chicago.suntimes.com Open in urlscan Pro
143.204.98.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chicago.suntimes.com/
Effective URL:
https://chicago.suntimes.com/
Submission: On March 18 via manual (March 18th 2022, 8:09:41 pm UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 26 domains to perform 95 HTTP transactions. The main IP is 143.204.98.105, located in United States and belongs to AMAZON-02, US. The main domain is chicago.suntimes.com. The Cisco Umbrella rank of the primary domain is 83802.
TLS certificate: Issued by Amazon on February 15th 2022. Valid for: a year.

This is the only time chicago.suntimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	143.204.98.105 143.204.98.105	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:64:... 2a02:26f0:64::210:6a30	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	143.204.98.10 143.204.98.10	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.58 143.204.98.58	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:64:... 2a02:26f0:64::210:6a50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3030::6815:5476	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400e:801::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f14:600... 2600:1f14:600:6e00:7e4f:fc0a:a5ab:e64f	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:c40... 2a02:26f0:c400:294::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:6400:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	54.197.34.221 54.197.34.221	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:80d::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	52.217.42.12 52.217.42.12	16509 (AMAZON-02) (AMAZON-02)
1	141.95.3.10 141.95.3.10	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	() ()
95	35

3 143.204.98.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-105.fra50.r.cloudfront.net

chicago.suntimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:64::210:6a30 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.204.98.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-10.fra50.r.cloudfront.net

cst.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::210:6a50 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:801::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:600:6e00:7e4f:fc0a:a5ab:e64f (Boardman, United States)

ASN16509 (AMAZON-02, US)

aamapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:c400:294::268b (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.34.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-34-221.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3c6a512c1240e39cacbb652d7c829d05.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.42.12 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.10 (France)

ASN16276 (OVH, FR)
PTR: p31.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	brightspotcdn.com cst.brightspotcdn.com — Cisco Umbrella Rank: 218311	217 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 3c6a512c1240e39cacbb652d7c829d05.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122	130 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	160 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4226 p1cluster.cxense.com — Cisco Umbrella Rank: 6281 comcluster.cxense.com — Cisco Umbrella Rank: 3989 id.cxense.com — Cisco Umbrella Rank: 7754	52 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 427 p.typekit.net — Cisco Umbrella Rank: 527	183 KB
6	piano.io c2.piano.io — Cisco Umbrella Rank: 3563 api-esp.piano.io	18 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	111 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	40 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	198 KB
3	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 6242 cdn.tinypass.com — Cisco Umbrella Rank: 4116 buy.tinypass.com — Cisco Umbrella Rank: 3573	82 KB
3	suntimes.com 1 redirects chicago.suntimes.com — Cisco Umbrella Rank: 83802	44 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490 id5-sync.com — Cisco Umbrella Rank: 488	12 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 15244	95 KB
1	jquery.com code.jquery.com	29 KB
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 17833	448 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 966	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1029	23 KB
1	aamapi.com aamapi.com — Cisco Umbrella Rank: 10561	180 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	42 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 3944	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	28 KB
0	googleapis.com Failed fonts.googleapis.com Failed
95	26

	Domain	Requested by
13	cst.brightspotcdn.com	chicago.suntimes.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com chicago.suntimes.com
6	securepubads.g.doubleclick.net	htlbid.com www.googletagservices.com securepubads.g.doubleclick.net chicago.suntimes.com
6	use.typekit.net	chicago.suntimes.com use.typekit.net
5	api-esp.piano.io	cdn.tinypass.com code.jquery.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google.com	1 redirects tpc.googlesyndication.com chicago.suntimes.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
4	connect.facebook.net	chicago.suntimes.com connect.facebook.net
3	chicago.suntimes.com	1 redirects cst.brightspotcdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	chicago.suntimes.com
2	htlbid.com	chicago.suntimes.com
1	code.jquery.com	api-esp.piano.io
1	googleads.g.doubleclick.net	chicago.suntimes.com
1	id5-sync.com	cdn.id5-sync.com
1	ams-pageview-public.s3.amazonaws.com
1	cdn.id5-sync.com	chicago.suntimes.com
1	3c6a512c1240e39cacbb652d7c829d05.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	ping.chartbeat.net
1	static.chartbeat.com	chicago.suntimes.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	c2.piano.io	cdn.tinypass.com
1	buy.tinypass.com	cdn.tinypass.com
1	aamapi.com	www.googletagmanager.com
1	cdn.tinypass.com	experience.tinypass.com
1	experience.tinypass.com	chicago.suntimes.com
1	www.googletagmanager.com	chicago.suntimes.com
1	www.npttech.com	chicago.suntimes.com
1	p.typekit.net	use.typekit.net
1	www.googletagservices.com	chicago.suntimes.com
0	fonts.googleapis.com Failed	chicago.suntimes.com
95	40

This site contains links to these domains. Also see Links.

Domain
graphics.suntimes.com
newsletters.suntimes.com
paper.suntimes.com
marketplace.suntimes.com
jobs.suntimes.com
legacy.suntimes.com
ads.suntimes.com
hiring.suntimes.com
www.publicnoticeillinois.com
marketing.suntimes.com
stmiservices.newscyclecloud.com
secure.iwantmytvmagazine.com
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
origin.cst-web.production.chorus.brightspot.cloud Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
htlbid.com Amazon	`2021-11-21` - `2022-12-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-26` - `2022-03-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-18`	a year	crt.sh
aamapi.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://chicago.suntimes.com/
Frame ID: 7585F8AF5709B6712CF9BC075B22215F
Requests: 75 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 281E1C0402552517AB2A9490BD4FD858
Requests: 4 HTTP requests in this frame

Frame: https://3c6a512c1240e39cacbb652d7c829d05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 679799DB92F2E156A1B2517E7E88CE7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1376D917CFE44DD02728E127B2403576
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B665163A35D91857FDCF4375D4D1A3E4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: 83C5DC86F3C6C79EC9D27455B1DC210E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chicago Sun-Times: Chicago news, sports, politics, entertainmentclockCST_

Page URL History Show full URLs

http://chicago.suntimes.com/ HTTP 301
https://chicago.suntimes.com/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

97 %
HTTPS

71 %
IPv6

26
Domains

40
Subdomains

35
IPs

6
Countries

1491 kB
Transfer

4415 kB
Size

21
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://graphics.suntimes.com/chicago-city-council/
Title: City Council Directory

Search URL Search Domain Scan URL

URL: https://newsletters.suntimes.com/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://paper.suntimes.com/
Title: E-Paper

Search URL Search Domain Scan URL

URL: https://marketplace.suntimes.com/cst-marketplace/
Title: View Classified Ads

Search URL Search Domain Scan URL

URL: https://jobs.suntimes.com/
Title: Find a Job

Search URL Search Domain Scan URL

URL: https://legacy.suntimes.com/obituaries/chicagosuntimes/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/cstclassified/flow.html?_flowId=adportal-classified-flow&action=jump
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://hiring.suntimes.com/purchase/post-now/
Title: Post a Job Opening

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://www.publicnoticeillinois.com/
Title: View Legal Notices

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/celebrations/index.html
Title: Celebrations

Search URL Search Domain Scan URL

URL: https://ads.suntimes.com/suntimes-adportal/cstclassified/flow.html?action=jump&_flowId=adportal-classified-flow&categoryName=Retail&classificationName=Retail
Title: Place Small Business Ad

Search URL Search Domain Scan URL

URL: https://marketing.suntimes.com/post-a-legal-notice
Title: Place a Legal Notice

Search URL Search Domain Scan URL

URL: https://stmiservices.newscyclecloud.com/cgi-bin/cmo_stm-c-cmdb-01.sh/custservice/web/login.html?siteid=CST
Title: Manage your home delivery account

Search URL Search Domain Scan URL

URL: https://secure.iwantmytvmagazine.com/order/zipcode/1
Title: Manage your TV weekly account

Search URL Search Domain Scan URL

URL: https://marketing.suntimes.com/media-kit
Title: Media kit

Search URL Search Domain Scan URL

URL: https://twitter.com/Suntimes
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thechicagosuntimes
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvU3ALK4osa_RV4znIToB2Q
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/chicagosuntimes/
Title: instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chicago.suntimes.com/ HTTP 301
https://chicago.suntimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

95 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
chicago.suntimes.com/
Redirect Chain

http://chicago.suntimes.com/
https://chicago.suntimes.com/

324 KB
43 KB

32ms
10ms

Document
text/html

143.204.98.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-105.fra50.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

23fe9e22a1f36c44706ac4a72bddd198912c40ea01b435a01f0c75f7dca91400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=UTF-8
content-length: 43502
date: Fri, 18 Mar 2022 20:06:36 GMT
server: N/A
strict-transport-security: max-age=31536000; includeSubdomains;
x-powered-by: Brightspot
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: i5Z2zB25u_0fIt0Q8LvvPWLZ4JWEe1aCPG0aIuaNfAfEYW5L-IoBlA==
age: 178

Redirect headers

Server: CloudFront
Date: Fri, 18 Mar 2022 20:09:34 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://chicago.suntimes.com/
X-Cache: Redirect from cloudfront
Via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: WfnJ9_ddB6UiVhuL34WiGSgi-pjJKqiKPWkoOqfK3pJwZZxVwmCHlQ==

GET
H2 200 qzq4qkv.css
use.typekit.net/ 5 KB
1 KB 49ms
24ms Stylesheet
text/css 2a02:26f0:64::210:6a30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qzq4qkv.css

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::210:6a30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 18 Mar 2022 20:09:34 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 890

GET
H2 200 All.min.31b461b0b2d1f1b890db5fde402c4077.gz.css
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 322 KB
38 KB 44ms
13ms Stylesheet
text/css 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.31b461b0b2d1f1b890db5fde402c4077.gz.css?v=1212
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e36283e91b2af53f7a9179ead0d3bfbc41d37af9ceb3724a7159bb94578fe372

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:14:21 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 19:14:03 GMT
server: AmazonS3
age: 176114
etag: "0e94797ca9372b6afd2127e03396e0ca"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 38691
x-amz-cf-id: UUmzsW9evGA9viPQwmFAokBzsMzCafBRZ6ZYMM6gv7CmyK8U8oS1sA==

GET
H2 200 webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/ 2 KB
1 KB 41ms
10ms Script
text/javascript 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/webcomponents-loader/webcomponents-loader.2938a610ca02c611209b1a5ba2884385.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 01:56:11 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 15:26:22 GMT
server: AmazonS3
age: 324804
etag: "15a442be7d06ec40170c3c91ac824065"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 999
x-amz-cf-id: G8eDfWyQ-Fr14E6N1O0Z84Z58RVkNn_iAYf2lRBxEwyLhh7xpbBPUw==

GET
H2 200 All.min.5de75d891ac4e4ef0b04bf986fea5d9e.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/ 240 KB
73 KB 11ms
11ms Script
text/javascript 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/styles/style-1/All.min.5de75d891ac4e4ef0b04bf986fea5d9e.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8ff852a5d3e4a32d1526dd676c5f049c203441509a37599e3cc62f715a01d94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:14:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 19:14:04 GMT
server: AmazonS3
age: 176114
etag: "7bcffafad4cfcb20efeaefcd873e048f"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 74107
x-amz-cf-id: Y9MvDDsXZJrh7P_rnIYrmDtBVkMGbZoLeSLY3gxuW9Iewd41ivKcGQ==

GET
H2 200 htlbid.css
htlbid.com/v3/chicago.suntimes.com/ 6 KB
971 B 450ms
422ms Stylesheet
text/css 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.css
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 654aa3f06b93a8c75dbbeb10405f66dd37436936f8b0c813246ed92242007330

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:36 GMT
content-encoding: br
last-modified: Wed, 16 Mar 2022 20:27:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"5958bc1b7fd27a65ce48e5b1505a28b0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-id: qPDr9caqanGOIO91H4rEPhSPjaYCBUgWBVGJNp4Co8TUhXKNzGUt1A==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/chicago.suntimes.com/ 427 KB
94 KB 443ms
415ms Script
application/javascript 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e5614c3a53fbae652e5e3dd1279d9738282f8eed2455e11bc9a9271bdd2435a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:36 GMT
content-encoding: br
last-modified: Wed, 16 Mar 2022 20:27:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"9051e68b61301ec23fdce5d241d919ce"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-id: Yl2vSDZ73zahr3-Y-UJqsd4zaeDW7lBlw1Ti-W7uzPMaEVox5o54mQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 138ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a527e23aa18d001a16dbc6173bf73306b87e108f78784d9e100d900d2106d3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27821
x-xss-protection: 0
server: sffe
etag: "1162 / 432 of 1000 / last-modified: 1647601789"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Mar 2022 20:09:35 GMT

GET
H2 200 ctimes-logo.svg
cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ 3 KB
3 KB 11ms
10ms Image
image/svg+xml 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/a7/da/9a739da544a698cdb98e1b1c5f27/ctimes-logo.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:28:10 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:50:22 GMT
server: AmazonS3
age: 1482086
etag: "e87f670b52b097530289da1acb82568e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2576
x-amz-cf-id: HbkfgcGMWlkMOGbz-0U2q8Mt61J2EJGSV2ZEhiGjK0nIEklb_SzyKQ==

GET
H2 200 logo-mobile-cst.svg
cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/ 1 KB
2 KB 12ms
10ms Image
image/svg+xml 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/2f/bc/976721ca4c81bb02f455ad3f2b41/logo-mobile-cst.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:28:10 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:52:10 GMT
server: AmazonS3
age: 1482086
etag: "872e5a087c60467941e5d72da5703323"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1182
x-amz-cf-id: PncrbJ8T44rzhs_PPRYP3eFSLS0KhXaTUZ1y1UkW9KLE96flNI3IuA==

GET
H2 200 ctimes-logo-inverse.svg
cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ 3 KB
3 KB 12ms
10ms Image
image/svg+xml 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/79/58/a46f4fd64384aa7eee1395f1ba0f/ctimes-logo-inverse.svg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:28:11 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 13:51:15 GMT
server: AmazonS3
age: 1482085
etag: "adb236ef72a30b7d3eefd7c947693d02"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2862
x-amz-cf-id: P80L8h4eHjTDDQ7MAAw4awJjmR3labbZ7CdqjY1AhZuJpWVQ9iUr3A==

GET
H2 200 bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js Show response
cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/ 9 KB
3 KB 14ms
13ms Script
text/javascript 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:28:09 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 19:08:47 GMT
server: AmazonS3
age: 1482087
etag: "c066757a8992615b576ac565d39d182d"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3003
x-amz-cf-id: 5PAcSQ8jYFHUjr6xp1GiCNVS5id7OJvtguGvilGWmG4Gmt9AXxbHLg==

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 42ms
7ms Stylesheet
text/css 2a02:26f0:64::210:6a50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qzq4qkv&ht=tk&f=30813.30814.30816.30818.30834.31040.31047&a=12600432&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6a50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:34 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 47ms
18ms Script
application/javascript 2606:4700:3030::6815:5476
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1616
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6GF9X2QXHXXY8D11
x-amz-id-2: 5O7tddYa+V+783L7ADz9W+BSujIDYbfVCwlsu1GpCAs1FUgdZsfPq4faOWXHmUTdsNJW3YNOdT8=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNCpVqWcI%2Bh6z2%2Bj%2ByDPZGt8v6T90lr8tLgviY%2BkhW%2F93AU3lxWNFzw0QjcGgaMoShs52gqw75aR5s%2FAnEWVi1SasMxp0rQtrxvIX9Q94vMEK8J2b1hH%2FyaP1lZaYDvUSpA9SOlvrsKr%2FsXYzzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6ee09b5c4cc39153-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35ec7ee6863cfec8a4040d3b06e6fb910443e0917ac3e4b53c27c2b0a624d669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: g+kXpvZS0vLTwJCCLC1tZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: NkyCi2Ia0gtYHhbxcToCL1gHsEfUVAwC52aczDrasmHgR31OrjIiCJZ89kU16aOvNjW6Gg20TH2Mg1L9JfP3Hg==
x-fb-trip-id: 917726464
x-fb-content-md5: 7cbe505bbfbf30734deec72ef3e9dab0
x-frame-options: DENY
date: Fri, 18 Mar 2022 20:09:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "99be35651005dd46e947900b65b0c91a"
timing-allow-origin: *
expires: Fri, 18 Mar 2022 20:23:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 144ms
54ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

a527e23aa18d001a16dbc6173bf73306b87e108f78784d9e100d900d2106d3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27821
x-xss-protection: 0
server: sffe
etag: "1162 / 456 of 1000 / last-modified: 1647601789"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Mar 2022 20:09:35 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 48ms
10ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/chicago.suntimes.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 151
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 15Q7GQN3TZGYQZQDTHY5
date: Fri, 18 Mar 2022 20:07:16 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: z2eiDm8l6bLD-iFfW7IrDEMF1ux6GQxozGwudZr-1Or6hc00t8RLTw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
42 KB 59ms
26ms Script
application/javascript 2a00:1450:400e:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66cda1ac8d120509aa868b0a8db67bb780aa621dcf466312294730245f8e1599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42816
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 18:50:45 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Mar 2022 20:09:35 GMT

GET css
fonts.googleapis.com/ 0
0

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1526da8f25d1beb20238eb04e99aaf13e4a77c2b534d246229fb7eceadaeda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9870ca419f27bcbd23fe090d5d5727ec7b091466e9215ded321c58d67659d6d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 70ms
42ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6638a839866eeeba0f2fcf5dd964f3dec6a7b54be76052bf240ba3ef2b835895

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 1313
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Chnhy8rgA8V
wn: prod-exp-10-0-112-65
last-modified: Fri, 18 Mar 2022 19:47:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6ee09b5c7dda6934-FRA
expires: Fri, 18 Mar 2022 20:39:35 GMT

POST
H2 204 _track Show response
chicago.suntimes.com/ 0
247 B 377ms
377ms XHR
text/plain 143.204.98.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chicago.suntimes.com/_track

Requested by

Host: cst.brightspotcdn.com
URL: https://cst.brightspotcdn.com/resource/0000017d-118f-de14-a1fd-79ff8b670000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-105.fra50.r.cloudfront.net

Software

N/A /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://chicago.suntimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
server: N/A
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1iMfWd0ZRrgiqwZ37bMCCOQnqiGvP9I2q-z67Qmmgzk6-LSguepsaA==
strict-transport-security: max-age=31536000; includeSubdomains;
x-cache: Miss from cloudfront

GET
H2 200 l
use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/ 39 KB
39 KB 42ms
19ms Font
application/font-woff2 2a02:26f0:64::210:6a30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/738ece/00000000000000003b9b2cf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6a30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dc4d221c0a55d4986ad8bc0ecab574e7eb40db719a6030127615968ec27f4cb9

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
server: nginx
etag: "aa39c805f4650c65f41a1f8248d3d554b73f7ec9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39696

GET
H2 200 l
use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/ 38 KB
39 KB 43ms
21ms Font
application/font-woff2 2a02:26f0:64::210:6a30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/343e47/00000000000000003b9b2cf9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6a30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 53f3935b185e0bef573c305468c9386e77590db8182dff6837508803bb7abd83

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
server: nginx
etag: "9a0ddb2a9b3aa5e4eb0cc25f50e612d5ae59958a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39328

GET
H2 200 l
use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/ 39 KB
39 KB 34ms
12ms Font
application/font-woff2 2a02:26f0:64::210:6a30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/caca2a/00000000000000003b9b2d0c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6a30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
server: nginx
etag: "788f540305918e8b77e6fded33fe357dbe2b001f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39616

GET
H2 200 l
use.typekit.net/af/e4c172/00000000000000003b9ae796/27/ 28 KB
28 KB 40ms
17ms Font
application/font-woff2 2a02:26f0:64::210:6a30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e4c172/00000000000000003b9ae796/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6a30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 13ede502e0cbc1bc012baecd396efd9fff1f1c4ba00956cd33a3f93880515c89

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
server: nginx
etag: "d08cad0b472793519d07d009e36d665f81045768"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28448

GET
H2 200 l
use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/ 37 KB
37 KB 32ms
10ms Font
application/font-woff2 2a02:26f0:64::210:6a30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/49ef66/00000000000000003b9b2cfc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qzq4qkv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6a30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9

Request headers

Referer: https://use.typekit.net/qzq4qkv.css
Origin: https://chicago.suntimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
server: nginx
etag: "cea691f813baff9c459e093daf1ff69d154fedc0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37980

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ef0c396345d3977c47e2a06c81702396

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57633f557e7cad123f66d77a6549ac83a550d3cd60b716fa945e24f3ffdb5e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://chicago.suntimes.com/
Origin: https://chicago.suntimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jgrVkXUEyHk88tf+piuw/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84085
x-fb-rlafr: 0
x-fb-debug: MLgiwQ7CVuENVNC8ug/fRazHkSlLCSDBPjeWpkRT6Uf3ihogijWWw5gX69txb9MbQQDh6WHpPL+tEpGy20XiCw==
x-fb-content-md5: ffc74113ce60830cc7f6892b94ee0a32
x-frame-options: DENY
date: Fri, 18 Mar 2022 20:09:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "97d00fe10dc699b706069c50d1f514f1"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Mar 2023 18:27:02 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/7fb4a01/2147483647/strip/true/crop/5599x3699+0+17/resize/840x555!/format/webp/quality/90/ 48 KB
49 KB 15ms
14ms Image
image/webp 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/7fb4a01/2147483647/strip/true/crop/5599x3699+0+17/resize/840x555!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FtUOi3aW7rRzBqRqc74uXqBt76Ug%3D%2F0x0%3A5599x3733%2F5599x3733%2Ffilters%3Afocal%282800x1867%3A2801x1868%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F23327689%2Fmerlin_104584666.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: ba2cad508544e5da5fdc0806627ebc7378ccf4c52596e392547fcc5b0c480753

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 18:47:22 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: Apache
age: 4933
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
content-length: 49340
x-amz-cf-id: otMTcoh0lDxaQnatHsHL8c0B_j1TzCbE_VpM4qJr4FwZlnp8zpfxDA==
expires: Sat, 18 Mar 2023 18:47:22 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/b9e16d3/2147483647/strip/true/crop/1440x808+0+136/resize/490x275!/format/webp/quality/90/ 17 KB
17 KB 24ms
23ms Image
image/webp 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/b9e16d3/2147483647/strip/true/crop/1440x808+0+136/resize/490x275!/format/webp/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2F2MzMby1ThgqzNdndajH-NbKUEm4%3D%2F0x0%3A1440x1080%2F1440x1080%2Ffilters%3Afocal%28720x540%3A721x541%29%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F23323475%2FWATCHCUPICH.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 46c2b640f005944aaa03e03b99f4898c3adccfe01f85cfee88de5c3806fb8092

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 10:33:06 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: Apache
age: 34589
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
content-length: 17154
x-amz-cf-id: DxW1ZGjpiEV51BlXOX0N9WxKxKDz_Bw6x-luJtl5SoNGGwxikqZn7Q==
expires: Sat, 18 Mar 2023 10:33:06 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/3622215/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 11 KB
11 KB 24ms
23ms Image
image/jpeg 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/3622215/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FCHUJnk9jo9F7vc_qUMlKQ8gVZ-Y%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F194849%2F11-1_Stewart_Tyrone05_8..0.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: e1df7093f3e1c27551a47f5484ed052303c37f06e39114e90efe0a7a42a29ff8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 19:33:49 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: Apache
age: 88546
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
content-length: 10758
x-amz-cf-id: jZOx043pEmdHzEyh9iImzMb6-vrm4MTPiWtFMaqAEmxJE4EGhmAJKA==
expires: Fri, 17 Mar 2023 19:33:49 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/21b33aa/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 7 KB
7 KB 13ms
12ms Image
image/jpeg 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/21b33aa/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FHxDSjXywJasVyM10cfNcq13DPzo%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F192541%2FMark_Brown.0.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 58437dbb3b5fcc8128879b1c8c37ed2152615e5b7799466516d3d1e44a2afd54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 17:44:32 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: Apache
age: 613503
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
content-length: 6905
x-amz-cf-id: htpJH_QXeCfj0pw4Sqc5cnl58aro59Uvty0Owyzndh4_1y_V8pQi_w==
expires: Sat, 11 Mar 2023 17:44:32 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/b0b278c/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 7 KB
8 KB 18ms
17ms Image
image/jpeg 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/b0b278c/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2Ffx6ffxsqRKCr9WVk5SEiuN_CW1Q%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F192540%2FNeil_Steinberg.0.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 86fde260a0f61a358a031ad9dc81608230df4842cfb4364d9645febfbbc15e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:33:21 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: Apache
age: 365774
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
content-length: 7539
x-amz-cf-id: yyDaTTMUH-wDIP0GmnijfYhLFavzsx3DAhAXOKTRahUF094GHXrSqA==
expires: Tue, 14 Mar 2023 14:33:21 GMT

GET
H2 200 /
cst.brightspotcdn.com/dims4/default/0d65c5f/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/ 2 KB
2 KB 16ms
15ms Image
image/jpeg 143.204.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cst.brightspotcdn.com/dims4/default/0d65c5f/2147483647/strip/true/crop/512x512+0+0/resize/240x240!/quality/90/?url=https%3A%2F%2Fcdn.vox-cdn.com%2Fthumbor%2FVkmZ6trl2bM7BC_tPEIWoEnWQOc%3D%2F512x512%2Fcdn.vox-cdn.com%2Fauthor_profile_images%2F193033%2FEditorial_Board.0.jpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-10.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 69b10a19f0621a275fe4c7bec45f0b4d78bd465792d05eee54780443a620c78b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 15:49:17 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: Apache
age: 1311618
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
content-length: 1936
x-amz-cf-id: 3n4_r5dSZa1briwkhOEvzXiSPsn8memJqYKjLm6tH2nCcryvbBdfOQ==
expires: Fri, 03 Mar 2023 15:49:17 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 28ms
10ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 63993
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Fri, 18 Mar 2022 02:23:03 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tZZH3vpQRlswSNqIFLxJka3Cx92Y9u055v7Z7Heg-xcnfd7FvYXDXQ==

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 275 KB
80 KB 36ms
25ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=FV0czWAOfe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MPTEHVBQHY7YEXND
x-amz-id-2: dSdxceiKlBwc3bSjFAwZp9aTxkLAfUuwFytRa9QM2lVGfvCxEmXsCw0i6mobY8NTjan5uxD1Anw=
last-modified: Mon, 28 Feb 2022 15:07:54 GMT
server: cloudflare
etag: W/"d766e4371da10c3c8ec5fecc88497ef7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6ee09b5cfec56934-FRA
expires: Sat, 19 Mar 2022 00:09:35 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: It+3ZDK6XFoDjd8zeBMoMlbXlSRhSfTEaNc0raMxLctUoFbz/xFeEyjW6j22draFYlPwOAqKYp8ynHXxfdFoeQ==
x-frame-options: DENY
date: Fri, 18 Mar 2022 20:09:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 init-5464ro4xhfzswgo4m2d.js Show response
aamapi.com/api/ 1 B
180 B 519ms
170ms Script
text/javascript 2600:1f14:600:6e00:7e4f:fc0a:a5ab:e64f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aamapi.com/api/init-5464ro4xhfzswgo4m2d.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:600:6e00:7e4f:fc0a:a5ab:e64f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 20:09:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
server: openresty
content-encoding: gzip
expires: -1

GET
H3 200 146698685967099 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 99ms
98ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/146698685967099?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

421a9cfa098c6cb826aab6eb848e208fda60d60eab85d9343a116552b64b9f07

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Sny8e1KSe9FP4cUzCei9wF4EPVMS7DjR5l6xPSsS+HCD+jEkkTNhHudcUYcDAVac03VF/MH9VnHqx78A87t0eQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Mar 2022 20:09:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl_2022030901.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
121 KB 86ms
40ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 21:03:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123713
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 09:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 21:03:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 205 B
156 B 97ms
50ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=chicago.suntimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a5eba0a4d924d8a92d34cea38b54eed5e3c4c607cbe83486320e4723865fb1b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 18 Mar 2022 20:09:35 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
311 B 34ms
24ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=FV0czWAOfe

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e40cf2238a0dca0ade2757785f3493890aaffb1d8de1ffd181ef79d1ccd243

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 211
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C4iiy8rcuBf
pragma
wn: prod-dash-10-0-89-195
last-modified: Fri, 18 Mar 2022 20:06:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.006
cache-control: public, max-age=1200
cf-ray: 6ee09b5d7f8e6934-FRA
expires: Fri, 18 Mar 2022 20:29:35 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 53ms
16ms Script
application/x-javascript 2a02:26f0:c400:294::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c400:294::268b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 20:09:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 15:01:18 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5939
Expires: Fri, 18 Mar 2022 21:09:35 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 4 KB
2 KB 193ms
152ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=FV0czWAOfe

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2bbb9bb201736df6ecb1d96d1861a7d3c7250806b2615802d3ff897ebdf70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://chicago.suntimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: z2e4ecpx33
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6ee09b5dcfe59207-FRA

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 64 KB
22 KB 18ms
18ms Script
application/x-javascript 2a02:26f0:c400:294::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c400:294::268b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bc953ed26d3561382cbb7b7a663a81cddce4079dc6bd4dceaeb6ad398e32e629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 20:09:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Mar 2022 13:04:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21917
Expires: Fri, 18 Mar 2022 21:09:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146698685967099&ev=PageView&dl=https%3A%2F%2Fchicago.suntimes.com%2F&rl=&if=false&ts=1647634175673&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1647634175671.560184884&it=1647634175547&coo=false&rqm=GET

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 18 Mar 2022 20:09:35 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 281E 684 B
749 B 16ms
16ms Document
text/html 2a02:26f0:c400:294::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c400:294::268b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/

Response headers

Accept-Ranges: bytes
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Content-Length: 379
Cache-Control: max-age=864000
Expires: Mon, 28 Mar 2022 20:09:35 GMT
Date: Fri, 18 Mar 2022 20:09:35 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 281E 64 KB
22 KB 19ms
18ms Script
application/x-javascript 2a02:26f0:c400:294::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c400:294::268b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bc953ed26d3561382cbb7b7a663a81cddce4079dc6bd4dceaeb6ad398e32e629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 20:09:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Mar 2022 13:04:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21917
Expires: Fri, 18 Mar 2022 21:09:35 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 281E 46 B
635 B 57ms
14ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 252e92bf812b03e9037a450e41c6c3934f14ddece055cbad3a5680613aa168ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
last-modified: Sat, 18 Sep 2021 20:09:35 GMT
server: Jetty(9.4.28.v20200408)
etag: 345dn1rnyrrb3jdzjqh22k614
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 46
expires: Sat, 18 Mar 2023 20:09:35 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 281E 43 B
468 B 46ms
16ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.3.2&typ=pgv&rnd=l0wuuiccqxraznzg&sid=1148697685424599205&loc=https%3A%2F%2Fchicago.suntimes.com%2F&new=1&arf=0&ltm=1647634175679&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l0wuuiifyhdm4b2h&ckp=l0wuuic9jjx2rff0&glb=&cp_userState=anon&cst=345dn1rnyrrb3jdzjqh22k614
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:35 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 117 B
689 B 48ms
19ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l0wuuic9jjx2rff0%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22345dn1rnyrrb3jdzjqh22k614%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22345dn1rnyrrb3jdzjqh22k614%22%7D%5D%2C%22siteId%22%3A%221148697685424599205%22%2C%22location%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2F%22%7D&callback=cXJsonpCBl0wuuilydfxx1hyi

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

012153f96290f6ad56a4f01535c9196809cbf622463e5e48723347b140030a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 20:09:35 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 117
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRHXFPN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2086
date: Fri, 18 Mar 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Mar 2022 21:34:50 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 63ms
8ms Script
application/x-javascript 2600:9000:2156:6400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 18:27:46 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 04:16:12 GMT
server: nginx
age: 6110
etag: W/"62297b8c-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KcpmN9tmTsLE7yI23gfzPyCPuzVTU8rUFGKSKGWdf2pc8KjxnkdVjA==
expires: Fri, 18 Mar 2022 20:27:46 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 307ms
100ms Image
image/gif 54.197.34.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicago.suntimes.com&p=%2F&u=T-36kD8ZU6TB8NR0v&d=chicago.suntimes.com&g=38241&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10159&o=1701&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1290&t=D4CGgkDeU-fUluRm6BhtGBVCk3mZ9&V=129&i=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&tz=0&sn=1&sv=CJXOUFBcI0Qy03Jq5Dg_pWjdcsP&sd=1&im=067b07ff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.34.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-34-221.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 20:09:36 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146698685967099&ev=Microdata&dl=https%3A%2F%2Fchicago.suntimes.com%2F&rl=&if=false&ts=1647634176176&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2F%22%2C%22og%3Asite_name%22%3A%22Chicago%20Sun-Times%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22url%22%3A%22https%3A%2F%2Fchicago.suntimes.com%2F%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Chicago%20Sun-Times%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fcst.brightspotcdn.com%2Fa7%2Fda%2F9a739da544a698cdb98e1b1c5f27%2Fctimes-logo.svg%22%7D%7D%2C%22name%22%3A%22Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment%22%7D%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1647634175671.560184884&it=1647634175547&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 18 Mar 2022 20:09:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
46ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1848716691&t=pageview&_s=1&dl=https%3A%2F%2Fchicago.suntimes.com%2F&ul=en-us&de=UTF-8&dt=Chicago%20Sun-Times%3A%20Chicago%20news%2C%20sports%2C%20politics%2C%20entertainment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2140602311&gjid=722003061&cid=1605341630.1647634176&tid=UA-52083976-1&_gid=2072033788.1647634176&_r=1&gtm=2wg3e0PRHXFPN&cd1=0000017e-e975-d1e5-a1fe-ed756f1d0000&cd2=home_page&cd6=0&cd11=chicago.suntimes.com&cd12=chicago.suntimes.com&z=1030760065

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 20:09:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52083976-1&cid=1605341630.1647634176&jid=2140602311&gjid=722003061&_gid=2072033788.1647634176&_u=YEBAAEAAAAAAAC~&z=1794490236

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chicago.suntimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Mar 2022 20:09:36 GMT
content-type: text/plain
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 166ms
83ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52083976-1&cid=1605341630.1647634176&jid=2140602311&_u=YEBAAEAAAAAAAC~&z=1096238849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 20:09:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 168ms
84ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52083976-1&cid=1605341630.1647634176&jid=2140602311&_u=YEBAAEAAAAAAAC~&z=1096238849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 20:09:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 133ms
49ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=chicago.suntimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 20:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 52ms
21ms Script
application/javascript 2a00:1450:400e:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=chicago.suntimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 20:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 862 B
264 B 150ms
150ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3900097657052842&correlator=3334558618142497&eid=31065681%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&iu_parts=61924087%2Csuntimes%2Cchicago.suntimes.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C2x2&ifi=1&adks=2911765573%2C618710011&sfv=1-0-38&ecs=20220318&ists=2&fsapi=false&prev_scp=position%3Dout-of-page%7Cposition%3Dreskin&eri=1&cust_params=htlbidid%3D8666%26is_testing%3Dno%26is_home%3Dyes%26category%3DHome%26post_id%3D0000017e-e975-d1e5-a1fe-ed756f1d0000%26entry_group%3D%26entry_id%3D%26entry_type%3D%26page_type%3Dhome_page%26hub_pages%3D%26keywords%3D&sc=1&cookie_enabled=1&abxe=1&dt=1647634176409&lmt=1647634176&dlt=1647634174852&idt=893&biw=1600&bih=1200&oid=2&adxs=0%2C799&adys=465%2C465&ucis=1%7C2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fchicago.suntimes.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1600x0&msz=1600x0%7C1600x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=1605341630.1647634176&ga_sid=1647634176&ga_hid=1848716691&ga_fc=true&btvi=0%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

89c8368b660c983dbf9bcc7042e371c221d927c9e062dfa5942486799172814e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 142ms
54ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49ed43e87d77b19a64ba6d75b39777638e8c450312670da2ff7e734c37423843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 20:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10581
x-xss-protection: 0

GET
H2 200 container.html Show response
3c6a512c1240e39cacbb652d7c829d05.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6797 6 KB
4 KB 146ms
46ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3c6a512c1240e39cacbb652d7c829d05.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 18 Mar 2022 20:09:36 GMT
expires: Sat, 18 Mar 2023 20:09:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
747 B 25ms
25ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fchicago.suntimes.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 16:39:49 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
server: Server
age: 12587
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 385
x-amz-cf-id: 9kxNzzjdC__EPyjzoRjJ3hDdPD8YOJIsTxN2CVOj52GlpjWNLgeF9w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 50ms
50ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fchicago.suntimes.com%2F&pid=RDdyW7zb5ME6S&cb=0&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F61924087%2Fsuntimes%2Fchicago.suntimes.com%2Ffront_page%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1000000560%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:36 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: E0YHHT3JWA0JQMCNZZ35
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3QhF_w-NPzKq79_eu4Da9xQPIDgBBnA5xU4vYV0Qr1wTrDm9Q1cOaQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 46ms
9ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Fri, 18 Mar 2022 19:19:53 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 11181
x-request-id: 427000015

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 423ms
112ms Image
image/png 52.217.42.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=feb6b46121fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.42.12 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 20:09:37 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: MBWH5PTV6XC7EBWY
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: Op0Atgz6MNYR+Q5n8YMmitG3oDTwXDV+4wiYtwmO8nq25u1N8cdDg9TNc6zsppEADzKxuzzCYVk=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 361ms
361ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3900097657052842&correlator=115194360474448&eid=31065681%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&iu_parts=61924087%2Csuntimes%2Cchicago.suntimes.com%2Cfront_page&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C1020x90%7C970x250&ifi=3&adks=1766363990&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=position%3Ddesktop_leaderboard_variable%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=htlbidid%3D8666%26is_testing%3Dno%26is_home%3Dyes%26category%3DHome%26post_id%3D0000017e-e975-d1e5-a1fe-ed756f1d0000%26entry_group%3D%26entry_id%3D%26entry_type%3D%26page_type%3Dhome_page%26hub_pages%3D%26keywords%3D&sc=1&cookie_enabled=1&abxe=1&dt=1647634176487&lmt=1647634176&dlt=1647634174852&idt=893&biw=1600&bih=1200&oid=2&adxs=436&adys=340&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fchicago.suntimes.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=4&ohw=1600&ga_vid=1605341630.1647634176&ga_sid=1647634176&ga_hid=1848716691&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

2adc62b99817840de8d7a6c90ccda0adc94ad064d0002838e513f18fcf28e6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11166
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://chicago.suntimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 517.json Show response
id5-sync.com/g/v2/ 213 B
538 B 40ms
10ms XHR
application/json 141.95.3.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/517.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.10 , France, ASN16276 (OVH, FR),

Reverse DNS

p31.id5-sync.com

Software

Resource Hash

2d3a8c2365bdd6f49b7aec738690aee80bee088a4b984a5537c1c9379c7ef29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://chicago.suntimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://chicago.suntimes.com
Date: Fri, 18 Mar 2022 20:09:36 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 144ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 20:09:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1376 13 KB
5 KB 89ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 18:25:05 GMT
expires: Sat, 18 Mar 2023 18:25:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 6271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B665 783 B
532 B 97ms
48ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8548758fc3f7db7f990a4f7fa72cf8fa1a531ae1c4c7bce5f6849ceceef89500

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lfpftclBOvbCT1nLJPnbZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 18 Mar 2022 20:09:36 GMT
date: Fri, 18 Mar 2022 20:09:36 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lfpftclBOvbCT1nLJPnbZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202142035000/ Frame 83C5 220 KB
61 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61563
x-xss-protection: 0
server: sffe
date: Wed, 16 Mar 2022 18:30:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "74cdf3878bfbef53"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Mar 2023 18:30:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 83C5 16 KB
6 KB 189ms
106ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Wed, 16 Mar 2022 18:30:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Mar 2023 18:30:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 83C5 96 KB
29 KB 191ms
109ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Wed, 16 Mar 2022 18:30:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Mar 2023 18:30:00 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 83C5 5 KB
2 KB 211ms
129ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Wed, 16 Mar 2022 18:30:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Mar 2023 18:30:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 83C5 42 KB
13 KB 212ms
130ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 178776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Wed, 16 Mar 2022 18:30:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Mar 2023 18:30:00 GMT

GET
DATA 200
OK truncated
/ Frame 83C5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68d8252b5d9df3b126b62079bfaaee56217727e2940c9210422870aaa74ab2ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16573218586764616172
tpc.googlesyndication.com/daca_images/simgad/ Frame 83C5 87 KB
87 KB 42ms
41ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16573218586764616172

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d02fe4ba3bf46f5a1ebaead72816d9611ae5c78d41a16e43677563f2fd4bb17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 10:50:17 GMT
x-content-type-options: nosniff
age: 119959
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89160
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 23:01:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 10:50:17 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 83C5 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 37678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Mar 2022 09:41:38 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 83C5 295 B
319 B 40ms
39ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 36991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Mar 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 83C5 0
0 50ms
49ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoZ4gUl8I9fXTRQdGabZLQwTdSTh9ZB1Wn--XUqEGJQEGkGFaFYhwrXOGS4M-LvOFpRpaK5THiyWD6kk4hNQUhxSVSpg
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 83C5 0
0 90ms
90ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxQ5tAOc0YrzTIOuR7_UP5pynyAWpqrqHadKoupDwD9zZHhABIOT28xxgleKQgqAHoAGbiNGfA8gBAqkCRKfDEOyAsj7gAgCoAwHIAwiqBIkCT9DlQRuVX2ZxdYPxTEEKlhZg5efjl-NsGI1GgepupnQWXYxm8Zof_PrclyTwQoPmD7VT19Ez_E6oVBkPa6FxW5q2T-03DBiPQ-i1aU_hMlT11SpF93bBVVjSY5cim4z7DlFRpTbTCZ-qwf4o8cDlFIsZoMrVl2byEcKqx8g7MRCIsyPF3JKbAA60fyxnWolMzof0rn3lAdEvMd_2jyu8653DdcTv1JTctzyXG7ElOsY6DsU_OYcFG-gQfiF89WvAsMGi4A74V2h1uOrBzCCLIAcuhhtw1eCKFpNjJId3jYRKkBZ7qfT64T60RlMsv5AHk6UudiQCpZ8j_y5s1DfsCVcNzrW2wmJo-sAE69zhq_cD4AQBkgUECAQYAZIFBAgFGASgBgKAB833rmCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDylWLSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTkwNTk0ODEwMzYxNTEyNxjn5hE&sigh=YOK5gKvf8Tw&uach_m=[UACH]
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B665 0
0 138ms
93ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030901&jk=3900097657052842&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1376 36 KB
14 KB 81ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 18:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 18:23:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1376 0
9 B 40ms
39ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Jp29Yg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 83C5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

229ms
141ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: chicago.suntimes.com
URL: https://chicago.suntimes.com/
Protocol: H2
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Mar 2022 20:09:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030901&jk=3900097657052842&bg=!PD-lP3vNAAba2mK92to7ACkAdvg8WjowIXRnzpLw0xTzdw8PCNGCcGCg_ZqtR9Ne6YKJC6f8gArLFwIAAABzUgAAAARoAQcKADWIBlUExV50lCq9c1e5kVDAyq9UsjjhtLcsXAUBUWrErmo8Qvdl0PBbLyd5EiMm4C9Gx11wPZkC0vhYMNoMZAfdcXMtjySY1ak7Sk0xVF36kVGYOQGEcD2GPLuJhuH06ihWlPpwiyLbdR7bPBwILxm4NiX__UQ7Q9LtvFUgNYGdnBVZjlRC1-ZxnqhJFf8UAX9mCU4pLK7v4mO4LdzWY_36c3p-3QqaGR4RPjOvDjyh4We7brkUI-ZCO_FJnRpoGmCPSWD9kQe9J7JyjBmId52pyFpi-Db2FMkxyyGbG5u3x1uKZg4B4UOTYty0fJTrRvNxPk0Y6jW1kpJ54BdqbzSXFoiyjb5pIpaNgcCj2OMpPojaX9Xa4vN5-KyePlmPN2CHWy92LqImUT9r_MJgyaMXnTGJjKIGgiTfj8DQwiU3eliCUnvbREbxo7n0GlwvYUv0RAMcxffSkxiNgqZm8k6abDeqHCGb-qMJWwrRzaL6nSaTgRvLGa1nF-QMkANgwxDPZPuMoRu2XwK95q9u9w_19Pxp4bsdHHqukZZr6WyzRhbx_6pMivm2KmhIKF8qdFX7WUhSsZSnIxuBMvGqhffDG-LKe3Omc-so1ISHF1LA5-SqKY5J27w-8yIec-ZP-jUb3VBaaEoZb7jclhA4H4lpA-JPGO1t_pEAsCGiKminxjFtiDgyeKfkhCL7Xv_a-QoZ7qLl7L9JX3dgm9UyboU01nSsuWL62CU-plAoG2C--zoPf6FSPeS7ODeGpjIBBn6kERMgq69FOCzWceYyXFc-74jSYzpD1iJD5IDye4DpA1osbzHHBGXpYmvgZ0dM6mv8bsUryp725FHmLvVd5H5CcQLZkuSwc3auq0J-nj6zxhDsg2lq1_ZuIRldCZZxV8W2HwVfNuSVc0PwP88gkG-vXZjhgpweGsbmgKPUPTSQZ1DJN5RrlR7qqmHTkAdzwfj2OqccMy86XFnX4WcsRdtL0PMNa43E616syEfFMEb0i77BtZ8FF52pqX7vuN1R_rdF3q8ngqFBuUR7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 20:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 83C5 42 B
64 B 78ms
78ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvag-U2h3RLvixy-556Sk0l9hvWHJ0tWZgTHMzhjojOpRyVzueS9L5GB9Wqme0Em7l4dR1yByUOhFtmW3GEZzfTpTFxqmSesLy3gZQ6dsit4sik8pB1bQ&sai=AMfl-YQR6wLnpI7blmL4fZw8J1LleqZzIPzQMmTO6zzcRfVhg50FnRiVvN_v-XPdHRdopDw7rFZRPx0iVenoGL1KcZVhZaOvvNW58U7viuS11puovn7UNdt4WVX69nSpbG0&sig=Cg0ArKJSzEySMpH3BJxMEAE&id=ampim&o=315,215&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=281&tls=1282&g=99.94999766349792&h=99.94999766349792&tt=1282&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 20:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 55ms
45ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 33107
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 10:21:29 GMT
server: cloudflare
etag: W/"1bbec-17f97658c28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6ee09b7cbf6c9207-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 18 Mar 2023 20:09:40 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 50ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1b

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chicago.suntimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 20:09:40 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e55"
vary: Accept-Encoding
x-hw: 1647634180.dop236.am5.t,1647634180.cds281.am5.hn,1647634180.cds304.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H3 200 19 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 459 B
898 B 192ms
171ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=l0wuuic9jjx2rff0&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdca3ba398750c30d58c5b5c5843db923f9ea9e58b426bb991b1ceaa8262ceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://chicago.suntimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 18 Mar 2022 20:09:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"1cb-713dFQCBgFqcCShfiU0P9MtI9SY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-credentials: true
cf-ray: 6ee09b7fbc709be8-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 19
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 331ms
132ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/19?email=&visitor=l0wuuic9jjx2rff0&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://chicago.suntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 20:09:41 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ee09b7ecff99a0c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 40
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 121ms
121ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2F&visitor=l0wuuic9jjx2rff0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://chicago.suntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 20:09:41 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ee09b80db499a0c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 40 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
641 B 128ms
128ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2Fchicago.suntimes.com%2F&visitor=l0wuuic9jjx2rff0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

659db7bbcab00d315a75adac71720e1ad58b86ba395d7d28e87d857bc5a63462

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://chicago.suntimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 18 Mar 2022 20:09:41 GMT
content-encoding: gzip
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-H+iI2ISg0TG+u6oO9RwF6iUPl20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://chicago.suntimes.com
access-control-allow-credentials: true
cf-ray: 6ee09b8198db9be8-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET gaAccount
buy.tinypass.com/api/v3/anon/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=benton-sans:300,400,700|benton-sans-compressed:300,400,700

Domain: buy.tinypass.com
URL: https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=FV0czWAOfe&tbc=%7Bkpex%7D7rnfOQrGIolHmhkYfqZVre0RK2WDiJVNHygJuXi3RWqIkMDo3a-9KJcK90RJDo3k&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp4037

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.suntimes.com/	1970-01-20 03:50:10	Name: _fbp Value: fb.1.1647634175671.560184884
chicago.suntimes.com/	1970-01-20 01:40:34	Name: __adblocker Value: false
.piano.io/	1970-01-20 01:40:35	Name: __cf_bm Value: dlWBirPysO8cTAnQUAbMPMAM.bkCMdIyQSq1eKZ_9lU-1647634175-0-AS8XEce1se/dtyqWf75l+qHwpkRoFyIzFV0EYX/LEkACCyTH6cbQbMpxc1zehhMZ7Vozu6xFC7/a/nkoK01Qfbc=
.suntimes.com/	1970-01-20 19:11:46	Name: __tbc Value: %7Bkpex%7D7rnfOQrGIolHmhkYfqZVre0RK2WDiJVNHygJuXi3RWqIkMDo3a-9KJcK90RJDo3k
.suntimes.com/	1970-01-20 19:11:46	Name: cX_P Value: l0wuuic9jjx2rff0
.suntimes.com/	1970-01-20 02:23:46	Name: __pat Value: -18000000
.suntimes.com/	1970-01-20 01:42:00	Name: __pvi Value: %7B%22id%22%3A%22v-l0wuuicdxg9ng458%22%2C%22domain%22%3A%22.suntimes.com%22%2C%22time%22%3A1647634175796%7D
.suntimes.com/	1970-01-20 19:11:46	Name: xbc Value: %7Bkpex%7DdbwGZqqH90hQGo3xZdfU7cyz6oHIKh0LWd8fdnmhFVTevcbF5fTcSVXs1yJ1xrRaOemHShON91pPf20HSgL7XDAhHel4bIv6jdIBxetPtDi0Mx1n8pkl8NO45xKEPfsHqS_ZYPKvF4LEDGBMeOH7qlQ0Mz34SmrCc2KmVPUAykvVmym-iXeNicC6X5Om9tnkJcGJRx5N3d7C7jkyOyEUh1UTJl-yUDRQXu__DUhwX2dxsbcZNh7gTilyme5XfLVp9B8xWG3OhmDmXP9_nUwBemu8MNh6cnaM9Mcyt_xytlJBt2wY8aGLovwAy2mWxtANP3ZxtfXxfLR215GAimAqcZQ1HXPHK12AlAOJJYhGayGxUYQk3VpYkdzz-u5qibpL
.suntimes.com/	1969-12-31 23:59:59	Name: cX_S Value: l0wuuiifyhdm4b2h
.cxense.com/	1970-01-20 10:26:10	Name: gckp Value: odovcxkn664n2c8nb6w8p4vkc
.suntimes.com/	1970-01-20 10:26:10	Name: cX_G Value: cx%3A27p5a6pqo3woe1lm88juv8bcwb%3A7p5m3jvc70hv
chicago.suntimes.com/	1970-01-20 11:09:22	Name: _cb_ls Value: 1
chicago.suntimes.com/	1970-01-20 11:09:22	Name: _cb Value: T-36kD8ZU6TB8NR0v
chicago.suntimes.com/	1970-01-20 11:09:22	Name: _chartbeat2 Value: .1647634176119.1647634176119.1.CJXOUFBcI0Qy03Jq5Dg_pWjdcsP.1
chicago.suntimes.com/	1970-01-20 01:40:35	Name: _cb_svref Value: null
.suntimes.com/	1970-01-20 19:11:46	Name: _ga Value: GA1.2.1605341630.1647634176
.suntimes.com/	1970-01-20 01:42:00	Name: _gid Value: GA1.2.2072033788.1647634176
.suntimes.com/	1970-01-20 01:40:34	Name: _gat_UA-52083976-1 Value: 1
.suntimes.com/	1970-01-20 11:02:10	Name: __gads Value: ID=70a8288dd1370cf5-2244cdc960cd0020:T=1647634176:S=ALNI_MY70jySjJPCT6HPcg_gWCgGQOLk0w
.doubleclick.net/	1970-01-20 11:02:10	Name: IDE Value: AHWqTUlNm8-L8Q0D36KH9NwPnngl5PQ9k3-YGqtlxjibFbKcdQ4tMcYpGkoz8RtfinQ
.doubleclick.net/	1970-01-20 01:40:37	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://chicago.suntimes.com/ Message: Access to CSS stylesheet at 'https://fonts.googleapis.com/css?family=benton-sans:300,400,700\|benton-sans-compressed:300,400,700' from origin 'https://chicago.suntimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fonts.googleapis.com/css?family=benton-sans:300,400,700\|benton-sans-compressed:300,400,700 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c6a512c1240e39cacbb652d7c829d05.safeframe.googlesyndication.com
aamapi.com
adservice.google.com
adservice.google.de
ams-pageview-public.s3.amazonaws.com
api-esp.piano.io
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cdn.ampproject.org
cdn.cxense.com
cdn.id5-sync.com
cdn.tinypass.com
chicago.suntimes.com
code.jquery.com
comcluster.cxense.com
connect.facebook.net
cst.brightspotcdn.com
experience.tinypass.com
fonts.googleapis.com
googleads.g.doubleclick.net
htlbid.com
id.cxense.com
id5-sync.com
p.typekit.net
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
buy.tinypass.com
fonts.googleapis.com
141.95.3.10
142.250.74.194
143.204.95.188
143.204.98.10
143.204.98.105
143.204.98.58
147.75.83.64
2001:4de0:ac18::1:a:1b
2600:1f14:600:6e00:7e4f:fc0a:a5ab:e64f
2600:9000:2156:6400:18:1fcd:34f:cdc1
2606:4700:3030::6815:5476
2606:4700::6810:f015
2606:4700::6811:b7b1
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:829::2002
2a00:1450:400c:c00::9a
2a00:1450:400e:801::2008
2a00:1450:400e:80d::2002
2a02:26f0:64::210:6a30
2a02:26f0:64::210:6a50
2a02:26f0:c400:294::268b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
46.105.202.126
52.217.42.12
54.197.34.221
012153f96290f6ad56a4f01535c9196809cbf622463e5e48723347b140030a80
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115477714be5f0ea5db631ff0847be4067f241fb242f6eb42c5bbc17a84c76b3
13cf20ab39f2ee3b1029137d2f0bc18158f3414cc77af987c091aa6b2438b769
13ede502e0cbc1bc012baecd396efd9fff1f1c4ba00956cd33a3f93880515c89
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
23fe9e22a1f36c44706ac4a72bddd198912c40ea01b435a01f0c75f7dca91400
252e92bf812b03e9037a450e41c6c3934f14ddece055cbad3a5680613aa168ba
2adc62b99817840de8d7a6c90ccda0adc94ad064d0002838e513f18fcf28e6a3
2d3a8c2365bdd6f49b7aec738690aee80bee088a4b984a5537c1c9379c7ef29d
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
351ba2ac20d28ffadb1115a6dd19d3a789cbd9d30d88630ca6d0a9a7fa6122d9
35ec7ee6863cfec8a4040d3b06e6fb910443e0917ac3e4b53c27c2b0a624d669
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3edf91da613c8923fba6f8736a9fa35e0bfd674a09c08244dec988e464210756
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
421a9cfa098c6cb826aab6eb848e208fda60d60eab85d9343a116552b64b9f07
43e51006c4970e7148d2b95e8891b7a6356cae15fb3830ae9d6e157bf98074ee
46c2b640f005944aaa03e03b99f4898c3adccfe01f85cfee88de5c3806fb8092
49ed43e87d77b19a64ba6d75b39777638e8c450312670da2ff7e734c37423843
4ad12603989e23ddf239f228255bcffc77fb8e9503829993b6d01c80cddd8d3f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e40cf2238a0dca0ade2757785f3493890aaffb1d8de1ffd181ef79d1ccd243
53223cc800efd65753dec3ab9c1099a86c6eb0f37a044c45e64b4cd8469a5181
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
53f3935b185e0bef573c305468c9386e77590db8182dff6837508803bb7abd83
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57633f557e7cad123f66d77a6549ac83a550d3cd60b716fa945e24f3ffdb5e2e
58437dbb3b5fcc8128879b1c8c37ed2152615e5b7799466516d3d1e44a2afd54
59a99eb7476f4aeee3d61df8e36e008d9da2847bfdd00d8a2c6b07b078298097
5d02fe4ba3bf46f5a1ebaead72816d9611ae5c78d41a16e43677563f2fd4bb17
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
654aa3f06b93a8c75dbbeb10405f66dd37436936f8b0c813246ed92242007330
659db7bbcab00d315a75adac71720e1ad58b86ba395d7d28e87d857bc5a63462
6638a839866eeeba0f2fcf5dd964f3dec6a7b54be76052bf240ba3ef2b835895
66cda1ac8d120509aa868b0a8db67bb780aa621dcf466312294730245f8e1599
68d8252b5d9df3b126b62079bfaaee56217727e2940c9210422870aaa74ab2ea
69b10a19f0621a275fe4c7bec45f0b4d78bd465792d05eee54780443a620c78b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8548758fc3f7db7f990a4f7fa72cf8fa1a531ae1c4c7bce5f6849ceceef89500
86fde260a0f61a358a031ad9dc81608230df4842cfb4364d9645febfbbc15e3c
89c8368b660c983dbf9bcc7042e371c221d927c9e062dfa5942486799172814e
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8e1526da8f25d1beb20238eb04e99aaf13e4a77c2b534d246229fb7eceadaeda
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
9870ca419f27bcbd23fe090d5d5727ec7b091466e9215ded321c58d67659d6d8
99eae70473ab18cc09d6bf979d967fd959f45f36e40447f22f603232e5a073e6
9e5614c3a53fbae652e5e3dd1279d9738282f8eed2455e11bc9a9271bdd2435a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b4c733d93929cbd2a66b012265928653e4c75a9abaf06bfec93c85dfeb83a8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a527e23aa18d001a16dbc6173bf73306b87e108f78784d9e100d900d2106d3aa
a5eba0a4d924d8a92d34cea38b54eed5e3c4c607cbe83486320e4723865fb1b5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
ba2cad508544e5da5fdc0806627ebc7378ccf4c52596e392547fcc5b0c480753
bc953ed26d3561382cbb7b7a663a81cddce4079dc6bd4dceaeb6ad398e32e629
c2bbb9bb201736df6ecb1d96d1861a7d3c7250806b2615802d3ff897ebdf70e6
c8ff852a5d3e4a32d1526dd676c5f049c203441509a37599e3cc62f715a01d94
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc4d221c0a55d4986ad8bc0ecab574e7eb40db719a6030127615968ec27f4cb9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94
e1df7093f3e1c27551a47f5484ed052303c37f06e39114e90efe0a7a42a29ff8
e36283e91b2af53f7a9179ead0d3bfbc41d37af9ceb3724a7159bb94578fe372
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e524d44843e7d1c9ec644402f6d3c2b74655676f373b5c1338807c11afc2325e
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdca3ba398750c30d58c5b5c5843db923f9ea9e58b426bb991b1ceaa8262ceeb

chicago.suntimes.com Open in urlscan Pro 143.204.98.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

97 %HTTPS

71 %IPv6

26 Domains

40 Subdomains

35 IPs

6 Countries

1491 kBTransfer

4415 kBSize

21 Cookies

20 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chicago.suntimes.com Open in urlscan Pro
143.204.98.105 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

97 %
HTTPS

71 %
IPv6

26
Domains

40
Subdomains

35
IPs

6
Countries

1491 kB
Transfer

4415 kB
Size

21
Cookies

95 HTTP transactions
5 data transactions