36eMoAY95ahZj1dNT3WmkmWe+FDgQcbK8moTM=
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"95a011625b282ce688af84fdec6cf2ed"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 21:53:29 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 29ms
8ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 06:26:19 GMT
x-amz-cf-pop: FRA56-C2
age: 56990
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: zca7kI5zaQ4wtmx3q-p_os02jYR3XeRphY5_Ma40Aa97JYTv3ifA8Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
97 KB 98ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a46d162bd9cafedc1562a407354bfe0bdd38a82004f25de401470c9894e6e869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98677
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 21:17:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Dec 2022 21:53:29 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212121148/ 210 KB
66 KB 29ms
27ms Script
application/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 16:50:50 GMT
server: cloudflare
x-amz-request-id: D6D5311DEGG6PTDQ
age: 702023
etag: W/"a295e934190c6de7fe47fed7fbac382f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77cb9c6e8fc190b2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MqLOKodOSCpSGljthfaryKKA0qVPHqUC4o2wBfY1yB+zzCW5TlXYo2dA3uyh5yoz+DfUPuUMDi0=

GET
H2 200 cs Show response
tribune.blueconic.net/DG/DEFAULT/ 16 B
697 B 302ms
92ms Script
text/javascript 54.160.47.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tribune.blueconic.net/DG/DEFAULT/cs?&callback=bc_json505

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.47.101 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-47-101.compute-1.amazonaws.com

Software

- /

Resource Hash

f29d619ae47af6157d83ccc3ab4581760b04bb109115a7013e8aa9ef6210b601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 DA9NK-5NF4A-5FWA6-EFVPV-RL87Z Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 62ms
15ms Script
application/javascript 2a02:26f0:3500:586::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:586::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: br
last-modified: Fri, 25 Nov 2022 22:17:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 46ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:06:46 GMT
x-content-type-options: nosniff
age: 312403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 07:06:46 GMT

GET
H2 200 DFHD762CSRCTNNGL4RTUVKZBOY.jpg
www.chicagotribune.com/resizer/jhXHlM93zL8poRBvwtHD6kfvMuQ=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 90 KB
90 KB 375ms
374ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/jhXHlM93zL8poRBvwtHD6kfvMuQ=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/DFHD762CSRCTNNGL4RTUVKZBOY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2e8abd1bd35c53e27e8217456b80f258f45b0c4f0a7c4eefb30f9749f055c1cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 16 Dec 2022 11:00:33 GMT
x-serial: 1084
server: Akamai Image Manager
x-check-cacheable: YES
etag: "b1ddc51f6101ef238372428ed47782e9c9a7eae8"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31151122
server-timing: cdn-cache; desc=HIT, edge; dur=299
content-length: 91895
expires: Sat, 16 Dec 2023 10:58:51 GMT

GET
H2 200 G5MBQKC4PRH5NLY5W5XHXSJZRQ.jpg
www.chicagotribune.com/resizer/-eZjkZdn54LvcKHBU2qc6ElM-Lc=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 108 KB
109 KB 564ms
563ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/-eZjkZdn54LvcKHBU2qc6ElM-Lc=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/G5MBQKC4PRH5NLY5W5XHXSJZRQ.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9a9cc873978e850d993c6ea059d54da6a4a1d7be8b3b11d83ffc5e34ba97d32f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 16 Dec 2022 11:00:32 GMT
server: Akamai Image Manager
etag: "30a31246f16fde7efc6571019039f9d843a75b9d"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31151348
server-timing: cdn-cache; desc=HIT, edge; dur=477
content-length: 110569
expires: Sat, 16 Dec 2023 11:02:37 GMT

GET
H2 200 TFXJ7V35BKCGBDCNEXRJDBNM4Y.jpg
www.chicagotribune.com/resizer/QjR7ysm8FJZRY4eICWf1BPS9p38=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 266 KB
267 KB 557ms
556ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/QjR7ysm8FJZRY4eICWf1BPS9p38=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/TFXJ7V35BKCGBDCNEXRJDBNM4Y.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

baff27315285aafa5071a85603694284141f69ad88c77ef68241ff8555e5f1fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:51:32 GMT
server: Akamai Image Manager
etag: "69abbc9273f44519760edb8546ace485e9b55577"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31535954
server-timing: cdn-cache; desc=HIT, edge; dur=459
content-length: 272705
expires: Wed, 20 Dec 2023 21:52:43 GMT

GET
H2 200 DKP7Z2BUMZFRXPN2HOI5SD4YWY.jpg
www.chicagotribune.com/resizer/3PD4RtZ8TkE0hqyf0KNGE_wGWLg=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 171 KB
172 KB 109ms
108ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/3PD4RtZ8TkE0hqyf0KNGE_wGWLg=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/DKP7Z2BUMZFRXPN2HOI5SD4YWY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4af436546062a267e25a9ff089d0d1a2dc9e0baf86765c2a382f770e9365a6b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:46:33 GMT
x-serial: 1136
server: Akamai Image Manager
x-check-cacheable: YES
etag: "57223bd400794a019150ef05f9edbeda5ae9818b"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31535716
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 175107
expires: Wed, 20 Dec 2023 21:48:45 GMT

GET
H2 200 HEEDCWVT2NEBBLEM5KPRDBZFCA.jpg
www.chicagotribune.com/resizer/gBe87piCZyMrpw4tBmzncEl9B8I=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 78 KB
78 KB 57ms
57ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/gBe87piCZyMrpw4tBmzncEl9B8I=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/HEEDCWVT2NEBBLEM5KPRDBZFCA.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4de5a2bd3f00d6c188b3caa2f8c0c6cc3080941985328ede8274e2da5b8e323e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:41:33 GMT
server: Akamai Image Manager
etag: "2fad57657eeddacc3d7a8784b9fb4ff9314517d7"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31535356
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 79856
expires: Wed, 20 Dec 2023 21:42:45 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 37ms
25ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 682
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 77cb9c6f79ea901c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 23 Dec 2022 21:53:29 GMT

GET
H2 200 ESZM5JXL2RE3ZKWT4PAYUT4IEQ.jpg
www.chicagotribune.com/resizer/w8eqnztvVOgnJOsIQT0cIgSVUJc=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/TPu-HKCOJJo-BfY75QcLhWCXI4s=/cloudfront-us-east-1.images.arcpublis... 3 KB
3 KB 199ms
197ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/w8eqnztvVOgnJOsIQT0cIgSVUJc=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/TPu-HKCOJJo-BfY75QcLhWCXI4s=/cloudfront-us-east-1.images.arcpublishing.com/tronc/ESZM5JXL2RE3ZKWT4PAYUT4IEQ.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5b96b81ae4d12086287a1d75eb13d2377f035cc91c20e4a5ee8421ad96719540

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:46:47 GMT
x-serial: 224
server: Akamai Image Manager
x-check-cacheable: YES
etag: "d115604c1931e7d88fe1d8bc520e85edb89e6de6"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31535516
server-timing: cdn-cache; desc=MISS, edge; dur=2, origin; dur=115
content-length: 3011
expires: Wed, 20 Dec 2023 21:45:25 GMT

GET
H2 200 S2MXVC44FJAEDJ7ZB4JTHZ6KRY.jpg
www.chicagotribune.com/resizer/LsH7slqpLe3dPNAgbavWE1qerlc=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/42OlyWBlKCX-sqAOS71Bgb7Qix0=/cloudfront-us-east-1.images.arcpublis... 3 KB
3 KB 178ms
176ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/LsH7slqpLe3dPNAgbavWE1qerlc=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/42OlyWBlKCX-sqAOS71Bgb7Qix0=/cloudfront-us-east-1.images.arcpublishing.com/tronc/S2MXVC44FJAEDJ7ZB4JTHZ6KRY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

848a34a269b0a7e7e682362ed5189ee271f6995f85621315c3c1937139a00c26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 19 Dec 2022 17:52:09 GMT
server: Akamai Image Manager
etag: "57503da4e31a0c03ad7120807468c0fde9139d0a"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31435040
server-timing: cdn-cache; desc=HIT, edge; dur=86
content-length: 2911
expires: Tue, 19 Dec 2023 17:50:49 GMT

GET
H2 200 IPQXHX4VBNFV5M6U5C5QVU6NLM.jpg
www.chicagotribune.com/resizer/sHc5ZOtdtWIh3371x1bmgPN5FEQ=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/7GPNiZ91M6Mnae-zl5J5kscdC4I=/cloudfront-us-east-1.images.arcpublis... 2 KB
2 KB 178ms
177ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/sHc5ZOtdtWIh3371x1bmgPN5FEQ=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/7GPNiZ91M6Mnae-zl5J5kscdC4I=/cloudfront-us-east-1.images.arcpublishing.com/tronc/IPQXHX4VBNFV5M6U5C5QVU6NLM.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

17f12ac7f20e79425daf1c3a77824a189660b2154063ea202a32199cbfd8d4b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 11:36:58 GMT
x-serial: 1256
server: Akamai Image Manager
x-check-cacheable: YES
etag: "f76b5d88406f41a78d652fa10f14a1f492e7fc94"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31499069
server-timing: cdn-cache; desc=HIT, edge; dur=76
content-length: 2145
expires: Wed, 20 Dec 2023 11:37:58 GMT

GET
H2 200 E6PGMATEJFFQPD64OZHUJIFXZQ.jpg
www.chicagotribune.com/resizer/d77MMDBNNHyNwwVLLMZbCDKelxc=/105x105/filters:format(jpg):quality(70):focal(1028x809:1038x819)/www.chicagotribune.com/resizer/atZCz5W490j1ubWEeTBdO3Rkhas=/cloudfront-u... 3 KB
3 KB 252ms
251ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/d77MMDBNNHyNwwVLLMZbCDKelxc=/105x105/filters:format(jpg):quality(70):focal(1028x809:1038x819)/www.chicagotribune.com/resizer/atZCz5W490j1ubWEeTBdO3Rkhas=/cloudfront-us-east-1.images.arcpublishing.com/tronc/E6PGMATEJFFQPD64OZHUJIFXZQ.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

daea45ab775badcc8428a74d2676ac1993213cd6c7bd0352b6e96eb2f29b37ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 20:21:51 GMT
server: Akamai Image Manager
etag: "6a5b40aa603d954449447ac47e9332ec45881335"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31530586
server-timing: cdn-cache; desc=HIT, edge; dur=144
content-length: 2618
expires: Wed, 20 Dec 2023 20:23:15 GMT

GET
H2 200 NAMOBSOGKZGHRD2B4DP7MFOGGY.jpg
www.chicagotribune.com/resizer/b7yF9ohMkUOWrqgV17ZeXbNp7wU=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/fWvdnaiOZ0IzwLJAnUh9PkHSwnw=/cloudfront-us-east-1.images.arcpublis... 3 KB
3 KB 179ms
178ms Image
image/jpeg 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/b7yF9ohMkUOWrqgV17ZeXbNp7wU=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/fWvdnaiOZ0IzwLJAnUh9PkHSwnw=/cloudfront-us-east-1.images.arcpublishing.com/tronc/NAMOBSOGKZGHRD2B4DP7MFOGGY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e5915fd5813ede0116e919c3154a6ff305c5c5d28489b6ed44df905514c9a52b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 14:37:42 GMT
server: Akamai Image Manager
etag: "d24f388b895bc1798697cc33968b6ea6d4f1b4fe"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31509980
server-timing: cdn-cache; desc=HIT, edge; dur=57
content-length: 2837
expires: Wed, 20 Dec 2023 14:39:49 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 276 B
564 B 151ms
104ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=chicagotribune.com&domain=chicagotribune.com&path=%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 96ccf982c4d6f90c3a1a86ec1115c794b8aff5c09cacfb0c54357946abd0a3a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 206
x-served-by: cache-hhn-etou8220047-HHN
x-timer: S1671573210.674550,VS0,VE93
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 18 Dec 2022 21:53:29 GMT

GET
H/1.1

200
OK

chiarc.min.js Show response
www.tribdss.com/meter/
Redirect Chain

https://www.tribdss.com/meter/chiarc.min.js
https://www.tribdss.com/meter/chiarc.min.js?disabled=international

34 KB
12 KB

13ms
13ms

Script
text/javascript

96.16.138.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tribdss.com/meter/chiarc.min.js?disabled=international

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

HTTP/1.1

Server

96.16.138.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-138-112.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

34ec1683d2642299e982025227fedb587004b36ef9d3abcf47999e7f62a8afff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 21:53:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 11338
X-Request-Id: 8c1ccf2ce6b0d0d6951850f1d519b83e
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.013004
X-Content-Digest: edc59c57da0cb7d5cdcceb066e2be3ce240b497d
Last-Modified: Tue, 27 Sep 2022 09:54:52 GMT
Server: Apache
X-Host-Info: e810c620889b,; 6bc1041e00adf70b2570b8110e71a863d7d26646 (HEAD -> refs/heads/release/2208.1.0, refs/remotes/origin/release/2208.1.0, refs/remotes/origin/release/2207.1.0) dss-17031 added service account for health check app
ETag: 5978707471600083914R
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, must-revalidate, max-age=111
Httpd-Identifier: e810c620889b
X-Rack-Cache: fresh

Redirect headers

Location: /meter/chiarc.min.js?disabled=international
Date: Tue, 20 Dec 2022 21:53:29 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK chiarc.min.js Show response
ssor.tribdss.com/reg/tribune/ 34 KB
12 KB 538ms
11ms Script
text/javascript 96.16.138.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssor.tribdss.com/reg/tribune/chiarc.min.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.138.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-138-112.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

46b10e0974a2a15ad1594ac1f02cb48260dc542ba0996ad7e25f35f80e7c163b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 21:53:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 11130
X-Request-Id: 398672c788adac204f0e7df093389212
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.006387
X-Content-Digest: f391532eb599cdd48bdef9c59c51370620dee8ad
Last-Modified: Tue, 13 Dec 2022 08:14:22 GMT
Server: Apache
X-Host-Info: f37e4f406fd6,; bd49cf49d42dfa391aa74c90a928b0c527730a90 (HEAD -> refs/heads/release/2211.1.1, refs/remotes/origin/release/2211.1.1) Added null check for authserver
ETag: 14505511593112256871
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, must-revalidate, max-age=160
Httpd-Identifier: 4d99e35260ae
X-Rack-Cache: fresh

GET
H2 200 / Show response
dynpaywall-api-chicagotribune.ml.sophi.io/v1// 50 B
328 B 158ms
98ms XHR
application/json 65.9.66.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dynpaywall-api-chicagotribune.ml.sophi.io/v1//?domain_userid=&content_id=2FTXQBXQG5GUFLNHRHU6YB6SYI&user_id=&localtime=2022-12-20%2021:53:29%20GMT0000&section=/suburbs/daily-southtown&referrer=
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-3.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 69676c18aa998429f13027fc42adf38f122e3c1fbcc2e1bd36e3b39372eb79bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 50
x-amz-cf-id: _p9Oyu0LWn15nRdcvXAaDRXpu5yye1bM61R35RECKyRTWc1KN2M5-g==

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ 357 KB
93 KB 62ms
12ms Script
application/javascript 2600:9000:211e:7000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:7000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6522f662c8debcda2820aaf8d8d34f30061896419eded83d4e57fb1ac98d41ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 01:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 73807
x-cache: Hit from cloudfront
content-length: 94299
x-xss-protection: mode=block
last-modified: Wed, 23 Nov 2022 18:13:43 GMT
server: CloudFront
etag: "5eac0df3bf74fd75f7b85ddbed5ca2f5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: iCqoaAEW_KMDWfExhEzLx8Rji_AlMjWeQd50_RZYqwwcDMK8OV5p8g==

GET
H2 200 resize-image-api-client Show response
www.chicagotribune.com/pf/api/v3/content/fetch/ 216 B
524 B 283ms
283ms Fetch
application/json 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/api/v3/content/fetch/resize-image-api-client?query=%7B%22raw_image_url%22%3A%22https%3A%2F%2Fcloudfront-us-east-1.images.arcpublishing.com%2Ftronc%2FFZFZTFMV6NHMJCQOCNHBU3T2CY.jpg%22%7D&filter=%7B377x0%2C600x0%7D&d=106&_website=chicago-tribune

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

8b992185e4480c6985018878a97c716fb566d4438398fe60aba7a9e1d9c06059

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 300
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Dec 2022 21:51:20 GMT
server: openresty
etag: W/"d8-rfA7gHRzBNuGz6dtPoIO84DX24c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=171
server-timing: cdn-cache; desc=MISS, edge; dur=134, origin; dur=73
content-length: 187
expires: Tue, 20 Dec 2022 21:56:20 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tribunedigital-network/ 2 MB
90 KB 39ms
14ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd03e70c1b849ea7e586ad1b46a8a6ef0215f2f8113f869f22b0802977253fa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: O.fJ7HxgG04p524SOVLMbeucZDyYaqay
content-encoding: gzip
via: 1.1 varnish
date: Tue, 20 Dec 2022 21:53:29 GMT
x-amz-request-id: A92B7VJK0TKRMED0
age: 105
x-cache: HIT
content-length: 92142
x-amz-id-2: 5L/MfM0oAIr9CwT6KcBS4XSWJsxfca+SGP8OeT0YxwKYqXem4sfYfsjY51650UBzt8ofDVzNDco=
x-served-by: cache-hhn-etou8220032-HHN
last-modified: Mon, 19 Dec 2022 14:52:02 GMT
server: AmazonS3
x-timer: S1671573210.687615,VS0,VE7
etag: "9787875405cbdf6a2b2e577eb5319051"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 41
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih Show response
smoggysnakes.com/ 60 KB
21 KB 63ms
23ms Script
text/javascript 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

106aa5705180e3e04ee9e16dc4f210956589847454da68c513d64e6fdd0ec35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Tue, 20 Dec 2022 21:53:29 GMT
x-datacenter: gce-europe-west1
etag: "d5f4fc0a1423fc4211aae847cf6cfc22609f743a963e0661d9ddc859dd6609a3"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-fhcq
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 718439402
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 main.js Show response
tribune-chicagotribune.zeustechnology.com/ 340 KB
58 KB 45ms
12ms Script
application/javascript 99.86.4.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribune-chicagotribune.zeustechnology.com/main.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-41.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d12cb94d68d465e2823cd9b692413eef5e6ea8b58482c265e49a7cd6d23b9ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: .WsHO0K0QtOCGbTigDdCUkkhCJBx10k2
content-encoding: br
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 21:10:15 GMT
last-modified: Tue, 29 Nov 2022 20:25:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 2632
etag: W/"bd4836d7426fdf59e5af9ed60ae45796"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,s-maxage=3600
x-amz-cf-id: pWuBiq0EFwHkXTlJyH6Vg1OIoeuzZuF9yMYnXOJUn1jMqnfvOiJqjw==

GET
H2 200 Chicago_Tribune-chiblue.svg
www.chicagotribune.com/pf/resources/logo/ 13 KB
5 KB 125ms
124ms Image
image/svg+xml 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/logo/Chicago_Tribune-chiblue.svg?d=106

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: M7D9DRE0821W91WY
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=43
content-length: 5118
x-amz-id-2: 4dic0wcTGDKB3GoomH9avtTqXbrpZSvSaEnTlQQ8UMeSD3QHadkD+LUMejUX9A5lgUpVB56/Tl0HqEktiKfxqA==
last-modified: Tue, 20 Dec 2022 16:20:02 GMT
server: openresty
etag: W/"71456cc06238c3a185cccb135bec0329"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Wed, 20 Dec 2023 21:53:29 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 123ms
38ms Script
text/javascript 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 6d95f7650626b4f031840d2f10234c5961e11b3cce537ede08c325e2af8249ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:29 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1168
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 chicagotribune.com Show response
pubcast-files.remixd.com/player-configs/ 41 KB
42 KB 38ms
12ms Fetch
application/json 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/chicagotribune.com
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f486dcad1402002af6f9fee8cbe1f301710b828ea0740abfe8672137ef6e02f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:13:08 GMT
age: 2421
x-guploader-uploadid: ADPycdvQwBjuMeY3zIHvLBHFujtO8SPlpL-cB2gAVHpXVc2fohC1NsOhbsXYSClrE6SIsfPCpbj3pNW5xEeLFsHVRoL8og
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41910
last-modified: Tue, 06 Dec 2022 21:00:08 GMT
server: UploadServer
etag: "5a254665d4a4c7aceb33b05d7ef91bd9"
x-goog-generation: 1670360408860858
x-goog-hash: crc32c=5ElQGQ==, md5=WiVGZdSkx6zrM7Bdfvkb2Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-meta-cache-control: public, no-cache, must-revalidate
x-goog-stored-content-length: 41910
accept-ranges: bytes
content-type: application/json
expires: Tue, 20 Dec 2022 22:13:08 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/chicagotribune.com/ 56 KB
21 KB 59ms
15ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/chicagotribune.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Tue, 20 Dec 2022 00:43:53 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jan 2022 19:15:41 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 76176
etag: W/"61d5ee5d-df47"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: lJ1l3oJVTA2O7kjL7Uq4wU6fclKphKjS1g_k9y38uauMZh990Z654w==
expires: Wed, 21 Dec 2022 00:43:53 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/15aac723-64c8-4b23-ab62-e238fd624c21/ 3 KB
2 KB 69ms
10ms Script
text/javascript 65.9.66.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/15aac723-64c8-4b23-ab62-e238fd624c21/launchpad-liveramp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51ae82135498270faf7037bc1034285965dcde3c43476a24ac83ab3d14322522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: QPdapfnTKadTbAF2NRlea4Urx3BTN8sm
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 03:43:08 GMT
x-amz-cf-pop: FRA56-C1
age: 66603
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Fri, 22 Apr 2022 17:52:36 GMT
server: AmazonS3
etag: W/"862af1285f6bfb523bc7fcb34a8cf69f"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: -Ns2gdvyExyrc6cL-YTF-V_KDCojtH_G_I6XbT77lYk-zQprYrptrg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 21:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 165
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 20 Dec 2022 23:50:44 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 13ms
13ms Script
application/x-javascript 2600:9000:2057:a00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 01:01:25 GMT
content-encoding: gzip
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 75124
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: xweSxlay6f8bnE9hac_lQKw9Sr_Ow48nx-8DuTdpLZEm0PVVqPi8Pg==
expires: Wed, 21 Dec 2022 01:01:25 GMT

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/latest/ 124 KB
42 KB 62ms
11ms Script
application/javascript 65.9.66.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/sophi.min.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:17:36 GMT
content-encoding: br
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-version-id: 77yKHytHO_pcAyQcoklw1dHdk4sqBtp0
last-modified: Tue, 04 Oct 2022 14:09:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 5754
x-amz-server-side-encryption: AES256
etag: W/"dfd164092f8d8abc70b55ba8c1bc2e80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 7qS0OTM9is8BU_4pWZ-6aWmCj7A61jxnW2wFeRkTWy1YQ1kebaFSlA==

GET
H3

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma89701/fusion/9/
Redirect Chain

https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1612
https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js

150 KB
43 KB

35ms
17ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H3
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32e8506d2f282e7132820c2c989104e013938da8c2214f6442eaec6945918211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:02:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 26 May 2022 16:23:18 GMT
server: nginx
age: 3042
etag: "31cd74de581fdfc9a6c0d6883d695597"
vary: Accept-Encoding
x-cache: HIT Sun, 18 Dec 2022 05:36:18 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44258

Redirect headers

date: Tue, 20 Dec 2022 21:53:29 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 5-gc-europe-west6-8j340940

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 60ms
11ms Image
text/plain 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1671573209719&ns_c=UTF-8&c8=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&c9=
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:29 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: NZsx4TIajDdi2Z64n8cEJwSGFg_TuIls5KbsHH_-0eu9aXLnxKtE_w==
x-cache: Miss from cloudfront

POST
H2 200 504 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 56 KB
10 KB 380ms
379ms XHR
application/json 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/504?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=&bctempid=&overruleReferrer=&time=2022-12-20T21%3A53%3A29%2B00%3A00&ts=1671573209801

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

da9b27ac8c87ddf37a008df0699180c1764f27b5015ec661a37a3d05b1da9a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 9595
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: feNHIl7egFdR6itwuvw8Pl9ioEu3eurrEqt7xVYqRRfhaUcgBSjqvw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/tribunedigital-network/ 4 KB
2 KB 348ms
321ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/tribunedigital-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1772b2203205468529b2ce91b979cbfd4e7ac95f5cf55463fdbb313cf9708403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: .erCKV8rV4noOWlsx_.BL4YowH6CZP0S
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Dec 2022 21:53:30 GMT
x-amz-request-id: HPBZJWG2NP62G4RB
age: 0
x-cache: HIT, HIT
content-length: 1495
x-amz-id-2: iPkzCwgnrFlQTFq5AOUfc87yLbGVEyd1M/M4Ch/FNHOTNBDNoC/DymEfWD9s68BclniYPszXxn8=
x-served-by: cache-sna10730-LGB, cache-hhn-etou8220028-HHN
last-modified: Wed, 28 Sep 2022 00:04:05 GMT
server: AmazonS3
x-timer: S1671573210.898928,VS0,VE314
etag: "deaebca6acf5ec5384c07f3fead3d4a8"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 impl.20221219-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 699 KB
145 KB 10ms
10ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221219-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e02d29497d62ca80311fa65138ac0ea44d34c731ccf9d31276133e950ca8b6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5v1aH2SyKGoSO5ktl7JGSE9m6xWFfT8c
content-encoding: br
via: 1.1 varnish
date: Tue, 20 Dec 2022 21:53:29 GMT
x-amz-request-id: BB2RDMJ14078D7RQ
age: 7692
x-cache: HIT
content-length: 148577
x-amz-id-2: WQIGKZJ9DKzEDqTPM9/JZVrtOLaB2mPZxi7uS024IZ/IjFL7HqfgaaDMOVXhVAPoAr+3/er1Wyk=
x-served-by: cache-hhn-etou8220032-HHN
last-modified: Mon, 19 Dec 2022 11:45:16 GMT
server: AmazonS3-br
x-timer: S1671573210.873462,VS0,VE0
etag: "04502ef632cbf88ab074db3b7b1d2384"
vary: Accept-Encoding
content-type: application/javascript
abp: 41
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 426213

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 11ms
10ms Script
application/javascript 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 05:19:47 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 59641
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 04KXbfCeh3_pw-SAWRW2-ITVof8I06RFChhJB_KF9y-luWLuuL7dbA==

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
466 B 47ms
8ms Script
application/javascript 2600:9000:214f:2800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 14932350
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: oMEqXXp59cSMEjKwbSCkD0RNBoEZv_xiYhVUMig6SVYufHnfms4g5Q==

GET
H2 200 / Show response
cmp.osano.com/ Frame 8F30 4 KB
1 KB 8ms
7ms Document
text/html 2600:9000:211e:7000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:7000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60327
content-encoding: gzip
content-type: text/html
date: Tue, 20 Dec 2022 05:08:04 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-id: rr7pxCivEX9AvR1r-cjsVRMqDKssi1i4QKjR1UwGNLge3QssVBtlMw==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 standard-player.html Show response
tags.remixd.com/player/v5/players/ 129 KB
30 KB 33ms
13ms Fetch
text/html 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/players/standard-player.html
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-24.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 19
x-cache: Hit from cloudfront
content-length: 29730
last-modified: Tue, 21 Jun 2022 15:31:59 GMT
server: AmazonS3
etag: "9a2e807a291cbaccaab15c40f0629813"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
cache-control: public,max-age=1800
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: rIs0-gHwMrLsv5LvQKDOw2aXu6tEOjMeGKaSfXFlQG6mgys8GeI3wQ==

GET
BLOB 200
OK e8a72d9d-3337-4fdd-874f-027f87ebd5a5
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/e8a72d9d-3337-4fdd-874f-027f87ebd5a5
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 375ms
31ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1671573210079&plid=66592982&idsite=chicagotribune.com&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&sref=&sts=1671573210079&slts=0&title=Lansing+woman+turns+tragedy+into+generosity+through+MJG+Movement&date=Tue+Dec+20+2022+21%3A53%3A30+GMT%2B0000+(GMT)&action=pageview&pvid=68676893&u=pid%3D2a18f6df59ab340fc91805caeb3e1d53
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 21:53:30 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 20-Dec-2022 21:53:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 310ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 600
content-length: 0
date: Tue, 20 Dec 2022 21:53:30 GMT
server: nginx

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
228 B 289ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Tue, 20 Dec 2022 21:53:30 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 285ms
92ms Image
image/gif 18.213.117.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicagotribune.com&p=%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&u=jZB_d0Ql1mBTX-6_&d=chicagotribune.com&g=3906&g0=suburbs%2Csuburbs%3Adaily-southtown&g1=Bill%20Jones&n=1&f=00001&c=0&x=0&m=0&y=6083&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&b=1639&t=DYzhldCknUPQDsv-N8CnOgLmDj6k_a&V=139&i=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&tz=0&sn=1&sv=DTz2qdCqu2Ybb9i2dCLYw5GBmLVwb&sd=1&im=067b0fff&_
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.117.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-117-153.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 21:53:30 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 35ms
34ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3553513&ntv_pl=1109740
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:30 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 30ms
30ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=8eed2928-ea38-44ef-a697-6155434ec03f&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDYRMmBn8rRjMToQjBmoMtOGjuFqjRHsHVw8ujxXjewkcLvAGZGfutTi59aHjqLHzg-RgNQi3LlR1j2iIPWNTiv3KWa-0Pa2M-0tXlPOzFkNCPJlEKd8kAC1mMGhlslrjk7f-uWJygBXyNXCmqmoVfSaqRPCND4uDlvfLoesJ-J5FWKosjnPrUeRcuC8dYZA7CXYiTLSHBs7AsqD5aDQ-k664mEidf8Ub4wjJeTMg9UGg6zCD1sw87pUGoWpG68cOIc33n4BmoRrtUoPl1AivVmg&ntv_ht=2S6iYwA&ntv_at=303,302&ntv_a=AAAAAAAAAA7O4QA&ord=1671573210156&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:30 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 35ms
34ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=8eed2928-ea38-44ef-a697-6155434ec03f&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDYRMmBn8rRjMToQjBmoMtOGjuFqjRHsHVw8ujxXjewkcLvAGZGfutTi59aHjqLHzg-RgNQi3LlR1j2iIPWNTiv3KWa-0Pa2M-0tXlPOzFkNCPJlEKd8kAC1mMGhlslrjk7f-uWJygBXyNXCmqmoVfSaqRPCND4uDlvfLoesJ-J5FWKosjnPrUeRcuC8dYZA7CXYiTLSHBs7AsqD5aDQ-k664mEidf8Ub4wjJeTMg9UGg6zCD1sw87pUGoWpG68cOIc33n4BmoRrtUoPl1AivVmg&ntv_ht=2S6iYwA&ntv_at=806&ntv_a=AAAAAAAAAA7O4QA&ntv_sat=5&ord=1671573210164&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:30 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 35ms
35ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1115555&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:30 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/tribunedigital-chicagotribune/trc/3/ 71 KB
21 KB 594ms
587ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tribunedigital-chicagotribune/trc/3/json?tim=21%3A53%3A30.229&lti=deflated&data=%7B%22id%22%3A166%2C%22ii%22%3A%22%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1671461492044%2C%22vi%22%3A1671573210226%2C%22cv%22%3A%2220221219-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgGMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIF5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAA.YAAAAAAAAAAA%22%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%22%2C%22vpi%22%3A%22%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6083%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22below-article-thumbs_ARC%22%2C%22orig_uip%22%3A%22below-article-thumbs_ARC%22%2C%22cd%22%3A5443.65625%2C%22mw%22%3A946.65625%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22orig_uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22cd%22%3A3000.671875%2C%22mw%22%3A453.34375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html%2Cbelow-article-thumbs_ARC%3Dthumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%2C%2Ctaboola-right-rail-thumbnails_arc%3Dthumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221219-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8bf44f8d55bee13de5e914aa515f03b44c8725151aed814916f23443930cfa11

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 578
date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220032-HHN
server: nginx
x-timer: S1671573210.242679,VS0,VE578
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.chicagotribune.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
8 KB 35ms
7ms Script
application/x-javascript 13.32.27.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: br
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 21:23:23 GMT
x-amz-cf-pop: FRA56-C2
age: 1807
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: tUrVTqdZ4Dy6gNSVOOMOTz_U93Xy3uxEx34PQaWSU83ciRVgVeynjg==

GET
H2 200 FZFZTFMV6NHMJCQOCNHBU3T2CY.jpg
www.chicagotribune.com/resizer/jG5aTsXhyjc0lFPorRdRW9JDvuU=/600x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 14 KB
15 KB 41ms
41ms Image
image/webp 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/jG5aTsXhyjc0lFPorRdRW9JDvuU=/600x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/FZFZTFMV6NHMJCQOCNHBU3T2CY.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0c5ae34a674cdb6cdb2747b25bae3d663e862e1e064aad8fd2293a62b157c83a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Tue, 20 Dec 2022 21:53:30 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 15 Nov 2022 19:10:28 GMT
server: Akamai Image Manager
etag: "58d1a89a83cf8179194b58084e8743214db66893"
content-type: image/webp
cache-control: private, no-transform, max-age=30784357
server-timing: cdn-cache; desc=HIT, edge; dur=21
content-length: 14414
expires: Tue, 12 Dec 2023 05:06:07 GMT

GET
H2 200 a475492201ad42f44e372d681523577f Show response
r610.chicagotribune.com/plugin/plugin/ 106 KB
26 KB 8ms
8ms Script
text/javascript 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/plugin/plugin/a475492201ad42f44e372d681523577f

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

9eb6599bb360c2bbd998e8fbb24087b36a03220670ca2a20e91d388bfccaf95d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
age: 110986
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 25847
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Dec 2022 15:03:44 GMT
server: -
etag: a475492201ad42f44e372d681523577f
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: _AK2wIA57TPVvosIN9HaZRMRmRY49ACDy-DHH1nO8DGNtCzqKcyIsA==
expires: Tue, 19 Dec 2023 15:03:44 GMT

GET
H2 200 features Show response
zephr.chicagotribune.com/zephr/ 3 KB
1 KB 206ms
69ms Fetch
application/json 13.32.27.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/features
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-7.fra56.r.cloudfront.net
Software: /
Resource Hash: 65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: public, max-age=300
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: Pc7Av9xYs9hRx25slgM_g-2xDVHvZiyHVbGdvbRlbW10nH1BcHZCjA==
x-blaize-request: ffffffffc2ab56f2

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 391ms
91ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&artpubt=1671188402&artsrc=Daily%20Southtown&artupt=1671208517&auth=Bill%20Jones&cms=fusion&hier=suburbs%7Cdaily-southtown&ptype=story&prem=metered&pubname=chicagotribune&sec=suburbs&wrdcnt=790&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=7672834d-aefe-4071-8ac0-48fc4b7d7ea6&pid=d9bee848-901f-4d36-94ed-150db9f62aa9&dtm=1671573210270&qnm=_matherq&visible=1&tabid=2481008f-402f-43e7-bcd8-03d205ae0e2c&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&vp=1600x1200&ds=1600x6083&tofa=1671573210&vid=1&lvidt=1671573210&duid=eec170922203a714&fp=983239506&cid=ma89701&mrk=197837611&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3MTU3MzIwODUwNiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNi4xbWIiLCJoZWFwVCI6IjE5LjNtYiIsImZzdFBhaW50IjoiODU5IiwiZmV0Y2hTIjoiMCIsImRvbWFpblMiOiIyIiwiZG9tYWluRSI6Ijc2IiwiY29ublMiOiI3NiIsImNvbm5FIjoiMTEyIiwic3NsUyI6IjgzIiwicmVxdVMiOiIxMTMiLCJyZXNwUyI6IjYyMCIsInJlc3BFIjoiNzk4IiwiZG9tTG9hZCI6IjcyOSIsImRvbUludGVyIjoiODk5IiwiZG9tTG9hZFMiOiIxMDI3IiwiZG9tTG9hZEUiOiIxMDkzIn0sImF1ZGllbmNlIjpbeyJwcm92aWRlciI6InVzZXJEQiIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6ImQ5YmVlODQ4LTkwMWYtNGQzNi05NGVkLTE1MGRiOWY2MmFhOSJ9LHsicHJvdmlkZXIiOiJpU2VncyIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6ImQ5YmVlODQ4LTkwMWYtNGQzNi05NGVkLTE1MGRiOWY2MmFhOSJ9XX0
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 20 Dec 2022 21:53:30 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 read_auth Show response
authenticate.chicagotribune.com/ 101 B
660 B 662ms
184ms Script
application/javascript 34.215.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://authenticate.chicagotribune.com/read_auth?product_code=chiarc&master_id=&callback=jQuery983721120340610000_758904737869516200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.225.95 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-225-95.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

706b118df0600e8323f9445e3db5b65c0075bbdc39fbcba6e0fc54e35fa06334

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-request-id: 023472fecdce8a29240722bc3b1d402c
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.004451
server: Apache
x-host-info: f04b2b68ae8e,; bd49cf49d42dfa391aa74c90a928b0c527730a90 (HEAD -> refs/heads/release/2211.1.1, refs/remotes/origin/release/2211.1.1) Added null check for authserver
etag: "c6bde3613dfae33c9f1d307c04bacd75"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: must-revalidate, private, max-age=0
httpd-identifier: f04b2b68ae8e
x-rack-cache: miss

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 149 KB
46 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb567b470c90efa50fbe96b8593b4605f2eb5ef2c5ef8a7d8f915ee8efa8982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46775
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 15:05:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 22:06:42 GMT

GET
H/1.1

200
OK

chiarc-reaction-1q2w3-1580939748189956228.min.js Show response
www.tribdss.com/meter/assets/
Redirect Chain

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

64 KB
15 KB

33ms
33ms

Script
text/javascript

96.16.138.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

HTTP/1.1

Server

96.16.138.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-138-112.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 21:53:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 14251
X-Request-Id: 36790d8fb9e612530b4ba84a3465a1e4
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.009261
X-Content-Digest: c9ca80d4d04a3c68e0ddbe3fb7bf02448f0875e0
Last-Modified: Tue, 27 Sep 2022 09:54:52 GMT
Server: Apache
X-Host-Info: bba241958a07,; 6bc1041e00adf70b2570b8110e71a863d7d26646 (HEAD -> refs/heads/release/2208.1.0, refs/remotes/origin/release/2208.1.0, refs/remotes/origin/release/2207.1.0) dss-17031 added service account for health check app
ETag: 1580939748189956228
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=24235288
Httpd-Identifier: bba241958a07
X-Rack-Cache: fresh

Redirect headers

Location: /meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international
Date: Tue, 20 Dec 2022 21:53:30 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 FUtg69tL.js Show response
cdn.jwplayer.com/libraries/ Frame D257 119 KB
42 KB 38ms
9ms Script
text/javascript 2600:9000:214f:de00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:de00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: f07e7865cec95526b860cee9a3745cd1146ca8834dbe5e2600dd5f179eba87ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:17 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
age: 13
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 42341
x-amz-cf-id: JwEUJ1bN861LiP85Qloca9VXODgViGQfLyaCVg3PYlpXuF6o8JQ-vA==

POST
H3 200 v2jtkRhp2O52JnCUkWC4v9hAmDYxFASuiwcxF-T4w4KIf79CaQm5HMgUqUMtel7GdSJMCvZqj Show response
smoggysnakes.com/ 191 B
218 B 54ms
31ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2jtkRhp2O52JnCUkWC4v9hAmDYxFASuiwcxF-T4w4KIf79CaQm5HMgUqUMtel7GdSJMCvZqj

Requested by

Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

a4c8d4114f8587537eee48b0c98b0472de53dc403cb9afeec4546be5526c388f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 20 Dec 2022 21:53:30 GMT
via: 1.1 google
x-buildnumber: 718439402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
x-hostname: fen-hoothoot-europe-west1-fhcq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Tue, 20 Dec 2022 21:53:29 GMT

GET
H2 200 c550b882848919ee080e14e3a3a084ea Show response
r610.chicagotribune.com/plugin/library/ 292 KB
92 KB 8ms
8ms Script
text/javascript 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/plugin/library/c550b882848919ee080e14e3a3a084ea

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

87eecb67faf2ab19e08c7f364ddef4c22a194a29ed08a7aeab1250d763ee44aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 17:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
age: 705691
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 93905
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Dec 2022 17:51:59 GMT
server: -
etag: c550b882848919ee080e14e3a3a084ea
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: IwxlOEvHeFoYIu_ilz0xjpnV-2kVGJ4zLbebvFHaWCq5_PmqWlSY2Q==
expires: Tue, 12 Dec 2023 17:51:59 GMT

POST
H2 200 LB-Zone-2 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/504/ 2 KB
2 KB 382ms
381ms XHR
application/json 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/504/LB-Zone-2?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=&bctempid=8232e0b8-0222-430d-b095-23ae39103815&overruleReferrer=&time=2022-12-20T21%3A53%3A30%2B00%3A00&ts=1671573210353

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

c50cdd8bdde6bf85d4400c77d9caff79322dedf69259b569204deb081d6c7fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 846
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Ejx_xkskrQUCAnNiDj-T85EVcrNjf4DewsP4kII8frh8drWKh_gSOw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 10ms
8ms Fetch
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash: 55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 04:37:45 GMT
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA53-C1
age: 62145
x-amzn-requestid: 2f175c75-5e50-4815-8358-c16505825785
x-amzn-trace-id: Root=1-63a13c19-1732789632d988111a5c63e7;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: dbZUFF4iDoEFsXw=
content-length: 30
x-amz-cf-id: N0lGW-sQDU6XjAknCXr1Gs6T5EfmN78XdOlxTOLjI8TBD6gAVRHVXQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 115ms
87ms Preflight
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 20 Dec 2022 21:53:30 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-apigw-id: ddxCKG26DoEFoXQ=
x-amz-cf-id: _cNZO4Wx17NINDfMpBbMPf0Gpu4SIGI2a1AhxV6MRSc-6TLdv6PLwQ==
x-amz-cf-pop: FRA6-C1 FRA53-C1
x-amzn-requestid: cd691627-6db5-4992-90a0-cdbd99d3ed31
x-cache: Miss from cloudfront

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 55ms
22ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=DA9NK-5NF4A-5FWA6-EFVPV-RL87Z&d=www.chicagotribune.com&t=5571911&v=1.720.0&sl=0&si=3fd55f1e-6051-4f30-af91-23357f3b02ea-rn7m55&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=544467
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 385b775f1349e9d369a6c6f63a0aafc11c22515ca8c97f2303038a2c6cdaf858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 20 Dec 2022 21:53:30 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H3 200 css2
fonts.googleapis.com/ Frame D257 3 KB
492 B 36ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 19:58:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 21:53:30 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame D257 43 B
192 B 251ms
216ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=1a5c7f58-eea8-471a-a9fa-3ff60b723a38&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
x-guploader-uploadid: ADPycduZPiYpWg0TZLPTN5nwqrE84cIijFngH8r195veBq8dKL_1urfpsRVAQQe3G8yeSKkJSt_-6lcAd2yD0ErCO-GtDQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 20 Dec 2023 21:53:30 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame D257 43 B
586 B 150ms
115ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=1a5c7f58-eea8-471a-a9fa-3ff60b723a38&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
x-guploader-uploadid: ADPycdsuZ8cThSVOPnruS9oLJoNTPm6a-HiQy078UAg4QBqMhmP_DJ3qmPzf8wqz0aBcu26DAi_wFShfQ8axGRp1AyO47uGs5yVy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 20 Dec 2023 21:53:30 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame D257 43 B
191 B 355ms
320ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=1a5c7f58-eea8-471a-a9fa-3ff60b723a38&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
x-guploader-uploadid: ADPycdslI-K_zZuCJxJom3s4mxfR27xFxUtc1iFb0aYcN0UvFzUhE-FLA_cIjwrrES11R4kRFKWxtzy6GJVvjuHlkhAjsQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Wed, 20 Dec 2023 21:53:30 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 28ms
8ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 22:00:03 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 21ms
9ms Other
image/svg+xml 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 22:23:25 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/chicagotribune.com/ 2 B
58 B 58ms
49ms Fetch
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/chicagotribune.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v2tvsZtq0QxNuKGIdtg9aWKPyvyVIIZ3cBLiUjkX5VqPFJqXswXg_utYEOvWQZZ-BHtv48GoA Show response
smoggysnakes.com/ 3 B
27 B 20ms
20ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2tvsZtq0QxNuKGIdtg9aWKPyvyVIIZ3cBLiUjkX5VqPFJqXswXg_utYEOvWQZZ-BHtv48GoA

Requested by

Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 20 Dec 2022 21:53:30 GMT
via: 1.1 google
x-buildnumber: 718439402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
x-hostname: fen-hoothoot-europe-west1-fhcq
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H3 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame D257 20 KB
20 KB 30ms
11ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:46:41 GMT
x-content-type-options: nosniff
age: 432409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 21:46:41 GMT

GET
H3 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame D257 21 KB
21 KB 26ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 08:54:16 GMT
x-content-type-options: nosniff
age: 46754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:54:16 GMT

POST
H2 200 feature-decisions Show response
zephr.chicagotribune.com/zephr/ 27 KB
6 KB 88ms
67ms Fetch
application/json 13.32.27.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-7.fra56.r.cloudfront.net
Software: /
Resource Hash: 9d52a7ad66be73a984a6718d3b806843144fdbe72108de2640e33037e1dfce3c

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: LJAtuOzLJWu6wnKoMiPY1gKu3mdwFYQWWXmF5PQTDE9-eoI-iHlAOw==
x-blaize-request: ffffffffaa26e9b1

OPTIONS
H2 200 feature-decisions
zephr.chicagotribune.com/zephr/ Frame 0
0 61ms
61ms Preflight 13.32.27.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-7.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin: https://www.chicagotribune.com
content-length: 0
date: Tue, 20 Dec 2022 21:53:30 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-id: Qj7O4_MKPqOOItZ4YHccAmPmAktaWEZWs1QZJE3KUTf-inJQQCVtFw==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront

GET
H3

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 3B36
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com
https://news.google.com/swg/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com

16 KB
7 KB

79ms
78ms

Document
text/html

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bf6d18c85863f83da7c56e0d7637a543a9cce447abd9550ee5c6a7be3076f39

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-1mXoZaL1fzRR_lPxtoYATw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-1mXoZaL1fzRR_lPxtoYATw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Tue, 20 Dec 2022 21:53:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-RtXrn_DZnH2AczT0y5Fdrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: application/binary
cross-origin-resource-policy: same-site
date: Tue, 20 Dec 2022 21:53:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ 2 KB
425 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 21:33:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 21:53:30 GMT

GET
H2 200 banner-winter-sale.png
www.chicagotribune.com/subscriptions/modal-global/img/ 2 KB
3 KB 89ms
87ms Image
image/png 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/banner-winter-sale.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

51af71cfd26e8ccf3dcdfad67fbf0af3bd1b852c077f78ab85bb2484385bc7d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120, 120
x-edgeconnect-origin-mex-latency: 3
x-amz-version-id: OQDTwwu36yq52uSZKhbD80q9AdYsxX9p
date: Tue, 20 Dec 2022 21:53:30 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA56-P2
x-edgeconnect-midmile-rtt: 3
content-length: 2077
last-modified: Thu, 10 Nov 2022 23:18:00 GMT
server: AmazonS3
etag: "487366d6b1684b4be1ff355511d4b74a"
x-edgeconnect-cache-status: 1
content-type: image/png
cache-control: private, max-age=1
x-amz-cf-id: EvOsNPEHE9TCI8OTpJvUhOWc6EuRPaAC5XYQLJiacTZHoDWZ7PT4jQ==
expires: Tue, 20 Dec 2022 21:53:31 GMT

GET
H2 200 arrow.svg
www.chicagotribune.com/subscriptions/modal-global/img/ 862 B
1002 B 95ms
92ms Image
image/svg+xml 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/arrow.svg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e032575ce4b515c457c0cf6c2dc05a33265351dfc72365e353669418cfc047d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120, 120
x-amz-version-id: 8UVaenlHzAE6BRrrl0X5eatDHeivHExx
content-encoding: gzip
date: Tue, 20 Dec 2022 21:53:30 GMT
last-modified: Mon, 17 Oct 2022 20:54:33 GMT
server: AmazonS3
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C2
etag: "961aedd1fed3b3c87e42a9b9f48e8975"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=1
x-amz-cf-id: TzKSRq9IxuGQlRDuk7v7Z0Ogw8MfM4dw2HdPNR-Zw3D_2P3mXlFYBQ==
content-length: 544
expires: Tue, 20 Dec 2022 21:53:31 GMT

GET
H2 200 icon-laptop.png
www.chicagotribune.com/subscriptions/modal-global/img/ 4 KB
5 KB 99ms
96ms Image
image/png 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/icon-laptop.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc96ea6e178463aae045454a8bb583cb8678f20c922a20723bbcdb0b0f242816

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120, 120
x-amz-version-id: tebKdJyUpG0Byn4LBF9J0h7iC0PNneV_
date: Tue, 20 Dec 2022 21:53:30 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 17 Oct 2022 20:54:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "10c5ddda2dce705aa29de726fdd86de3"
content-type: image/png
cache-control: private, max-age=1
content-length: 4400
x-amz-cf-id: qmfNzwLnMDfnWAgrIEctjL2FFkfoLmCwpXgzcMSjGlfeLBSQT7T4pA==
expires: Tue, 20 Dec 2022 21:53:31 GMT

GET
H2 200 icon-noads.png
www.chicagotribune.com/subscriptions/modal-global/img/ 3 KB
3 KB 95ms
93ms Image
image/png 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/icon-noads.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9ff4bae221a902760c0269d72a02a8e7abdb54597f9a1872a4212f4a5a463ed5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-amz-version-id: zZWudYECO5ZTTqCVOSz6Qjb.BU5KmHfs
date: Tue, 20 Dec 2022 21:53:30 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 17 Oct 2022 20:54:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "4e1d08e642478b4ec71c8fd0b9c256a2"
content-type: image/png
cache-control: private, max-age=1
content-length: 2577
x-amz-cf-id: 2ELAX6kW1d_04YyNAc9hdJdBZMfmfoX_CZTKwT7PJOWq6-oob_XajQ==
expires: Tue, 20 Dec 2022 21:53:31 GMT

GET
H2 200 icon-tablet.png
www.chicagotribune.com/subscriptions/modal-global/img/ 2 KB
2 KB 98ms
96ms Image
image/png 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/icon-tablet.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20d36b1439759089674dc4d2a6bc17436719a75911b63398b54772458dc709c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120, 120, 120
x-amz-version-id: w2CA2N0lZbRRgAIOV7FuPXyRsQcxjcTZ
date: Tue, 20 Dec 2022 21:53:30 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 17 Oct 2022 20:54:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "f30c900e60e4064f42517091db8b501b"
content-type: image/png
cache-control: private, max-age=1
content-length: 1911
x-amz-cf-id: idl6xOT3bBJvskcY8_9Yzn5S9qIt1samFdsmo_YtkWwjcOWpvRNx-w==
expires: Tue, 20 Dec 2022 21:53:31 GMT

GET
H2 200 icon-phone.png
www.chicagotribune.com/subscriptions/modal-global/img/ 4 KB
5 KB 93ms
92ms Image
image/png 2a02:26f0:3500:12::1730:17c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/subscriptions/modal-global/img/icon-phone.png

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:17c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3298bdfdcf3cc6b8bac3088bb71036c0be9eba411cff6c6902b1d53e63124adc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-amz-version-id: XTPYNp8GXdmkOVzf9BRCbDM4HFWxEZwE
date: Tue, 20 Dec 2022 21:53:30 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 17 Oct 2022 20:54:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "9a86e435cce562f363835eb199472583"
content-type: image/png
cache-control: private, max-age=1
content-length: 4359
x-amz-cf-id: dfjzHz9pDna4uoaRvH_7EKgd-jLbnx45rMZTc22pXWQ_Hwy2ajgxpQ==
expires: Tue, 20 Dec 2022 21:53:31 GMT

POST
H2 200 feature-decisions Show response
zephr.chicagotribune.com/zephr/ 29 KB
7 KB 111ms
110ms Fetch
application/json 13.32.27.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-7.fra56.r.cloudfront.net
Software: /
Resource Hash: a5443735a28962db2926e5f9103da5552856d086e77d6590bcbfb0b9cd955500

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: MHIxj01UpuxrgTAkGnlCcZyM__4aUzGTPxQiDSuX4791NkhOUN7zdw==
x-blaize-request: 7f1dd2a5

OPTIONS
H2 200 feature-decisions
zephr.chicagotribune.com/zephr/ Frame 0
0 84ms
83ms Preflight 13.32.27.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-7.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin: https://www.chicagotribune.com
content-length: 0
date: Tue, 20 Dec 2022 21:53:30 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-id: CabEH6R9UpbwZiXe6Dz_ZkIpkfKwnmmwEOD7AhjzQRMi3R3yT1xPfA==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 3B36 0
25 B 68ms
68ms Other
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7DE70uHI4hS_YCV05W2kPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 20 Dec 2022 21:53:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-7DE70uHI4hS_YCV05W2kPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/ed=1/rs=ABXTjI6zNgbp0ztkvGYfAWesWB-cKdjyjQ/ Frame 3B36 521 B
1 KB 42ms
11ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/ed=1/rs=ABXTjI6zNgbp0ztkvGYfAWesWB-cKdjyjQ/m=serviceiframeview,_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:27:49 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/am=GgYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI... Frame 3B36 176 KB
62 KB 59ms
28ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/am=GgYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5kQhw5oQdMiBGXDStRLpTNvEZWDQ/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464325&publicationId=chicagotribune.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

340bb38f9a3f5dcfa80608fc72824216a6cc60a87bf912a37bca85bce3bbd519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63398
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:21:35 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 17176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 17:07:14 GMT

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:28:35 GMT
x-content-type-options: nosniff
age: 433495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 21:28:35 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:05:12 GMT
x-content-type-options: nosniff
age: 211698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 11:05:12 GMT

GET
H2 200 stats Show response
r610.chicagotribune.com/rest/recommendations/ 14 B
847 B 391ms
391ms Script
text/javascript 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/rest/recommendations/stats?storeId=699df7a9-502c-4c05-85b0-78cce8b0f987&action=view&itemId=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&profileId=8232e0b8-0222-430d-b095-23ae39103815&isEntrypage=true&hash=1ff764f066a30934d63e19cac57b01ee&lastmodified=1671208516000&&callback=bc_json506

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

cfda1be8f44e375decd12d49d3ab266856eba263de6e940534401b7edcc523b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 34
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
x-amz-cf-id: 52qWB3aFWgewSqcRgSd7S-a4pUGMBjyrYlk0OhK1Hl5aQHB0szBX0A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 504 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 383 B
1 KB 380ms
379ms XHR
application/json 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/504?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=8232e0b8-0222-430d-b095-23ae39103815&bctempid=&overruleReferrer=&time=2022-12-20T21%3A53%3A30%2B00%3A00&ts=1671573210806

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

a7a4ac69be481c337d2fe42fe4df956de1fadb30206e857357549e6ab476f392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 180
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 4qgV99Xpzbgq2OQprnpHr1IBKb5mcf53iycl2KXm0t3p5ugF5AOqtA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 504 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 192 B
1 KB 375ms
374ms XHR
application/json 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/504?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=8232e0b8-0222-430d-b095-23ae39103815&bctempid=&overruleReferrer=&time=2022-12-20T21%3A53%3A30%2B00%3A00&ts=1671573210807

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

9faeff59d533f3747bf6f59e7dee9684430a647e5e31f7b9de87915264d1e598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Qj87DETpiAGI_I3SLSOmEt_H1kk-SVFyOHbdXK75VDXOluTGp1qalQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1... Frame 3B36 133 KB
45 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI50r2QK7NBzlD-SO11S1tli0FVHVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/am=GgYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5kQhw5oQdMiBGXDStRLpTNvEZWDQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53c3d2c02b226f255e8119f89eabc6db3d2d38c5a5e4e358c37ffea398693b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45699
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:21:38 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1... Frame 3B36 17 KB
7 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI50r2QK7NBzlD-SO11S1tli0FVHVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5dee40e5037f7928e9497a2f838a6e592ea848f62dd035340e43c3d55f1934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7277
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:21:38 GMT

POST
H2 200 504 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 2 KB
2 KB 380ms
380ms XHR
application/json 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/504?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=8232e0b8-0222-430d-b095-23ae39103815&bctempid=&overruleReferrer=&time=2022-12-20T21%3A53%3A30%2B00%3A00&ts=1671573210825

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

0d65f6d21d9732dadb469968da31076a634fd9f0ecea7e0569543cb74f2d3b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 946
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: LVWVLgHYf_fbXPzXQ8aL0h794Di7J8I2pV6BTRBI1CkWejeeMK-svA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 supply-feature
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 136ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=b5f40880152967fc0ffee5f00cfd4a39&sd=v2_4124dbcc703b4f779e4d2abeb340be41_e6397290-de2e-4ed7-ac52-8bfc73bfa664-tucta9bb45a_1671573210_1671573210_CNawjgYQrco9GPKInIzTMCABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGjvhs2V9cu1kixwAA&ui=e6397290-de2e-4ed7-ac52-8bfc73bfa664-tucta9bb45a&pi=/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&wi=-7063177944300320461&pt=text&vi=1671573210226&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A53%3A30.838&id=5894&llvl=2&cv=20221219-7-RELEASE&
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 20 Dec 2022 21:53:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
90 B 135ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=21%3A53%3A30.900&type=info&msg=Load%20publisher%20card%3A%20%23taboola-skip%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23taboola-skip%20succeed&llvl=2&id=8246&cv=20221219-7-RELEASE&lt=deflated&idx=pc&pc=%23taboola-skip&st=1
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13227

GET
H2 204 abtests
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 136ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=AM:AM:V&lti=deflated&ri=b5f40880152967fc0ffee5f00cfd4a39&sd=v2_4124dbcc703b4f779e4d2abeb340be41_e6397290-de2e-4ed7-ac52-8bfc73bfa664-tucta9bb45a_1671573210_1671573210_CNawjgYQrco9GPKInIzTMCABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGjvhs2V9cu1kixwAA&ui=e6397290-de2e-4ed7-ac52-8bfc73bfa664-tucta9bb45a&pi=/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&wi=-7063177944300320461&pt=text&vi=1671573210226&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3Anull%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1671573210902%7D&tim=21%3A53%3A30.902&id=20&llvl=2&cv=20221219-7-RELEASE&
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 20 Dec 2022 21:53:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 128ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=AM:AM:V&lti=deflated&ri=b5f40880152967fc0ffee5f00cfd4a39&sd=v2_4124dbcc703b4f779e4d2abeb340be41_e6397290-de2e-4ed7-ac52-8bfc73bfa664-tucta9bb45a_1671573210_1671573210_CNawjgYQrco9GPKInIzTMCABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGjvhs2V9cu1kixwAA&ui=e6397290-de2e-4ed7-ac52-8bfc73bfa664-tucta9bb45a&pi=/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&wi=-7063177944300320461&pt=text&vi=1671573210226&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1671573210910%7D&tim=21%3A53%3A30.910&id=1923&llvl=2&cv=20221219-7-RELEASE&
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 20 Dec 2022 21:53:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
427 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

690ccd1d5147450547924d553c47ba22f8d9c3fc79c5357e5e51df1f709cca1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 21:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 21:53:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 21:53:30 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1... Frame 3B36 1 KB
739 B 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.Be3rowzJMKs.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.SePl-HflkHU.L.B1.O/am=GgYACA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI50r2QK7NBzlD-SO11S1tli0FVHVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2c770b76bc4e66b27eb5596867e285ba2dae76e72550d6046c36297e13b2249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 713
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:52:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:21:39 GMT

POST
H2 200 log Show response
play.google.com/ Frame 3B36 131 B
672 B 316ms
279ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 21:53:31 GMT

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 98ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 600
content-length: 0
date: Tue, 20 Dec 2022 21:53:31 GMT
server: nginx

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
227 B 98ms
98ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Tue, 20 Dec 2022 21:53:31 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 3B36 508 B
388 B 77ms
77ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=4645760047232138197&bl=boq_subscribewithgoogleclientserver_20221219.08_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=78812&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62eba8b37a7f633e35bc6d633fc2d897cf573190223812b6b3041bb12a3554fc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3B36 131 B
155 B 63ms
44ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 21:53:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 312ms
40ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 21:53:31 GMT
expires: Tue, 20 Dec 2022 21:53:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3B36 131 B
155 B 63ms
45ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 21:53:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 312ms
40ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 21:53:31 GMT
expires: Tue, 20 Dec 2022 21:53:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3B36 131 B
155 B 62ms
44ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Dec 2022 21:53:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 310ms
40ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Dec 2022 21:53:31 GMT
expires: Tue, 20 Dec 2022 21:53:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/3f49be5a-bc89-48d8-b745-f51873a6c36f/ 6 KB
2 KB 252ms
243ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/3f49be5a-bc89-48d8-b745-f51873a6c36f/web?callback=__jp0

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c4b602358cece4c222faf5e4bf98ad96e38af104f3a99a94fd1625cb105116

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 3593
cf-polished: origSize=5659
status: 200 OK
x-envoy-upstream-service-time: 27
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 033fe1f8-582b-48d1-af3a-17dadd5ac2c9
x-runtime: 0.024483
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"2a93bd41ca961c036c868bed972d2f91"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 77cb9c7b5a7f5bed-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 20 Dec 2022 22:53:31 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 0B49 0
0 51ms
15ms Document
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/daily-southtown/ct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 20 Dec 2022 21:53:30 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 204 c780cfde9d493686
pixel.sitescout.com/iap/ 0
191 B 49ms
15ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/c780cfde9d493686
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 20 Dec 2022 21:53:30 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
227 B 98ms
98ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Tue, 20 Dec 2022 21:53:31 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 98ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 600
content-length: 0
date: Tue, 20 Dec 2022 21:53:31 GMT
server: nginx

POST
H2 200 504 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 383 B
1 KB 377ms
376ms XHR
application/json 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/504?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&bcsessionid=8232e0b8-0222-430d-b095-23ae39103815&bctempid=&overruleReferrer=&time=2022-12-20T21%3A53%3A31%2B00%3A00&ts=1671573211217

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-110.fra53.r.cloudfront.net

Software

- /

Resource Hash

842fb2fa5bd87a3421ff817ecb32708dcf0534aa76cf1ac22ce84c5b3f87d078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 180
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: sRTjyHn4-c21Y05AXVJMf7wnVRzbH5lcJFBFanQByHhmJJ15esyAbw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 69242096-056b-4160-8219-91bef73a974b
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/69242096-056b-4160-8219-91bef73a974b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 7c17c152-d1a8-4cae-a950-7838eb9e1bf4
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/7c17c152-d1a8-4cae-a950-7838eb9e1bf4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1052291973/ 2 KB
2 KB 60ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1052291973/?random=1671573211199&cv=11&fst=1671573211199&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&tiba=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&us_privacy=1---&uaw=0&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e15c141b845a7d74c43ce82026855ed1880ac46faa639995134bc556d37e057f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 92ms
92ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=9d9d350a-246b-4070-826b-9b8304e86b2b&pid=d9bee848-901f-4d36-94ed-150db9f62aa9&dtm=1671573211272&qnm=_matherq&visible=1&tabid=2481008f-402f-43e7-bcd8-03d205ae0e2c&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&vp=1600x1200&ds=1600x1200&tofa=1671573210&vid=1&lvidt=1671573210&duid=eec170922203a714&fp=983239506&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsidHlwZSI6InBheXdhbGwiLCJjYXRlZ29yeSI6ImJsb2NrIiwiYWN0aW9uIjoic3RvcCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJQcm9kIENUIE1ldGVyIiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vNjYiLCJvdXRjb21lTGFiZWwiOiJTb3BoaSBDTVAgUGF5d2FsbCBSZWN1cmx5IEFub24ifV0sIm1ldGVyIjp7fSwidHJpYWxUcmFja2luZ0RldGFpbCI6e30sInZlbmRvciI6InplcGhyIiwiZmxvd3JlZiI6eyJkYXkwIjp7ImZsb3ciOiJwYXl3YWxsIiwidGlkIjoiOWQ5ZDM1MGEtMjQ2Yi00MDcwLTgyNmItOWI4MzA0ZTg2YjJiIiwidGltZSI6IjE2NzE1NzMyMTEifSwiZGF5NSI6eyJ0aW1lIjoiMTY3MTU3MzIxMSJ9LCJkYXkzMCI6eyJ0aW1lIjoiMTY3MTU3MzIxMSJ9fX0sImF1ZGllbmNlIjpbeyJwcm92aWRlciI6InVzZXJEQiIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6ImQ5YmVlODQ4LTkwMWYtNGQzNi05NGVkLTE1MGRiOWY2MmFhOSJ9LHsicHJvdmlkZXIiOiJpU2VncyIsInNlZ21lbnRzIjpbIk1BVEhFUl9VOV9GSVJTVFRJTUVNRVQyXzIwMTkxMDE2Il0sInBhZ2VJZCI6ImQ5YmVlODQ4LTkwMWYtNGQzNi05NGVkLTE1MGRiOWY2MmFhOSJ9XX0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 20 Dec 2022 21:53:31 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 /
www.google.com/pagead/1p-user-list/1052291973/ 42 B
548 B 528ms
27ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1052291973/?random=1671573211199&cv=11&fst=1671570000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&tiba=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&fmt=3&is_vtc=1&random=2449257686&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1052291973/ 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1052291973/?random=1671573211199&cv=11&fst=1671570000000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&tiba=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&fmt=3&is_vtc=1&random=2449257686&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 92ms
91ms Image
image/gif 3.217.241.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Lansing%20woman%20turns%20tragedy%20into%20generosity%20through%20MJG%20Movement&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=99ecacee-0fef-4add-8881-e031c97c058b&pid=d9bee848-901f-4d36-94ed-150db9f62aa9&dtm=1671573211276&qnm=_matherq&visible=1&tabid=2481008f-402f-43e7-bcd8-03d205ae0e2c&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&vp=1600x1200&ds=1600x1200&tofa=1671573210&vid=1&lvidt=1671573210&duid=eec170922203a714&fp=983239506&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoiY29udGVudCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJQcm9kIENUIE1ldGVyIiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vNjYiLCJvdXRjb21lTGFiZWwiOiJTb3BoaSBDTVAgUGF5d2FsbCBSZWN1cmx5IEFub24ifSx7ImZlYXR1cmVMYWJlbCI6IlRvYXN0ZXIiLCJvdXRjb21lSWQiOiJ0cmFuc2Zvcm1hdGlvbi8xNDciLCJvdXRjb21lTGFiZWwiOiJDLUNULUlaLUQtTi1Uc3QifV0sIm1ldGVyIjp7fSwidHJpYWxUcmFja2luZ0RldGFpbCI6e30sIm91dGNvbWVMYWJlbCI6IlNvcGhpIENNUCBQYXl3YWxsIFJlY3VybHkgQW5vbiIsInZlbmRvciI6InplcGhyIiwidHlwZSI6InVua25vd24ifSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiZDliZWU4NDgtOTAxZi00ZDM2LTk0ZWQtMTUwZGI5ZjYyYWE5In0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiZDliZWU4NDgtOTAxZi00ZDM2LTk0ZWQtMTUwZGI5ZjYyYWE5In1dfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-241-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 20 Dec 2022 21:53:31 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ Frame 5F94 55 KB
18 KB 47ms
9ms Script
application/javascript 65.9.66.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221219-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-128.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6b49eeea8cc90c785e459aa7cd32f705759e84741f3421cfa7bc4685210c2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:48:28 GMT
content-encoding: br
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 10:30:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 307
etag: W/"695e5fa6c95a1c9169972d0e7f5c09c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: n5n1i-ajphzGp0MAomGdBftgtiJb_GhUlutPL__2uV3cpaK9XUwoHw==

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 20ms
20ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 679
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 77cb9c7b988d901c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Jan 2023 21:53:31 GMT

POST
H2 204 beacons
p.flipp.com/ Frame 5F94 0
0 462ms
192ms Fetch 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 20 Dec 2022 21:53:31 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.chicagotribune.com
access-control-allow-credentials: true
x-amz-cf-id: CybHV7nQBDXg3FFA_rfDsy8nA5QfXFkKEsdNaTl6dA-HQ8CpmQNecg==

POST
H2 204 bulk Show response
trc.taboola.com/tribunedigital-chicagotribune/log/3/ 0
155 B 25ms
25ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tribunedigital-chicagotribune/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221219-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Tue, 20 Dec 2022 21:53:31 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220032-HHN
server: nginx
x-timer: S1671573212.919476,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.chicagotribune.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 92ms
91ms Image
image/gif 18.213.117.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicagotribune.com&p=%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&u=jZB_d0Ql1mBTX-6_&d=chicagotribune.com&g=3906&g0=suburbs%2Csuburbs%3Adaily-southtown&g1=Bill%20Jones&n=1&f=00001&c=0.03&x=0&m=0&y=5856&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&PA=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&b=1639&t=DYzhldCknUPQDsv-N8CnOgLmDj6k_a&V=139&tz=0&_acct=anon&sn=2&sv=DTz2qdCqu2Ybb9i2dCLYw5GBmLVwb&sd=1&im=067b0fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.117.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-117-153.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 21:53:32 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 33ms
33ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=8eed2928-ea38-44ef-a697-6155434ec03f&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDYRMmBn8rRjMToQjBmoMtOGjuFqjRHsHVw8ujxXjewkcLvAGZGfutTi59aHjqLHzg-RgNQi3LlR1j2iIPWNTiv3KWa-0Pa2M-0tXlPOzFkNCPJlEKd8kAC1mMGhlslrjk7f-uWJygBXyNXCmqmoVfSaqRPCND4uDlvfLoesJ-J5FWKosjnPrUeRcuC8dYZA7CXYiTLSHBs7AsqD5aDQ-k664mEidf8Ub4wjJeTMg9UGg6zCD1sw87pUGoWpG68cOIc33n4BmoRrtUoPl1AivVmg&ntv_ht=2S6iYwA&ntv_at=808&ntv_a=AAAAAAAAAA7O4QA&ntv_sat=5&ord=1671573213389&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 21:53:33 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 73ms
10ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1757361571160924&ev=ViewContent&ts=1671573215208&it=1671573215208&v=2.7.21&if=false&cd[article_content_tier]=free&cd[is_subscriber]=true&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Fdaily-southtown%2Fct-sta-mjg-movement-giveaway-st-1216-20221216-2ftxqbxqg5guflnhrhu6yb6syi-story.html&rl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 20 Dec 2022 21:53:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chicagotribune.com/subscriptions/modal-global/img	1970-01-20 17:05:09	Name: _lbz Value: 0
.chicagotribune.com/suburbs/daily-southtown	1970-01-20 17:05:09	Name: _lbz Value: 0
r610.chicagotribune.com/DG/DEFAULT	1970-01-20 17:55:33	Name: BCSessionID Value: 8232e0b8-0222-430d-b095-23ae39103815
.chicagotribune.com/	1970-01-20 08:19:34	Name: _lb Value: 2
.chicagotribune.com/	1970-01-20 08:19:36	Name: AKA_A2 Value: A
tribune.blueconic.net/	1970-01-20 08:29:38	Name: AWSALBCORS Value: DIuaOuKxbMLSblh27A/Jq1JaRMNeER6Ojgh41sxMr6HXnLj4nm8HSjORg/zr7hn/lGLDFJ6ivPF5kp377gCTCTQKfWhN17u6JkYD3LGwn3i109ftTSctLzLpOz/g
.postrelease.com/	1970-01-20 17:05:09	Name: opt_out Value: 1
.www.chicagotribune.com/	1970-01-20 08:19:35	Name: sophiTagses.7165 Value: *
www.chicagotribune.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":3553513,"placementID":1109740,"lastInteraction":1671573210154,"sessionStart":1671573210154,"sessionEndDate":1671580800000,"experiment":""}
.chicagotribune.com/	1970-01-20 08:19:35	Name: _ml_ses Value: *
.chicagotribune.com/	1970-01-20 17:55:33	Name: _matheriSegs Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/	1970-01-20 17:55:33	Name: _matherSegments Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/	1970-01-20 17:55:33	Name: _awl Value: 2.1671573210.5-2cd3b2b170050bede882616a23058529-6763652d6575726f70652d7765737431-0
zephr.chicagotribune.com/	1970-01-20 11:41:09	Name: blaize_session Value: 94306a5c-2ddb-4bae-a03d-4ba38e4945ee
zephr.chicagotribune.com/	1970-01-20 17:55:33	Name: blaize_tracking_id Value: f5ecbecc-280f-4972-91ad-9b5f98b0b800
www.chicagotribune.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 8232e0b8-0222-430d-b095-23ae39103815
zephr.chicagotribune.com/	1970-01-20 08:29:38	Name: AWSALB Value: s4F/hKSNGJNMxYFnpOfi055MDQ6s1ADjVKaJTisAFhHFLN4s4dwoBR5ROrktGD1VjIljF5NPgizkEQ5oeJNo5kWCDzI9NvGJ0q+Eg1h+35YvxS3tFuFL8t1l58wf
zephr.chicagotribune.com/	1970-01-20 08:29:38	Name: AWSALBCORS Value: s4F/hKSNGJNMxYFnpOfi055MDQ6s1ADjVKaJTisAFhHFLN4s4dwoBR5ROrktGD1VjIljF5NPgizkEQ5oeJNo5kWCDzI9NvGJ0q+Eg1h+35YvxS3tFuFL8t1l58wf
.www.chicagotribune.com/	1970-01-20 17:55:33	Name: sophiTagid.7165 Value: 7b882867-62b5-4833-86f2-6bc2f7649952.1671573210.1.1671573211.1671573210.cfe79c58-825f-4bb5-bdcc-61b10156ace6
.chicagotribune.com/	1970-01-20 12:38:45	Name: c_mId Value:
.chicagotribune.com/	1970-01-20 12:38:45	Name: c_PUID Value:
.www.chicagotribune.com/	1970-01-20 08:29:38	Name: RT Value: "z=1&dm=www.chicagotribune.com&si=3fd55f1e-6051-4f30-af91-23357f3b02ea&ss=lbwrj2d6&sl=1&tt=22l&rl=1&ld=22n"
.chicagotribune.com/	1970-01-20 17:55:33	Name: _ml_id Value: eec170922203a714.1671573210.1.1671573211.1671573210
.doubleclick.net/	1970-01-20 08:19:34	Name: test_cookie Value: CheckForPermission
www.chicagotribune.com/	1970-01-20 17:05:09	Name: flipp-uid Value: 62fb3f52-37d1-4dd6-953f-42bb17af2d3a
r610.chicagotribune.com/	1970-01-20 08:29:38	Name: AWSALB Value: kd6WyU4YoL8I1VLbO2JJNWbn8k/vLCwXE3uWANN32Ka3r45EsxsAuLii1e4LhXd7kMdwPtlP04B8jUpMq5Dxfv6/oG/dgwsPof+s9be6/MQDUan3pAHbyBiyOMX8
r610.chicagotribune.com/	1970-01-20 08:29:38	Name: AWSALBCORS Value: kd6WyU4YoL8I1VLbO2JJNWbn8k/vLCwXE3uWANN32Ka3r45EsxsAuLii1e4LhXd7kMdwPtlP04B8jUpMq5Dxfv6/oG/dgwsPof+s9be6/MQDUan3pAHbyBiyOMX8
.p.flipp.com/	1970-01-20 17:55:33	Name: gid Value: "t2/U7QAA12ZU+ia+ANvv3Q=="

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am-trc-events.taboola.com
assets.zephr.com
authenticate.chicagotribune.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn-gateflipp.flippback.com
cdn.confiant-integrations.net
cdn.jwplayer.com
cdn.onesignal.com
cdn.parsely.com
cdn.sophi.io
cdn.taboola.com
cmp.osano.com
collector2.sophi.io
dynpaywall-api-chicagotribune.ml.sophi.io
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
googleads.g.doubleclick.net
jadserve.postrelease.com
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
mab.chartbeat.com
news.google.com
onesignal.com
p.flipp.com
p1.parsely.com
ping.chartbeat.net
pixel.sitescout.com
play.google.com
player-files.remixd.com
polyfill.io
pubcast-files.remixd.com
r610.chicagotribune.com
s.go-mpulse.net
s.ntv.io
sb.scorecardresearch.com
smoggysnakes.com
ssor.tribdss.com
static.adsafeprotected.com
static.chartbeat.com
tags.remixd.com
trc.taboola.com
tribune-chicagotribune.zeustechnology.com
tribune.blueconic.net
widget.perfectmarket.com
www.chicagotribune.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.i.matheranalytics.com
www.tribdss.com
zephr.chicagotribune.com
107.178.250.234
13.32.27.115
13.32.27.7
13.32.28.197
141.226.228.48
143.204.215.110
143.204.215.111
143.204.215.122
143.204.215.24
151.101.1.44
18.213.117.153
23.35.237.64
2600:1901:0:d733::1
2600:9000:2057:a00:18:1fcd:351:7bc1
2600:9000:211e:7000:3:b7e:8940:93a1
2600:9000:214f:2800:8:48e:53c0:93a1
2600:9000:214f:de00:1:a3fa:7cc0:93a1
2606:4700::6812:106b
2606:4700::6812:e234
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:831::200e
2a02:26f0:3500:12::1730:17c0
2a02:26f0:3500:586::11a6
2a02:26f0:7100:59a::11a6
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::282
2a04:4e42:600::714
3.217.241.65
34.215.225.95
34.246.233.4
35.190.38.143
52.223.1.76
54.160.47.101
63.34.81.234
65.9.61.60
65.9.66.128
65.9.66.15
65.9.66.3
65.9.66.7
65.9.66.79
96.16.138.112
98.98.134.243
99.86.4.32
99.86.4.41
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0c5ae34a674cdb6cdb2747b25bae3d663e862e1e064aad8fd2293a62b157c83a
0d65f6d21d9732dadb469968da31076a634fd9f0ecea7e0569543cb74f2d3b3d
106aa5705180e3e04ee9e16dc4f210956589847454da68c513d64e6fdd0ec35d
14db414b93ad787c1dbff2a9810bad726d4a668f9771d14f7b9e0ac4a07fcd16
14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5
1772b2203205468529b2ce91b979cbfd4e7ac95f5cf55463fdbb313cf9708403
17f12ac7f20e79425daf1c3a77824a189660b2154063ea202a32199cbfd8d4b4
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
20d36b1439759089674dc4d2a6bc17436719a75911b63398b54772458dc709c2
261cd8c87248d6bc2e29d1a4c90b82020faa40bb6243a1b73054e0657b0d9ce3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e8abd1bd35c53e27e8217456b80f258f45b0c4f0a7c4eefb30f9749f055c1cc
3298bdfdcf3cc6b8bac3088bb71036c0be9eba411cff6c6902b1d53e63124adc
32e8506d2f282e7132820c2c989104e013938da8c2214f6442eaec6945918211
340bb38f9a3f5dcfa80608fc72824216a6cc60a87bf912a37bca85bce3bbd519
34ec1683d2642299e982025227fedb587004b36ef9d3abcf47999e7f62a8afff
37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b
385b775f1349e9d369a6c6f63a0aafc11c22515ca8c97f2303038a2c6cdaf858
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b10e0974a2a15ad1594ac1f02cb48260dc542ba0996ad7e25f35f80e7c163b
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
4af436546062a267e25a9ff089d0d1a2dc9e0baf86765c2a382f770e9365a6b2
4de3df3f8c41b969312c7f8fb0ec105ca4ceebfeff99e9c4c6552f017c8aeb2e
4de5a2bd3f00d6c188b3caa2f8c0c6cc3080941985328ede8274e2da5b8e323e
4fff4fdf9ddb97b73d60aff93cc19a5dfbf9951d3f678f210e87c1718230c05f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51ae82135498270faf7037bc1034285965dcde3c43476a24ac83ab3d14322522
51af71cfd26e8ccf3dcdfad67fbf0af3bd1b852c077f78ab85bb2484385bc7d4
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
53c3d2c02b226f255e8119f89eabc6db3d2d38c5a5e4e358c37ffea398693b11
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7
5b96b81ae4d12086287a1d75eb13d2377f035cc91c20e4a5ee8421ad96719540
5bf6d18c85863f83da7c56e0d7637a543a9cce447abd9550ee5c6a7be3076f39
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
62eba8b37a7f633e35bc6d633fc2d897cf573190223812b6b3041bb12a3554fc
6522f662c8debcda2820aaf8d8d34f30061896419eded83d4e57fb1ac98d41ff
65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98
690ccd1d5147450547924d553c47ba22f8d9c3fc79c5357e5e51df1f709cca1e
69676c18aa998429f13027fc42adf38f122e3c1fbcc2e1bd36e3b39372eb79bf
6d12cb94d68d465e2823cd9b692413eef5e6ea8b58482c265e49a7cd6d23b9ad
6d95f7650626b4f031840d2f10234c5961e11b3cce537ede08c325e2af8249ad
706b118df0600e8323f9445e3db5b65c0075bbdc39fbcba6e0fc54e35fa06334
79c4b602358cece4c222faf5e4bf98ad96e38af104f3a99a94fd1625cb105116
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32
842fb2fa5bd87a3421ff817ecb32708dcf0534aa76cf1ac22ce84c5b3f87d078
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
848a34a269b0a7e7e682362ed5189ee271f6995f85621315c3c1937139a00c26
86c762b00a29153ee3b4b8b34f9144bf601339d21756440985189005d34bd26e
87eecb67faf2ab19e08c7f364ddef4c22a194a29ed08a7aeab1250d763ee44aa
8b992185e4480c6985018878a97c716fb566d4438398fe60aba7a9e1d9c06059
8bf44f8d55bee13de5e914aa515f03b44c8725151aed814916f23443930cfa11
8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468
96ccf982c4d6f90c3a1a86ec1115c794b8aff5c09cacfb0c54357946abd0a3a8
9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2
9a2b97d7aae47bba79d3c507aa950e05461e43928d0aee51201e5fdcb95cfc94
9a9cc873978e850d993c6ea059d54da6a4a1d7be8b3b11d83ffc5e34ba97d32f
9d52a7ad66be73a984a6718d3b806843144fdbe72108de2640e33037e1dfce3c
9eb6599bb360c2bbd998e8fbb24087b36a03220670ca2a20e91d388bfccaf95d
9faeff59d533f3747bf6f59e7dee9684430a647e5e31f7b9de87915264d1e598
9ff4bae221a902760c0269d72a02a8e7abdb54597f9a1872a4212f4a5a463ed5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a17a94273cff2fca97148e7ac2b20a58c467ae02b6033eccb02f9e96747b07fe
a46d162bd9cafedc1562a407354bfe0bdd38a82004f25de401470c9894e6e869
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a4c8d4114f8587537eee48b0c98b0472de53dc403cb9afeec4546be5526c388f
a5443735a28962db2926e5f9103da5552856d086e77d6590bcbfb0b9cd955500
a7a4ac69be481c337d2fe42fe4df956de1fadb30206e857357549e6ab476f392
a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97
b1df8c8bd5df1d6988dc0269f139faaccf70acc820483387679da37d23b6509d
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
baff27315285aafa5071a85603694284141f69ad88c77ef68241ff8555e5f1fc
bc96ea6e178463aae045454a8bb583cb8678f20c922a20723bbcdb0b0f242816
bd03e70c1b849ea7e586ad1b46a8a6ef0215f2f8113f869f22b0802977253fa6
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c2c770b76bc4e66b27eb5596867e285ba2dae76e72550d6046c36297e13b2249
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c50cdd8bdde6bf85d4400c77d9caff79322dedf69259b569204deb081d6c7fbc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5dee40e5037f7928e9497a2f838a6e592ea848f62dd035340e43c3d55f1934
cfda1be8f44e375decd12d49d3ab266856eba263de6e940534401b7edcc523b9
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da9b27ac8c87ddf37a008df0699180c1764f27b5015ec661a37a3d05b1da9a94
daea45ab775badcc8428a74d2676ac1993213cd6c7bd0352b6e96eb2f29b37ce
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e02d29497d62ca80311fa65138ac0ea44d34c731ccf9d31276133e950ca8b6dd
e032575ce4b515c457c0cf6c2dc05a33265351dfc72365e353669418cfc047d0
e15c141b845a7d74c43ce82026855ed1880ac46faa639995134bc556d37e057f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e5915fd5813ede0116e919c3154a6ff305c5c5d28489b6ed44df905514c9a52b
e8ea3c65df3dbc6a61526b4630dd65bca327a04024120f8dd5d6b7a6fcc53b0f
ebb567b470c90efa50fbe96b8593b4605f2eb5ef2c5ef8a7d8f915ee8efa8982
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07e7865cec95526b860cee9a3745cd1146ca8834dbe5e2600dd5f179eba87ba
f29d619ae47af6157d83ccc3ab4581760b04bb109115a7013e8aa9ef6210b601
f486dcad1402002af6f9fee8cbe1f301710b828ea0740abfe8672137ef6e02f8
f6b49eeea8cc90c785e459aa7cd32f705759e84741f3421cfa7bc4685210c2a6
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

www.chicagotribune.com Open in urlscan Pro 2a02:26f0:3500:12::1730:17c0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

96 %HTTPS

44 %IPv6

37 Domains

57 Subdomains

53 IPs

4 Countries

3041 kBTransfer

9913 kBSize

28 Cookies

59 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.chicagotribune.com Open in urlscan Pro
2a02:26f0:3500:12::1730:17c0 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

96 %
HTTPS

44 %
IPv6

37
Domains

57
Subdomains

53
IPs

4
Countries

3041 kB
Transfer

9913 kB
Size

28
Cookies

158 HTTP transactions
0 data transactions