tucson.com Open in urlscan Pro
192.104.182.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.azstarnet.com//sn//harrypotter//
Effective URL:
https://tucson.com/r/sn/harrypotter/
Submission: On June 27 via api (June 27th 2024, 7:42:04 am UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 57 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is tucson.com. The Cisco Umbrella rank of the primary domain is 361568.
TLS certificate: Issued by GTS CA 1P5 on May 18th 2024. Valid for: 3 months.

This is the only time tucson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
20	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:266... 2600:9000:266e:6a00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	18.66.147.69 18.66.147.69	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:266... 2600:9000:266e:8400:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.245.31.78 18.245.31.78	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
57	14

10 192.104.182.109 (United States) 2 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

www.azstarnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tucson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:266e:6a00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:8400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-78.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 25139	311 KB
9	tucson.com 1 redirects tucson.com — Cisco Umbrella Rank: 361568 user.tucson.com Failed	62 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	589 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5804	122 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 3243	81 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
2	gstatic.com www.gstatic.com	13 KB
1	google.de ampcid.google.de — Cisco Umbrella Rank: 123811	364 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 3407	435 B
1	azstarnet.com 1 redirects www.azstarnet.com	107 B
57	10

	Domain	Requested by
20	bloximages.chicago2.vip.townnews.com	tucson.com
9	tucson.com	1 redirects tucson.com
6	www.googletagmanager.com	tucson.com cmp.osano.com
5	cmp.osano.com	tucson.com cmp.osano.com
3	tagan.adlightning.com	tucson.com cmp.osano.com
2	www.gstatic.com	tucson.com
1	ampcid.google.de	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	www.google-analytics.com	cmp.osano.com
1	www.azstarnet.com	1 redirects
0	user.tucson.com Failed	cmp.osano.com
57	12

This site contains links to these domains. Also see Links.

Domain
login.tucson.com
tucne.ws
account.tucson.com
user.tucson.com
arizonadailystar.az.newsmemory.com
circulars.tucson.com
www.legacy.com
speedway.tucson.com
community.tucson.com
www.stringr.com
www.instagram.com
store.tucson.com
tucsonfestivalofbooks.org
tucson.gannettclassifieds.com
lee.net
www.gannett.com
marketing.tucson.com
subscribe.tucson.com
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
tucson.com GTS CA 1P5	`2024-05-18` - `2024-08-16`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://tucson.com/r/sn/harrypotter/
Frame ID: BFF694D9A2DA9EE40005C274AC1D2E84
Requests: 52 HTTP requests in this frame

Frame: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Frame ID: 06E29825D65D3119A9835784F4048D98
Requests: 3 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 0CD297DAFE3FA3A7684274E2C69EB4CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

R | tucson.com

Page URL History Show full URLs

http://www.azstarnet.com//sn//harrypotter// HTTP 307
https://www.azstarnet.com//sn//harrypotter// HTTP 301
http://tucson.com/sn/harrypotter/ HTTP 307
https://tucson.com/sn/harrypotter/ HTTP 301
https://tucson.com/r/sn/harrypotter/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

84 %
HTTPS

62 %
IPv6

10
Domains

12
Subdomains

14
IPs

3
Countries

1198 kB
Transfer

3843 kB
Size

1
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://login.tucson.com/PTUC-GUP/authenticate/?success-url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F&cancel-url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Title: Sign in

Search URL Search Domain Scan URL

URL: http://tucne.ws/subnow
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://account.tucson.com/
Title: Manage account

Search URL Search Domain Scan URL

URL: https://user.tucson.com/PTUC-GUP/user/logout/?success-url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F&cancel-url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F&return-url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Title: Logout

Search URL Search Domain Scan URL

URL: https://user.tucson.com/user/enewspaper/
Title: e-Newspaper

Search URL Search Domain Scan URL

URL: http://arizonadailystar.az.newsmemory.com/ssindex.php
Title: Special Sections

Search URL Search Domain Scan URL

URL: https://circulars.tucson.com/
Title: Circulars

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/tucson/browse#tracking-source=menu-nav
Title: Share Your Story

Search URL Search Domain Scan URL

URL: https://speedway.tucson.com/letters/?action=letter
Title: Submit a Letter

Search URL Search Domain Scan URL

URL: https://speedway.tucson.com/letters/?action=opinion
Title: Submit guest opinion

Search URL Search Domain Scan URL

URL: https://community.tucson.com/
Title: Community Pages

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlj0Mv6sR_6
Title: Share video

Search URL Search Domain Scan URL

URL: https://www.instagram.com/arizonadailystar/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://store.tucson.com/
Title: Arizona Daily Star Store

Search URL Search Domain Scan URL

URL: https://tucsonfestivalofbooks.org/
Title: Tucson Festival of Books

Search URL Search Domain Scan URL

URL: https://tucson.gannettclassifieds.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere&_gl=1*yeejf6*_ga*OTU5MTg3OTA2LjE2NDc5OTc5NDM.*_ga_F8FFLLVDEZ*MTY0Nzk5Nzk0MC4xLjEuMTY0Nzk5ODE2OS42MA..
Title: Careers @ Lee Enterprises

Search URL Search Domain Scan URL

URL: https://www.gannett.com/careers/
Title: Careers @ Gannett

Search URL Search Domain Scan URL

URL: https://marketing.tucson.com/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://subscribe.tucson.com/
Title: Register

Search URL Search Domain Scan URL

URL: https://lee.net/advertise/tos/
Title: Advertising Terms of Use

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: bloxdigital.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.azstarnet.com//sn//harrypotter// HTTP 307
https://www.azstarnet.com//sn//harrypotter// HTTP 301
http://tucson.com/sn/harrypotter/ HTTP 307
https://tucson.com/sn/harrypotter/ HTTP 301
https://tucson.com/r/sn/harrypotter/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
tucson.com/r/sn/harrypotter/
Redirect Chain

http://www.azstarnet.com//sn//harrypotter//
https://www.azstarnet.com//sn//harrypotter//
http://tucson.com/sn/harrypotter/
https://tucson.com/sn/harrypotter/
https://tucson.com/r/sn/harrypotter/

98 KB
23 KB

293ms
293ms

Document
text/html

192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

43aa3a7745857cd489525004e4773f391f309cf2e2542c76d1578f6311139a1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 21872
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 07:41:59 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.78.2; app17; 0.16s; 3.2M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 16850
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 07:41:59 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
location: https://tucson.com/r/sn/harrypotter/
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.78.2; app2; 0.16s; 3M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 198ms
34ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9128960
cross-origin-resource-policy: cross-origin
content-length: 38456
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c4f9a33-FRA
expires: Thu, 13 Mar 2025 15:33:42 GMT

GET
H2 200 user.js Show response
tucson.com/shared-content/art/tncms/user/ 3 KB
2 KB 106ms
105ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tucson.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/r/sn/harrypotter/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:38:26 GMT
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 21:41:17 GMT
x-vcache: HIT
age: 213
etag: W/"6674a1fd-c46"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1437
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 186ms
22ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9116159
cross-origin-resource-policy: cross-origin
content-length: 12719
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c439a33-FRA
expires: Thu, 13 Mar 2025 19:22:21 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 194ms
31ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9121198
cross-origin-resource-policy: cross-origin
content-length: 14189
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66922-841f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c499a33-FRA
expires: Thu, 13 Mar 2025 18:01:52 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 193ms
30ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1351054
cross-origin-resource-policy: cross-origin
content-length: 4260
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c579a33-FRA
expires: Thu, 13 Mar 2025 19:22:42 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 188ms
25ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1333216
cross-origin-resource-policy: cross-origin
content-length: 1590
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-1102"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c429a33-FRA
expires: Thu, 13 Mar 2025 16:43:12 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1020 B 253ms
90ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9122612
cross-origin-resource-policy: cross-origin
content-length: 910
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-9b8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c529a33-FRA
expires: Thu, 13 Mar 2025 15:34:40 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 195ms
32ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9125635
cross-origin-resource-policy: cross-origin
content-length: 21439
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66920-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c359a33-FRA
expires: Thu, 13 Mar 2025 16:43:37 GMT

GET
H2 200 layout.d9bf9fa5b377514df7224a864456e96d.css
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
34 KB 182ms
19ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.d9bf9fa5b377514df7224a864456e96d.css

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f44f6526e35f8f2595a297c9e049e8efe9159f763c1d14832ada2d66931eebf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 3155958
cross-origin-resource-policy: cross-origin
content-length: 34092
last-modified: Thu, 16 May 2024 12:56:16 GMT
x-vcache: HIT
server: cloudflare
etag: W/"66460270-266b1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c399a33-FRA
expires: Wed, 21 May 2025 19:01:33 GMT

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 98 KB
20 KB 200ms
38ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1719471828

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2e9aea8b17986ba1a3f447b9fbe6dfae755492b579e4f073f2a62fc0f31dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1005
cross-origin-resource-policy: cross-origin
content-length: 20642
last-modified: Thu, 27 Jun 2024 07:03:48 GMT
x-vcache: MISS
server: cloudflare
etag: W/"667d0ed4-18651"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c3a9a33-FRA
expires: Fri, 27 Jun 2025 07:08:54 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 189ms
26ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 886373
cross-origin-resource-policy: cross-origin
content-length: 1979
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66925-183e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c3d9a33-FRA
expires: Thu, 13 Mar 2025 18:01:52 GMT

GET
H2 200 tucson_lee_v3.css
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 2 KB
922 B 201ms
39ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/site/resources/styles/tucson_lee_v3.css?_dc=1674063103

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee7af434f9c2ca985c937682af99d230c57c58ef0221212a06f0837e12fed43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9115840
cross-origin-resource-policy: cross-origin
content-length: 683
last-modified: Wed, 18 Jan 2023 17:31:43 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63c82cff-96b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c409a33-FRA
expires: Thu, 13 Mar 2025 19:23:00 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 405 KB
87 KB 35ms
9ms Script
application/javascript 2600:9000:266e:6a00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:6a00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b832224ffc4948e484a3bbb9631e9cb6a24d4b2901dce9f9316de02cb6cfcf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 08:50:50 GMT
content-encoding: br
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 82269
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87920
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Jun 2024 20:53:43 GMT
server: CloudFront
etag: "2c743ac7db35c506e3f274064d13a5a0"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: myf3pIKZoynKDlRQaODWJVtGlLqW1hE3ylM6d31VdDLmtAjQMvc1hQ==

GET
H2 200 access.d7adebba498598b0ec2c.js Show response
tucson.com/shared-content/art/tncms/api/ 70 KB
29 KB 107ms
106ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tucson.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/r/sn/harrypotter/
Origin: https://tucson.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:37:25 GMT
content-encoding: gzip
last-modified: Wed, 12 Jun 2024 14:40:27 GMT
x-vcache: HIT
age: 273
etag: W/"6669b35b-1164b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 29242
service-worker-allowed: /

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 26ms
26ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9121199
cross-origin-resource-policy: cross-origin
content-length: 1322
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-dbe"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc423d8a9a33-FRA
expires: Thu, 13 Mar 2025 18:01:52 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 30ms
30ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9125634
cross-origin-resource-policy: cross-origin
content-length: 2388
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66921-1baf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc423d919a33-FRA
expires: Thu, 13 Mar 2025 16:43:37 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 10:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jun 2025 10:08:14 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 10:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jun 2025 10:08:14 GMT

GET
H2 200 messaging.js Show response
tucson.com/shared-content/art/tncms/api/ 2 KB
1 KB 107ms
106ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tucson.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/r/sn/harrypotter/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:38:36 GMT
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 21:41:17 GMT
x-vcache: HIT
age: 204
etag: W/"6674a1fd-9cb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 885
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
305 B 189ms
27ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 19950121
cross-origin-resource-policy: cross-origin
content-length: 171
last-modified: Thu, 16 Mar 2023 19:39:57 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6413708d-c8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c4d9a33-FRA
expires: Wed, 27 Mar 2024 11:48:42 GMT

GET
H2 200 tracking.js Show response
tucson.com/shared-content/art/tncms/ 3 KB
1 KB 105ms
105ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tucson.com/shared-content/art/tncms/tracking.js
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/r/sn/harrypotter/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:37:15 GMT
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 21:41:17 GMT
x-vcache: HIT
age: 284
etag: W/"6674a1fd-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 11 KB
4 KB 200ms
38ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1719471828

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1500
cross-origin-resource-policy: cross-origin
content-length: 3556
last-modified: Thu, 27 Jun 2024 07:03:48 GMT
x-vcache: MISS
server: cloudflare
etag: W/"667d0ed4-2c45"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc412c459a33-FRA
expires: Fri, 27 Jun 2025 07:08:54 GMT

GET
H2 200 fontawesome.568f3d1ab17b33ce05854081baadadac.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
110 KB 22ms
21ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9116159
cross-origin-resource-policy: cross-origin
content-length: 112383
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65d66922-43130"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc424da99a33-FRA
expires: Thu, 13 Mar 2025 19:23:02 GMT

GET
H2 200 109f1e80-afaf-11ec-896b-e33500870658.png
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/custom/image/ 15 KB
15 KB 24ms
24ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/custom/image/109f1e80-afaf-11ec-896b-e33500870658.png

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85dada1408d909bc6efd997e08514370405f1e39b74b10f930180adecdfe35e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 7298614
cf-polished: origFmt=png, origSize=23342
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="109f1e80-afaf-11ec-896b-e33500870658.webp"
content-length: 15274
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 22:24:57 GMT
server: cloudflare
x-vcache: MISS
etag: "62438739-5b2e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc414c719a33-FRA
expires: Sat, 22 Mar 2025 23:22:26 GMT

GET
H2 200 newsplus_white.png
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 4 KB
4 KB 23ms
23ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/newsplus_white.png?_dc=1719471828

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1500
cf-polished: origFmt=png, origSize=8454
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="newsplus_white.webp"
content-length: 4248
cf-bgj: imgq:85,h2pri
last-modified: Thu, 27 Jun 2024 07:03:48 GMT
server: cloudflare
x-vcache: MISS
etag: "667d0ed4-2106"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc414c729a33-FRA
expires: Fri, 27 Jun 2025 07:08:54 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 15 KB
7 KB 58ms
7ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c045e86b04f8cdb9d727a9f43f9794ff41dbfc031226982fd4d1bdcce0f4c96e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8TXA4cODelpwswTyM5C9oWwzqOvPz4yn
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
date: Thu, 27 Jun 2024 07:38:44 GMT
x-amz-cf-pop: FRA60-P4
age: 195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6641
x-amz-meta-git_commit: 904ac2d
last-modified: Thu, 27 Jun 2024 03:32:06 GMT
server: AmazonS3
etag: "6eaf0ba71e7b2ff949f740c088ab3cf0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: S32Sr7MDkIq9vzmIADmGRL2sLOLmyf2tkIg2rOPvg-67kV5KvgRW1w==

GET
H2 200 tucson-defer.js Show response
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/site/resources/scripts/ 4 KB
2 KB 41ms
39ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/live/libraries/flex/components/site/resources/scripts/tucson-defer.js?_dc=1674590768

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c95bc403db09604ae14479b2a2048f57d30a9569cbf41c206d811890ebb6e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:41:59 GMT
content-encoding: gzip
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 9128959
cross-origin-resource-policy: cross-origin
content-length: 1775
last-modified: Tue, 24 Jan 2023 20:06:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63d03a30-1127"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc416c999a33-FRA
expires: Thu, 13 Mar 2025 15:34:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 255 KB
86 KB 57ms
31ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

841658ec18b1f4df56bc834088a0944c92f5a0d48baa0f32e34f30a68ed7c788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87276
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 07:42:00 GMT

GET
BLOB 200
OK 76583366-7e07-440a-92ce-6f7efa308fdc
https://tucson.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tucson.com/76583366-7e07-440a-92ce-6f7efa308fdc
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET /
user.tucson.com/PTUC-GUP/user/ 0
0

GET
H2 200 gtm-helper.html Show response
tucson.com/app/ Frame 06E2 741 B
614 B 106ms
106ms Document
text/html 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 4eba824138222508fd7ff92e5eab727e6a186baf7b291c681fea83e7b75c39df

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tucson.com/r/sn/harrypotter/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=600
content-encoding: gzip
content-length: 430
content-type: text/html
date: Thu, 27 Jun 2024 07:42:00 GMT
etag: W/"635070b5-1ac"
last-modified: Wed, 19 Oct 2022 21:48:37 GMT
vary: Accept-Encoding
x-vcache: MISS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 611 KB
153 KB 84ms
83ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af655598458ec2dbf99ec357a0245fc63d608b832f85cdca364797d54875a91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156071
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 07:42:00 GMT

GET
H2 200 b-904ac2d-fa24dc02.js Show response
tagan.adlightning.com/leeenterprises/ 71 KB
26 KB 8ms
8ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-904ac2d-fa24dc02.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 13:04:59 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id: JpQLJZlJiYH0ImTqvWyHuV_7GTPKKRiJ
x-amz-cf-pop: FRA60-P4
age: 4473422
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26202
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 20 Feb 2024 14:47:48 GMT
server: AmazonS3
etag: "7a41b7e2b9e4a0f06ee27698e5b7b752"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: w9jJbmfbjl0Umsc2kZlLuWTyHMJPFBqPBHGxWEqCtSIDCQJJzRJsrQ==

GET
H2 200 bl-4c5f06a-b525312c.js Show response
tagan.adlightning.com/leeenterprises/ 107 KB
48 KB 10ms
10ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-4c5f06a-b525312c.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 034be728553993c31c7897925ee2f923f9aa66cb52ab0da72bfd92311b52af44

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 03:38:36 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id: j6thsvHQ3IhmFCtaYP_14C6JcIHc0QiN
x-amz-cf-pop: FRA60-P4
age: 14605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 48753
x-amz-meta-git_commit: 4c5f06a
last-modified: Thu, 27 Jun 2024 03:31:45 GMT
server: AmazonS3
etag: "251c1c7d5be80ee5e652efdccce14d19"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yYS3PSFPdQ0A1XkEFdy73O4QV_09NYn1IROBcTvQQWnoYCr_tH6aQw==

GET
H2 200 /
cmp.osano.com/ Frame 0CD2 0
0 29ms
8ms Document
text/html 2600:9000:266e:8400:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:8400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tucson.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 81016
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Wed, 26 Jun 2024 09:11:45 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
x-amz-cf-id: Y3hACvtdCMyUfSJgy7l2qDKuE-KNZf1NhvkchcgdyiXD0Kkb2Q0Wcw==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame 0
0 118ms
100ms Preflight 18.245.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-78.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tucson.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 27 Jun 2024 07:42:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 5dbbe1c6db9a003131a63be8ded250a4.cloudfront.net (CloudFront)
x-amz-cf-id: BiVF3bR5JPG1Mb4LNEBQVduIGn7MRoAKYcE4xHtCy6lF3H6rzI0_QQ==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 98 KB
25 KB 11ms
10ms Script
application/javascript 2600:9000:266e:6a00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:6a00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb3b596685ae179a3a752c421700d56a50b1c7cb8489e6a62c39505211c8f3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: RhOyEvgA7x2MA4PIN48_GphGCCsquL1q
content-encoding: gzip
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
date: Wed, 26 Jun 2024 13:10:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 66721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Jun 2024 20:53:39 GMT
server: AmazonS3
etag: W/"9b7c04df278ffa9c9487fc3b2807308c"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: d7vb9pTrTGb03RMJQHUaLJPvYTWoYHEV9EK42EAWmsY_GmHMycXjew==

GET
H3 200 de.json Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 31 KB
10 KB 10ms
10ms XHR
application/json 18.245.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-78.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6d47257f80cc386e36a87a5b97d50dc0345ddc665975518641837630ff09a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://tucson.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: ZL7Em5eaVucJ4XWenyvMjx6TMrA5MH_2
x-content-type-options: nosniff
date: Wed, 26 Jun 2024 18:15:45 GMT
content-encoding: gzip
via: 1.1 5dbbe1c6db9a003131a63be8ded250a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
age: 49105
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Jun 2024 20:53:39 GMT
server: AmazonS3
etag: W/"0b118666666bf0cde1ad74cc430e0b50"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: e7JkEKmqTAYDNnU5yM2yv7M6y9POzVxG0Ihmc1bkUZ8eiHL4U8iz8Q==

GET
BLOB 200
OK 66f60821-7447-40f7-848b-8eb220364cc3
https://tucson.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tucson.com/66f60821-7447-40f7-848b-8eb220364cc3
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 tracker.js Show response
tucson.com/shared-content/art/stats/common/ Frame 06E2 9 KB
3 KB 105ms
105ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tucson.com/shared-content/art/stats/common/tracker.js
Requested by: Host: tucson.com
URL: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:39:07 GMT
content-encoding: gzip
last-modified: Tue, 09 Apr 2024 20:00:11 GMT
x-vcache: HIT
age: 173
etag: W/"66159e4b-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
BLOB 200
OK 5135242f-2eaa-4f24-8b78-f6e8049a2753
https://tucson.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tucson.com/5135242f-2eaa-4f24-8b78-f6e8049a2753
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 06e47d26-a086-4282-a3f5-fbd8b6079ec9
https://tucson.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tucson.com/06e47d26-a086-4282-a3f5-fbd8b6079ec9
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f9410e73-4deb-4dd3-88f9-72804e871928
https://tucson.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tucson.com/f9410e73-4deb-4dd3-88f9-72804e871928
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 5ea2651b-5c85-4509-b9d2-f38bf1c3dfb5
https://tucson.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tucson.com/5ea2651b-5c85-4509-b9d2-f38bf1c3dfb5
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
71 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54655e49e703d0352e003d3bc9f14e8c282f58e7aec24fc8185c582deb885f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73046
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 07:42:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
80 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b80dddcb7f73d79af7df7031efb76c0a2670312bac2001e558642888a80736d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82253
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 07:42:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jun 2024 06:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4373
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 27 Jun 2024 08:29:07 GMT

GET
BLOB 200
OK 3989641e-c434-4cd5-9eb9-799182cef53d
https://tucson.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tucson.com/3989641e-c434-4cd5-9eb9-799182cef53d
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 tracker.gif
tucson.com/shared-content/art/stats/common/ Frame 06E2 0
145 B 106ms
106ms Image
image/gif 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tucson.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=171947412030015701170111374857960750&tnms_dt=GTM%20Helper&tnms_upage=1&tnms_do=tucson.com&tnms_uri=/app/gtm-helper.html%3Furl%3Dhttps%253A%252F%252Ftucson.com%252Fr%252Fsn%252Fharrypotter%252F&tnms_ref=https%3A//tucson.com/r/sn/harrypotter/&rt=1719474120301
Requested by: Host: tucson.com
URL: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
100 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QH8XG9MLHK&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99ea8de422c48d03a6b67050ef602d7a8a5135bfb0a5de8ac8ba1bf4e5afd461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 07:42:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
435 B 90ms
56ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://tucson.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
BLOB 200
OK 95a355d3-cb38-46ef-aec6-87474c3a7f5c
https://tucson.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tucson.com/95a355d3-cb38-46ef-aec6-87474c3a7f5c
Requested by: Host: tucson.com
URL: https://tucson.com/r/sn/harrypotter/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
98 KB 52ms
45ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dd80e8c53b90a3a15d1e0838e7c78e5769774a6c169fc43b7fb646f7cbf2dbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 07:42:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 41ms
16ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QH8XG9MLHK&gtm=45je46q0v893906578za200zb6749731&_p=1719474120049&gcs=G100&gcd=13q3pPq2q5&npa=1&dma_cps=-&dma=1&tcfd=14n4f&tag_exp=0&cid=2018020638.1719474120&ecid=2100443277&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEAE&_s=1&sid=1719474120&sct=1&seg=0&dl=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F&dt=R%20%7C%20tucson.com&en=scroll&_fv=1&_nsi=1&_ss=2&ep.domain=tucson.com&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.page_type=error&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=r&ep.url_fragment=&ep.author=Undefined&ep.eedition_view_type=Page%20View&ep.asset_app=editorial&ep.asset_has_paywall=notset&ep.asset_has_video=no&epn.percent_scrolled=90&up.user_status=anonymous&up.user_subscription=No&up.user_ppid=&up.user_uuid=false&up.user_subscription_date=false&tfd=1880&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QH8XG9MLHK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 07:42:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tucson.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
364 B 54ms
15ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://tucson.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 80d87072-cfb0-11e7-b59a-ef5f5178bcc6.png
bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/custom/image/ 23 KB
23 KB 33ms
32ms Other
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/tucson.com/content/tncms/custom/image/80d87072-cfb0-11e7-b59a-ef5f5178bcc6.png?resize=256%2C256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e494d9b1fca54216e0a6def16e25727eb3b569bc2af621434d2538ef372b11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tucson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:42:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2154
cf-polished: origFmt=png, origSize=28680
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="80d87072-cfb0-11e7-b59a-ef5f5178bcc6.webp"
content-length: 23212
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Nov 2017 18:11:04 GMT
server: cloudflare
x-vcache: MISS
etag: "ded01d44607df8b9f470519b28e4dc33"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 89a3cc4589209a33-FRA
expires: Fri, 06 Jun 2025 19:43:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: user.tucson.com
URL: https://user.tucson.com/PTUC-GUP/user/?callback=gSP_local_callback&_ts=1719474120

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tucson.com/	1970-01-20 21:37:57	Name: AMP_TOKEN Value: %24NOT_FOUND

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tucson.com/r/sn/harrypotter/ Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://tucson.com/app/gtm-helper.html?url=https%3A%2F%2Ftucson.com%2Fr%2Fsn%2Fharrypotter%2F Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
bloximages.chicago2.vip.townnews.com
cmp.osano.com
region1.google-analytics.com
tagan.adlightning.com
tucson.com
user.tucson.com
www.azstarnet.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
user.tucson.com
104.16.133.24
142.250.185.72
18.245.31.78
18.66.147.69
192.104.182.109
2001:4860:4802:32::36
2600:9000:266e:6a00:3:b7e:8940:93a1
2600:9000:266e:8400:3:b7e:8940:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
034be728553993c31c7897925ee2f923f9aa66cb52ab0da72bfd92311b52af44
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b80dddcb7f73d79af7df7031efb76c0a2670312bac2001e558642888a80736d
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1c95bc403db09604ae14479b2a2048f57d30a9569cbf41c206d811890ebb6e8a
1e2538ddd14fe3225b3349e4c508da448b0ac8df11ebead50b55662b2f3df076
1e494d9b1fca54216e0a6def16e25727eb3b569bc2af621434d2538ef372b11f
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
3ee7af434f9c2ca985c937682af99d230c57c58ef0221212a06f0837e12fed43
43aa3a7745857cd489525004e4773f391f309cf2e2542c76d1578f6311139a1b
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4a2e9aea8b17986ba1a3f447b9fbe6dfae755492b579e4f073f2a62fc0f31dbb
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
4eba824138222508fd7ff92e5eab727e6a186baf7b291c681fea83e7b75c39df
54655e49e703d0352e003d3bc9f14e8c282f58e7aec24fc8185c582deb885f7e
55c986d4797a19819c545e7ab2874ec5a1f68f19a54885b770a7344924fb7379
5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
841658ec18b1f4df56bc834088a0944c92f5a0d48baa0f32e34f30a68ed7c788
85dada1408d909bc6efd997e08514370405f1e39b74b10f930180adecdfe35e0
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99ea8de422c48d03a6b67050ef602d7a8a5135bfb0a5de8ac8ba1bf4e5afd461
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
af655598458ec2dbf99ec357a0245fc63d608b832f85cdca364797d54875a91f
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b832224ffc4948e484a3bbb9631e9cb6a24d4b2901dce9f9316de02cb6cfcf39
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
c045e86b04f8cdb9d727a9f43f9794ff41dbfc031226982fd4d1bdcce0f4c96e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6d47257f80cc386e36a87a5b97d50dc0345ddc665975518641837630ff09a6b
dd80e8c53b90a3a15d1e0838e7c78e5769774a6c169fc43b7fb646f7cbf2dbc1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f44f6526e35f8f2595a297c9e049e8efe9159f763c1d14832ada2d66931eebf8
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
fb3b596685ae179a3a752c421700d56a50b1c7cb8489e6a62c39505211c8f3b0
ffead3e4f6561930d9686d5c69e2e146b59fedf602473117e42a80d3571ede95

tucson.com Open in urlscan Pro 192.104.182.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

84 %HTTPS

62 %IPv6

10 Domains

12 Subdomains

14 IPs

3 Countries

1198 kBTransfer

3843 kBSize

1 Cookies

23 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tucson.com Open in urlscan Pro
192.104.182.109 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

84 %
HTTPS

62 %
IPv6

10
Domains

12
Subdomains

14
IPs

3
Countries

1198 kB
Transfer

3843 kB
Size

1
Cookies

57 HTTP transactions
0 data transactions