www.chicagotribune.com Open in urlscan Pro
2a02:26f0:1700:16::b856:fbde Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxn...
Submission: On October 20 via api (October 20th 2022, 5:41:43 pm UTC) from US — Scanned from DE

Summary HTTP 152 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 49 IPs in 5 countries across 36 domains to perform 152 HTTP transactions. The main IP is 2a02:26f0:1700:16::b856:fbde, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.chicagotribune.com. The Cisco Umbrella rank of the primary domain is 46135.
TLS certificate: Issued by R3 on August 15th 2022. Valid for: 3 months.

This is the only time www.chicagotribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2a02:26f0:170... 2a02:26f0:1700:16::b856:fbde	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.156.255.76 108.156.255.76	16509 (AMAZON-02) (AMAZON-02)
10	143.204.215.66 143.204.215.66	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:106b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	23.35.237.64 23.35.237.64	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:20e... 2600:9000:20eb:2400:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.52 13.32.99.52	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.28 13.224.189.28	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:297::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2 5	104.94.186.13 104.94.186.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.78.24 13.225.78.24	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:ee00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
7	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
3	2600:1901:0:d... 2600:1901:0:d733::1	15169 (GOOGLE) (GOOGLE)
1	99.86.4.16 99.86.4.16	16509 (AMAZON-02) (AMAZON-02)
4	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
1	52.205.55.37 52.205.55.37	14618 (AMAZON-AES) (AMAZON-AES)
7	108.128.97.80 108.128.97.80	16509 (AMAZON-02) (AMAZON-02)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.60 13.225.78.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	13.224.189.91 13.224.189.91	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
2	13.225.78.28 13.225.78.28	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
2	18.213.10.203 18.213.10.203	14618 (AMAZON-AES) (AMAZON-AES)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
6	52.223.1.76 52.223.1.76	16509 (AMAZON-02) (AMAZON-02)
1	13.226.153.21 13.226.153.21	16509 (AMAZON-02) (AMAZON-02)
1	54.202.115.110 54.202.115.110	16509 (AMAZON-02) (AMAZON-02)
1 9	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	13.225.78.34 13.225.78.34	16509 (AMAZON-02) (AMAZON-02)
3	3.219.38.131 3.219.38.131	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:225... 2600:9000:225e:2e00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.111 143.204.215.111	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:594::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.32.99.106 13.32.99.106	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:da00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
152	49

22 2a02:26f0:1700:16::b856:fbde (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.255.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-76.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.215.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-66.fra53.r.cloudfront.net

r610.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:2400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-52.fra60.r.cloudfront.net

assets.zephr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-28.fra2.r.cloudfront.net

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:297::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.94.186.13 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-186-13.deploy.static.akamaitechnologies.com

www.tribdss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssor.tribdss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-24.fra2.r.cloudfront.net

dynpaywall-api-chicagotribune.ml.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:ee00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

smoggysnakes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-16.fra6.r.cloudfront.net

tribune-chicagotribune.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.55.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-55-37.compute-1.amazonaws.com

tribune.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.128.97.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-97-80.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-60.fra2.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-91.fra2.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.10.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-203.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com

collector2.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.153.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-21.dus51.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.202.115.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-202-115-110.us-west-2.compute.amazonaws.com

authenticate.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-34.fra2.r.cloudfront.net

zephr.chicagotribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.219.38.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-38-131.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:2e00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-111.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:594::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-106.fra60.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:da00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	chicagotribune.com www.chicagotribune.com — Cisco Umbrella Rank: 46135 r610.chicagotribune.com — Cisco Umbrella Rank: 80621 authenticate.chicagotribune.com — Cisco Umbrella Rank: 156520 zephr.chicagotribune.com — Cisco Umbrella Rank: 93464	2 MB
16	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 5435 play.google.com — Cisco Umbrella Rank: 27	69 KB
10	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 865 trc.taboola.com — Cisco Umbrella Rank: 697 15.taboola.com — Cisco Umbrella Rank: 6959 am-trc-events.taboola.com — Cisco Umbrella Rank: 17121	259 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	232 KB
8	sophi.io dynpaywall-api-chicagotribune.ml.sophi.io — Cisco Umbrella Rank: 139494 cdn.sophi.io — Cisco Umbrella Rank: 16255 collector2.sophi.io — Cisco Umbrella Rank: 23938	43 KB
7	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1192	4 KB
6	remixd.com tags.remixd.com — Cisco Umbrella Rank: 19949 pubcast-files.remixd.com — Cisco Umbrella Rank: 21105 player-files.remixd.com — Cisco Umbrella Rank: 20245	82 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 10761 www.i.matheranalytics.com — Cisco Umbrella Rank: 10567	44 KB
5	tribdss.com 2 redirects www.tribdss.com — Cisco Umbrella Rank: 39776 ssor.tribdss.com — Cisco Umbrella Rank: 40314	38 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 10862 launchpad.privacymanager.io — Cisco Umbrella Rank: 9534 geo.privacymanager.io — Cisco Umbrella Rank: 1492	11 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3463 onesignal.com — Cisco Umbrella Rank: 1191	82 KB
3	smoggysnakes.com smoggysnakes.com — Cisco Umbrella Rank: 50860	28 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1323 mab.chartbeat.com — Cisco Umbrella Rank: 2299	25 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3534	191 B
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1228	401 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 156	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2800 p1.parsely.com — Cisco Umbrella Rank: 2165	21 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 6493	93 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1300 c.go-mpulse.net — Cisco Umbrella Rank: 595	50 KB
2	zephr.com assets.zephr.com — Cisco Umbrella Rank: 43934	16 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1515	92 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 313	47 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 594	482 B
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 15640
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 16297	13 KB
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2507	42 KB
1	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3561	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	blueconic.net tribune.blueconic.net — Cisco Umbrella Rank: 50945	698 B
1	zeustechnology.com tribune-chicagotribune.zeustechnology.com — Cisco Umbrella Rank: 98410	68 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	91 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3184	143 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1404	417 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	30 KB
152	36

	Domain	Requested by
22	www.chicagotribune.com	www.chicagotribune.com
10	r610.chicagotribune.com	www.chicagotribune.com r610.chicagotribune.com cmp.osano.com
9	news.google.com	1 redirects cmp.osano.com news.google.com www.chicagotribune.com www.gstatic.com
7	play.google.com	www.gstatic.com
7	jadserve.postrelease.com	s.ntv.io www.chicagotribune.com
6	collector2.sophi.io	cdn.sophi.io
6	fonts.gstatic.com	fonts.googleapis.com news.google.com
5	zephr.chicagotribune.com	assets.zephr.com
4	am-trc-events.taboola.com
4	www.gstatic.com	news.google.com www.gstatic.com
4	www.tribdss.com	2 redirects www.chicagotribune.com
3	player-files.remixd.com	www.chicagotribune.com
3	www.i.matheranalytics.com	www.chicagotribune.com
3	smoggysnakes.com	www.chicagotribune.com smoggysnakes.com
3	cdn.taboola.com	www.chicagotribune.com cdn.taboola.com
3	fonts.googleapis.com	www.chicagotribune.com client
2	pixel.sitescout.com	www.chicagotribune.com
2	onesignal.com	cmp.osano.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	trc.taboola.com	cdn.taboola.com
2	ping.chartbeat.net	www.chicagotribune.com
2	sb.scorecardresearch.com	www.chicagotribune.com cdn.taboola.com
2	js.matheranalytics.com	1 redirects www.chicagotribune.com
2	cmp.osano.com	www.chicagotribune.com cmp.osano.com
2	tags.remixd.com	www.chicagotribune.com tags.remixd.com
2	cdn.onesignal.com	www.chicagotribune.com cdn.onesignal.com
2	assets.zephr.com	www.chicagotribune.com
2	static.chartbeat.com	www.chicagotribune.com
2	cdn.confiant-integrations.net	www.chicagotribune.com cdn.confiant-integrations.net
2	c.amazon-adsystem.com	www.chicagotribune.com c.amazon-adsystem.com
1	www.facebook.com
1	static.adsafeprotected.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	cdn-gateflipp.flippback.com	cdn.taboola.com
1	15.taboola.com	cdn.taboola.com
1	c.go-mpulse.net	s.go-mpulse.net
1	cdn.jwplayer.com	tags.remixd.com
1	authenticate.chicagotribune.com	cmp.osano.com
1	launchpad.privacymanager.io	cmp.osano.com
1	p1.parsely.com	www.chicagotribune.com
1	widget.perfectmarket.com	cdn.taboola.com
1	mab.chartbeat.com	static.chartbeat.com
1	cdn.sophi.io	www.chicagotribune.com
1	www.google-analytics.com	www.googletagmanager.com
1	launchpad-wrapper.privacymanager.io	www.googletagmanager.com
1	cdn.parsely.com	www.googletagmanager.com
1	tribune.blueconic.net	r610.chicagotribune.com
1	pubcast-files.remixd.com	tags.remixd.com
1	tribune-chicagotribune.zeustechnology.com	www.chicagotribune.com
1	dynpaywall-api-chicagotribune.ml.sophi.io	www.chicagotribune.com
1	ssor.tribdss.com	www.chicagotribune.com
1	s.go-mpulse.net	www.chicagotribune.com
1	www.googletagmanager.com	www.chicagotribune.com
1	s.ntv.io	www.chicagotribune.com
1	polyfill.io	www.chicagotribune.com
1	code.jquery.com	www.chicagotribune.com
152	56

This site contains links to these domains. Also see Links.

Domain
de.slow-watches.com
popup.taboola.com
www.austria.info
www.mdm.de
taongafarm.com
onlinekfzabmeldung.de
www.combatsiege.com
usagco.org
safesly.com
www.deejo.de
www.facebook.com
twitter.com
www.nydailynews.com
www.orlandosentinel.com
www.mcall.com
www.dailypress.com
www.thedailymeal.com
www.baltimoresun.com
www.sun-sentinel.com
www.courant.com
www.pilotonline.com
www.studio1847.io
careers.tribpub.com
www.tribpub.com
www.chicagotribunemediagroup.com
www.tkqlhce.com
mylocal.chicagotribune.com
store.chicagotribune.com
gsght.com

Subject Issuer	Validity	Valid
tronc.web.arc-cdn.net R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
r610.chicagotribune.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.confiant-integrations.net E1	`2022-09-26` - `2022-12-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
assets.zephr.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.remixd.com Amazon	`2022-03-11` - `2023-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.trbimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-27` - `2023-05-30`	a year	crt.sh
dynpaywall-api-chicagotribune.ml.sophi.io Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
cmp.osano.com Amazon	`2022-09-02` - `2023-09-30`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
smoggysnakes.com R3	`2022-08-29` - `2022-11-27`	3 months	crt.sh
*.zeustechnology.com Amazon	`2022-04-15` - `2023-05-14`	a year	crt.sh
pubcast-files.remixd.com GTS CA 1D4	`2022-10-05` - `2023-01-03`	3 months	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
cdn.sophi.io Amazon	`2022-10-18` - `2023-11-15`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.sophi.io Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
authenticate.baltimoresun.com Amazon	`2022-09-11` - `2023-10-09`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
zephr.sun-sentinel.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
www.i.matheranalytics.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
jwplayer.com Amazon	`2021-12-29` - `2023-01-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
player-files.remixd.com GTS CA 1D4	`2022-10-12` - `2023-01-10`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.flippback.com Amazon	`2022-07-01` - `2023-07-29`	a year	crt.sh
flipp.com Amazon	`2022-08-31` - `2023-09-28`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-30` - `2022-10-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Frame ID: BC189009D06F52070AE020194BBC6912
Requests: 119 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 16BC27526949D18CF14EACB6B8CC258F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: 1822E6664A27327987048113DD2F69B2
Requests: 7 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com
Frame ID: 38DC9A1A46D279D7386239215B0148C7
Requests: 13 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 7E98E0B7B7B913F6F1CF25F0F73DCC80
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Frame ID: B467ABE05FB4E0B3070278AC7AB3C545
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Elgin to spend more than $1.2 million on DuPage Court overhaulGroup 3Group 3Group 3Group 3

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

152
Requests

96 %
HTTPS

42 %
IPv6

36
Domains

56
Subdomains

49
IPs

5
Countries

3228 kB
Transfer

10074 kB
Size

24
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://de.slow-watches.com/de/?utm_source=taboola_tribunedigital-chicagotribune&utm_content=3059597119&utm_medium=native&utm_campaign=TABO-DE-desk&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDZz0coveCSg-CIy8PaAQ#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDZz0coveCSg-CIy8PaAQ
Title: slow-watches.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbs-feed-01a:below-article-thumbs_ARC%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.austria.info/de/aktuelle-angebote/burg-hotel-oberlech?utm_source=taboola&utm_campaign=DEU_22_1-MPD-023-01_pak_digitalpaket_MM-16523&utm_medium=tribunedigital-chicagotribune&utm_content=MM-16523_A&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiD541oojea_m-D2gvsn#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiD541oojea_m-D2gvsn
Title: Urlaub in Österreich

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbs-feed-01-a:below-article-thumbs_ARC%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.mdm.de/dop?sku=24043/003&wk=2071660&campaign=Dis/taboola/sk/2071660&utm_source=taboola&utm_medium=display&utm_campaign=sk&utm_source=taboola&utm_medium=referral#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDBrUYo2LHS3rv6zIVp
Title: MDM Deutsche Münze

Search URL Search Domain Scan URL

URL: https://taongafarm.com/de/landings/gp/28?ref=W_150722_WW_Click_Video_DE&mng=VK&utm_source=taboola&utm_campaign=W_150722_WW_Click_Video_DE&utm_medium=display&cc={campaignid}&utm_term=1008941_tribunedigital-chicagotribune&utm_content=3443103682#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDJpEcojaH52KuSoOsg
Title: Taonga: Die Inselfarm

Search URL Search Domain Scan URL

URL: https://onlinekfzabmeldung.de/?utm_source=taboola&utm_medium=referral&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCPg1oo8f3B246jkYhS#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCPg1oo8f3B246jkYhS
Title: onlinekfzabmeldung.de

Search URL Search Domain Scan URL

URL: https://www.combatsiege.com/?r=tabcs1deb&clickid=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiD8gFso4d7M_8WCgqrQAQ&utm_source=taboola-tribunedigital-chicagotribune&utm_medium=tabcs1deb&utm_term=Du+wirst+deinen+Computer+nie+wieder+ausschalten.+Kein+Install.+Gratis+spielen.&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiD8gFso4d7M_8WCgqrQAQ#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiD8gFso4d7M_8WCgqrQAQ
Title: CombatSiege

Search URL Search Domain Scan URL

URL: https://usagco.org/landing/register-11?lang=de&utm_source=taboola&utm_medium=discovery&utm_campaign=Germany_DSK_V11_+CPA&utm_item_id=3024218777&utm_publisher=tribunedigital-chicagotribune&utm_campaign_id=11581964&utm_tci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCBukMo8cjg5KGZlqO0AQ&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCBukMo8cjg5KGZlqO0AQ#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCBukMo8cjg5KGZlqO0AQ
Title: USA-Dienste

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbnails-rr2:taboola-right-rail-thumbnails_arc:#nt=related-content
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://safesly.com/af56e0a7-2e99-4e6d-99bd-da15256c3aff?site=tribunedigital-chicagotribune&title=Neue+%E2%80%9CPendlermaske%E2%80%9D+begeistert+Tausende+Deutsche&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F68d7f87649585a74a60f9bfa0691053c.jpg&campaign=%20DE_Satiata_Desktop_v8&utm_content=3559362294&conversionname=6H_Sale&click_id=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiC11U8o_bnV0_jFvMsj&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiC11U8o_bnV0_jFvMsj#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiC11U8o_bnV0_jFvMsj
Title: Verbraucher Hilfe

Search URL Search Domain Scan URL

URL: https://safesly.com/9597750f-4070-4a54-9822-830513702ebe?site=tribunedigital-chicagotribune&title=Aufgepasst%21+Deutsche+mit+Pflegegrad+bekommen+jetzt+jeden+Monat+40%E2%82%AC+Hilfsmittel&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F093e8a695da31b13509bfb1b400e1d2f.jpg&campaign=6H_201109_Purchase_desk2b&utm_content=3568999777&conversionname=6H&click_id=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDC8E0okJGet9GRmojyAQ&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDC8E0okJGet9GRmojyAQ#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDC8E0okJGet9GRmojyAQ
Title: Pflege-Ratgeber24

Search URL Search Domain Scan URL

URL: https://www.austria.info/de/winter-in-oesterreich/kitzbueheler-alpen?utm_source=taboola&utm_campaign=DEU_22_1-CAM-021-01-04_kam_winter_MM-17481&utm_medium=tribunedigital-chicagotribune&utm_content=MM-17481_B&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDFp1so5YSPl_Gdm7x9#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDFp1so5YSPl_Gdm7x9
Title: austria.info

Search URL Search Domain Scan URL

URL: https://www.deejo.de/de/die-welt-von-deejo/deejo-im-land-der-aufgehenden-sonne?utm_source=taboola&utm_medium=native-ads&utm_campaign=DE-taboola-fil-rouge-japon-DSK&utm_content=tribunedigital-chicagotribune#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCP5kgo6PP4tJP2vqs8
Title: Deejo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/chicagotribune

Search URL Search Domain Scan URL

URL: https://twitter.com/chicagotribune

Search URL Search Domain Scan URL

URL: https://www.nydailynews.com/
Title: New York Daily News

Search URL Search Domain Scan URL

URL: https://www.orlandosentinel.com/
Title: Orlando Sentinel

Search URL Search Domain Scan URL

URL: https://www.mcall.com/
Title: The Morning Call of Pa.

Search URL Search Domain Scan URL

URL: https://www.dailypress.com/
Title: Daily Press of Va.

Search URL Search Domain Scan URL

URL: https://www.thedailymeal.com/
Title: The Daily Meal

Search URL Search Domain Scan URL

URL: https://www.baltimoresun.com/
Title: The Baltimore Sun

Search URL Search Domain Scan URL

URL: https://www.sun-sentinel.com/
Title: Sun Sentinel of Fla.

Search URL Search Domain Scan URL

URL: https://www.courant.com/
Title: Hartford Courant

Search URL Search Domain Scan URL

URL: https://www.pilotonline.com/
Title: The Virginian-Pilot

Search URL Search Domain Scan URL

URL: https://www.studio1847.io/
Title: Studio 1847

Search URL Search Domain Scan URL

URL: https://careers.tribpub.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/central-terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.chicagotribunemediagroup.com/
Title: Media kit

Search URL Search Domain Scan URL

URL: https://www.tribpub.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/click-8479616-11570746?url=https%3A%2F%2Fchicagotribune.newspapers.com%3Fxid%3D2301%26utm_campaign%3Devergreen%26utm_medium%3Dreferral%26utm_source%3Dnavigation%26utm_content%3D%26utm_term%3DChicago%20Tribune
Title: Archives

Search URL Search Domain Scan URL

URL: https://mylocal.chicagotribune.com/
Title: Local print ads

Search URL Search Domain Scan URL

URL: https://store.chicagotribune.com/?utm_campaign=evergreen&utm_medium=referral&utm_source=footer&utm_content=&utm_term=
Title: Chicago Tribune Store

Search URL Search Domain Scan URL

URL: https://de.slow-watches.com/de/?utm_source=taboola_tribunedigital-chicagotribune&utm_content=3059597119&utm_medium=native&utm_campaign=TABO-DE-desk&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDZz0coksP-_erm2pJ2#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiDZz0coksP-_erm2pJ2
Title: slow-watches.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://usagco.org/landing/register-11?lang=de&utm_source=taboola&utm_medium=discovery&utm_campaign=Germany_DSK_V11_+CPA&utm_item_id=3024218777&utm_publisher=tribunedigital-chicagotribune&utm_campaign_id=11581964&utm_tci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCBukMo6Piu5JbG-dqNAQ&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCBukMo6Piu5JbG-dqNAQ#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCBukMo6Piu5JbG-dqNAQ
Title: USA-Dienste

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tribunedigital-chicagotribune&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://gsght.com/c/hwjxfy?network_click_id=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCpykQojLSS9sulnqV0&campaign=21346001&campaign_name=cc-de.au-baseline1_st&ad_group=1008941&ad_group_name=tribunedigital-chicagotribune&site_id=tribunedigital-chicagotribune&ad=3571308335&sub1=cc-de.au-baseline1_st&sub2=Spiele+jetzt+in+deinem+Browser&sub3=cr-newloot57.cn-1&destination_url=https://www.hero-wars.com/?hl=de&l=loot&tblci=GiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCpykQojLSS9sulnqV0#tblciGiB-CzqjgMgOyYjyniee80ROIowtua1pVxFRbm3brotnFiCpykQojLSS9sulnqV0
Title: Hero Wars

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.tribdss.com/meter/chiarc.min.js HTTP 302
https://www.tribdss.com/meter/chiarc.min.js?disabled=international

Request Chain 53

https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1607 HTTP 301
https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js

Request Chain 75

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js HTTP 302
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

Request Chain 91

https://news.google.com/swg/_/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com

152 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html Show response
www.chicagotribune.com/suburbs/elgin-courier-news/ 446 KB
104 KB 278ms
29ms Document
text/html 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

264fb6991243a26a1cc8fe9cb7eb66134d9960f3bddfbce9d793ec53c46ab780

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: 3600 -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 20 Oct 2022 17:41:36 GMT
etag: W/"6e739-zqMwzbon3xvV9tAxUe3XYxuYftI"
expires: Thu, 20 Oct 2022 17:42:36 GMT
fusion-component-id: undefined
fusion-content-id: WG5RZGGAQNFWRC77YXNP3BL4LI
fusion-content-source: content-api-custom
fusion-deployment-id: 89
fusion-source: lambda
fusion-template-id: template/tIsuzrso4Bw3PJ0t
last-modified: Thu, 20 Oct 2022 17:38:56 GMT
server: openresty
server-timing: cdn-cache; desc=MISS edge; dur=1 origin; dur=1009
vary: Accept-Encoding
x-akamai-transformed: 9 103778 0 pmb=mRUM,2
x-aws-lambda-call-status: 200

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 177 KB
44 KB 44ms
13ms Script
application/javascript 108.156.255.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-76.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:19:12 GMT
content-encoding: gzip
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront), 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified: Thu, 20 Oct 2022 16:04:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, DUS51-P2
age: 1345
etag: W/"325ba14a3555ca64958500cbd00f9a35"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: jWpJt8kvB2M9FiGJR3tMWNZvQsh7Njsh8tPk4V5Zm-CmMT-78XTv3Q==

GET
H2 200 script.js Show response
r610.chicagotribune.com/ 132 KB
40 KB 250ms
42ms Script
text/javascript 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/script.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

5a36f55cf612549cc49d145502aeb8e706724cf3d6f155ebadcf3ade388e3b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
age: 486
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 40626
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Oct 2022 01:01:32 GMT
server: -
etag: 859546407c80b789a00d92b1231378f1
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: lQq8Fd1hpbkts0hCAuV_GaNyrlyosYEvtyRLtdroGISDdB6CUlINyA==
expires: Thu, 20 Oct 2022 17:43:30 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 326ms
136ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1666287696.dop153.fr8.t,1666287696.cds136.fr8.hn,1666287696.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 66ms
32ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2CElement.prototype.prepend%2CElement.prototype.remove%2CArray.prototype.find%2CArray.prototype.includes
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 13:32:57 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/106.0.0
server-timing: cache-fra19141, PASS, fastly;desc="Edge time";dur=17
accept-ranges: bytes
content-length: 94

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/ 109 KB
26 KB 64ms
33ms Script
text/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2574aa27d97447a4134230c05c7942c2b5a7a609892cf617b9f9ebc346853bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 17:33:02 GMT
server: cloudflare
x-amz-request-id: 9XZQCHZCFWBAGXRM
age: 364
etag: W/"5517ea6032ff48751c0adf62ce48e4aa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 75d38b954ebf9061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4BB3snM3P0IjW2/g8EJznhZm0oBUXsc2Ur1xnH4/kTIaG+G+LFE4dg8pC+SpzNYSnRvUF2PGsMI=

GET
H2 200 react.js Show response
www.chicagotribune.com/pf/dist/engine/ 336 KB
96 KB 11ms
11ms Script
application/javascript 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/engine/react.js?d=89

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

ea981e44acb824eef6c0b27e815fb653b7647283212e047e0b09cc8c809e300b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: M4PCHHH36QRV4GG0
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 97572
x-amz-id-2: 4KpcAnUC8YIDPqLnhf0iwq0YpNCPdDplx0Bk9QBMvLKozC7NFUu/GesU8/uk3y9RKc8u1YB/ff4=
last-modified: Fri, 14 Oct 2022 16:38:41 GMT
server: openresty
etag: W/"f57c007219b89a1e330b3cb12ec2a780"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
fusion-source: s3
cache-control: public, max-age=31536000
expires: Fri, 20 Oct 2023 17:41:36 GMT

GET
H2 200 default.js Show response
www.chicagotribune.com/pf/dist/components/combinations/ 840 KB
215 KB 15ms
13ms Script
application/javascript 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=89

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6ea52be86268c844b1f19106d8fbf005060bb93520541fd4f300f38a8da0a146

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: M4P4FVCC5VQM95S2
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 218759
x-amz-id-2: jMXmaDuwQ12iLMcQp90fSaJlfZFKVd9m7FZ17wVk0jl+nEG0HbCxzJ01aNS3XMQgAGbvqxObY5M=
last-modified: Fri, 14 Oct 2022 16:38:41 GMT
server: openresty
etag: W/"87c688a911e67528ce94270971812443"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
fusion-source: s3
cache-control: public, max-age=31536000
expires: Fri, 20 Oct 2023 17:41:36 GMT

GET
H2 200 default.css
www.chicagotribune.com/pf/dist/components/output-types/ 34 KB
5 KB 28ms
27ms Stylesheet
text/css 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/output-types/default.css?d=89

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

d22f6e5562a0ef5aa020903f532024c9be3280776f4786433295a234589e9d90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: M4P2ST7F3EKYPYD2
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 4594
x-amz-id-2: ZyhXaNkSsvZTvSkj9CBO1n2tzq/4QLA63xbzaq/ICbSIIsZHJvkrI56a9kFtwvtNnwK9/mIoXFE=
last-modified: Fri, 14 Oct 2022 16:38:41 GMT
server: openresty
etag: W/"2b9d9c1d6f1b38d140924adabf32d12f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
fusion-source: s3
cache-control: public, max-age=31536000
expires: Fri, 20 Oct 2023 17:41:36 GMT

GET
H2 200 default.css
www.chicagotribune.com/pf/dist/components/combinations/ 70 KB
12 KB 43ms
42ms Stylesheet
text/css 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/dist/components/combinations/default.css?d=89

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

3252d36cc55b9da498335a311e43fc48b9ce4e1ee05be3d7f2db90f5ef7f01ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: JR23RH5ERY0SB7ZK
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11599
x-amz-id-2: C1rjgtdf3mn3QM2R5Ltp65r05hhPcEjK1GaIUL2YExrWFxqqeyI1YLufgICIbL8CaqtE/y6jRbE=
last-modified: Fri, 14 Oct 2022 16:38:41 GMT
server: openresty
etag: W/"d0db0a279cc2411e6de65c50cdd9b201"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
fusion-source: s3
cache-control: public, max-age=31536000
expires: Fri, 20 Oct 2023 17:41:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 57ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:33:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Oct 2022 17:41:36 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 507 KB
143 KB 170ms
48ms Script
application/x-javascript 23.35.237.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8464859e97324aaaf5650dbf65973c2ad6f7fddea8b1e7e6c7692cb2a0f541fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:41:36 GMT
Content-Encoding: gzip
x-amz-request-id: QPJW6D512QPM56EG
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 9fJX70MmTu9sP859WOyzKjxE4Z/izkg1cj0d9AZC7YLk35D0x1BDgDULjmg0M/nsxLOPTOAbNEw=
Last-Modified: Wed, 19 Oct 2022 23:12:01 GMT
Server: AmazonS3
ETag: "2b83209f000cdab95a9a5c931616138e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 180ms
88ms Script
application/x-javascript 2600:9000:20eb:2400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 15:59:13 GMT
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: FRA2-C1
age: 6143
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: iyZqZ_eQBHIptCU3t12dITWGeDgB8YdKU-dfaNVBlcG1CjXeminJdQ==
expires: Thu, 20 Oct 2022 17:59:13 GMT

GET
H2 200 zephr-browser.umd.js Show response
assets.zephr.com/zephr-browser/1.3.9/ 39 KB
15 KB 167ms
75ms Script
application/javascript 13.32.99.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 01:00:56 GMT
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 11:02:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 60041
etag: W/"c531ce77a9ff6380e9671dee680a2102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6Maidb__ltirqVTBkhP6NO7WaoniTn6voWEAY3nCEYxwzyaBVsg-OQ==

GET
H2 200 zephr-minify.1.0.1.js Show response
assets.zephr.com/tribune/ 1 KB
1003 B 168ms
76ms Script
application/javascript 13.32.99.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zephr.com/tribune/zephr-minify.1.0.1.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 07:00:49 GMT
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 11:32:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 38646
etag: W/"d9f4fec80c2b61c13ef9d38b99f5708c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: CMo7n4jDYrNPqSA8of7jB2tD3-JUl8X4YFBS1biVPMZqbU61JNrLmA==

GET
H2 200 OALZ7VGYO5A2VG2RFJJMONU2II.jpg
www.chicagotribune.com/resizer/bGHLKJ4Qbp8ahRtRUH-6qPNaOOo=/800x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 110 KB
110 KB 33ms
32ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/bGHLKJ4Qbp8ahRtRUH-6qPNaOOo=/800x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/OALZ7VGYO5A2VG2RFJJMONU2II.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cbcbdef0608943e0933da5928be999f15b83042f772c8099bf8901725a2c8f1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 18 Oct 2022 21:58:25 GMT
server: Akamai Image Manager
etag: "a4b85daa129140b9185b78ed53efeb3f4ce7e17d"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31378668
server-timing: cdn-cache; desc=HIT, edge; dur=3
content-length: 112262
expires: Wed, 18 Oct 2023 21:59:24 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 127ms
50ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 150
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 75d38b96281d5b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Oct 2022 17:41:36 GMT

GET
H2 200 Menu_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 1 KB
1 KB 30ms
28ms Image
image/svg+xml 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/icons/Menu_Icon.svg?d=89

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: M4PAEB0YESJXA6VY
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 505
x-amz-id-2: iXSPZSIi8P5MP+q520Uqw+7CBuuugxmT84wAZwkkJ/APYtylbkHq5cSWE9JXI+37uN5ShBAoous=
last-modified: Fri, 14 Oct 2022 16:38:40 GMT
server: openresty
etag: W/"3078b03aa176e280460db6374ed5934b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
fusion-source: s3
cache-control: public, max-age=31536000
expires: Fri, 20 Oct 2023 17:41:36 GMT

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 34 KB
10 KB 124ms
38ms Script
text/javascript 13.224.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 15:31:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 16
etag: "57b6f8ad4125903b7e06bb427c232d10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=1800
accept-ranges: bytes
content-length: 10041
x-amz-cf-id: GJ207w9qV0Iw60Nl7MdcxnM_liK0Ytrv7Fb80HLHXHFzApV6Cu1kdw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 31ms
10ms XHR
application/javascript 108.156.255.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-76.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding: gzip
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
date: Thu, 20 Oct 2022 03:42:20 GMT
x-amz-cf-pop: DUS51-P2
age: 50357
x-cache: Hit from cloudfront
last-modified: Thu, 06 Oct 2022 01:32:47 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: UgxfPio71t1JTPOX49CLs4d3yL1mROP9Dd215OQ5kyI7yUCczzSSTw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
91 KB 150ms
80ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0c2b41a9f04396e6b2e280a11883953e5ee4e5da431f2891b2da6f1445fe86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92403
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 16:56:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Oct 2022 17:41:36 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202210171204/ 212 KB
66 KB 44ms
43ms Script
application/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202210171204/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/lN3nDI7DXG9pAWAqmfHN769SKz8/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e095f4fbb86c7318a76ae06340cfd812a5247ea02b416ed57933365d67648df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 16:14:48 GMT
server: cloudflare
x-amz-request-id: EN1RMVWPXC76C5R2
age: 260150
etag: W/"a7af60ecf4cf095070eed6b7b3e4664d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 75d38b95af7e9061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: QSVOYlv5jnQvLxQI3CCzsnMHUPmKuIUO/eo8sk3V3/gyrKzby5MDqHAH8DEsumE+VJmFpJVYPTo=

GET
H2 200 DA9NK-5NF4A-5FWA6-EFVPV-RL87Z Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 119ms
40ms Script
application/javascript 2a02:26f0:480:297::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:297::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: br
last-modified: Sun, 09 Oct 2022 00:46:50 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 114ms
47ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:52:55 GMT
x-content-type-options: nosniff
age: 254921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:52:55 GMT

GET
H2 200 LGYGJUD6SVGZFHWZCMC3PC4NNU.jpg
www.chicagotribune.com/resizer/gQsf6i-bZb0x_kJFQhR66S2SFlM=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 231 KB
232 KB 32ms
32ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/gQsf6i-bZb0x_kJFQhR66S2SFlM=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/LGYGJUD6SVGZFHWZCMC3PC4NNU.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6ef7d841ea4a7fa82fc9d2ba49edacaeaf3e46bf282c6d9cbdc368a710e107dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 18 Oct 2022 22:08:04 GMT
x-serial: 991
server: Akamai Image Manager
x-check-cacheable: YES
etag: "59e9ce1fb4bf39944e17e242336095cbfe723cae"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31379188
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 236993
expires: Wed, 18 Oct 2023 22:08:04 GMT

GET
H2 200 467DOUMS4BDQRHIC5Z42KJOHHM.jpg
www.chicagotribune.com/resizer/a6fcvLJUMWlbvJReha-AFR7K3S4=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 174 KB
175 KB 50ms
48ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/a6fcvLJUMWlbvJReha-AFR7K3S4=/1440x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/467DOUMS4BDQRHIC5Z42KJOHHM.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a2b0336d194248a536f2b140c07c8d0d9205b076828de62ea2e037c56f4d4bb8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 18 Oct 2022 21:58:10 GMT
server: Akamai Image Manager
etag: "1cc0a9cbb4d53debb7aa7397306bfa501afb3dd5"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31378619
server-timing: cdn-cache; desc=HIT, edge; dur=9
content-length: 178234
expires: Wed, 18 Oct 2023 21:58:35 GMT

GET
H2 200 T7UFACSOTFSORJBSUI5YN4BL4Q.jpg
www.chicagotribune.com/resizer/TOKZgygFelqN1IFlVou9v_YFVUg=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 153 KB
154 KB 50ms
49ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/TOKZgygFelqN1IFlVou9v_YFVUg=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/T7UFACSOTFSORJBSUI5YN4BL4Q.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8ca60119a290a5178c4e4ccc7728baec26d2f016a6be49f28363ac67b19ef50d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 20 Oct 2022 12:30:22 GMT
x-serial: 777
server: Akamai Image Manager
x-check-cacheable: YES
etag: "1130f5f8597b5a36b9a0b75e49d2fbd6d1ef95b1"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31517304
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 156940
expires: Fri, 20 Oct 2023 12:30:00 GMT

GET
H2 200 NF6XVW5FJVB3JHTPWQZ6VRKJ3Y.jpg
www.chicagotribune.com/resizer/17XvWvpw6z8qiGa0KhSnPX5jtLQ=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 181 KB
182 KB 36ms
35ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/17XvWvpw6z8qiGa0KhSnPX5jtLQ=/1440x1080/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/NF6XVW5FJVB3JHTPWQZ6VRKJ3Y.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2e739a9eaca6bf710447f7c39030f0f4f2d7b3074b6211968bf87c8f68bcd6ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 20 Oct 2022 02:29:13 GMT
x-serial: 1095
server: Akamai Image Manager
x-check-cacheable: YES
etag: "6bbf12d3e144a8923b36e494f7da688aefeda50b"
x-edgeconnect-cache-status: 1
content-type: image/jpeg
cache-control: private, no-transform, max-age=31481182
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 185311
expires: Fri, 20 Oct 2023 02:27:58 GMT

GET
H2 200 CWBK776G7FDK3DEDVPNVJFFKTI.jpg
www.chicagotribune.com/resizer/xCA-WkREve36pQr73O8ITdsgrBI=/1440x1080/filters:format(jpg):quality(70):focal(953x371:963x381)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 109 KB
109 KB 69ms
68ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/xCA-WkREve36pQr73O8ITdsgrBI=/1440x1080/filters:format(jpg):quality(70):focal(953x371:963x381)/cloudfront-us-east-1.images.arcpublishing.com/tronc/CWBK776G7FDK3DEDVPNVJFFKTI.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4aa8d61c6482d1973b71146c94dfe741f00f1d414a645249edb142e1f219bda5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 20 Oct 2022 17:26:43 GMT
server: Akamai Image Manager
etag: "1f88503e39820249d844044509326de62a954528"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31535055
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 111222
expires: Fri, 20 Oct 2023 17:25:51 GMT

GET
H2 200 Search_Icon.svg
www.chicagotribune.com/pf/resources/icons/ 1 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/icons/Search_Icon.svg?d=89

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 57TDXJTNX6ZEH88W
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 700
x-amz-id-2: jwDej5M7ZUELNAFsQiNhH8WIfeHqW+k/r7UrMM/ccDWTC4nfAWciyqR7G1YRB38PQM2f0kkuSqI=
last-modified: Fri, 14 Oct 2022 16:38:40 GMT
server: openresty
etag: W/"d947de375e50e50a1aa4f7951e3c56b0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
fusion-source: s3
cache-control: public, max-age=31536000
expires: Fri, 20 Oct 2023 17:41:36 GMT

GET
H2 200 ct.svg
www.chicagotribune.com/pf/resources/images/stacked/ 727 B
942 B 18ms
17ms Image
image/svg+xml 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/images/stacked/ct.svg?d=89

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4de3df3f8c41b969312c7f8fb0ec105ca4ceebfeff99e9c4c6552f017c8aeb2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: W2PKNHSE8PTMRWD8
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 460
x-amz-id-2: EhHxVRuIJmBqKBTPT4qljFTGYH6ajc7FKDTuDfES6yzlSPV3beNJMnyeT2z/WxLWLO5A7dSVQdM=
last-modified: Fri, 14 Oct 2022 16:38:40 GMT
server: openresty
etag: W/"95a011625b282ce688af84fdec6cf2ed"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
fusion-source: s3
cache-control: public, max-age=31536000
expires: Fri, 20 Oct 2023 17:41:36 GMT

GET
H2 200 7CLFIRHVPRC6TFCSXWGTT6ONL4.jpg
www.chicagotribune.com/resizer/tGaWfzeUN03Sux0sIgXK1ygljpA=/105x105/filters:format(jpg):quality(70):focal(1072x611:1082x621)/www.chicagotribune.com/resizer/nLb_NctXqVZF1tFBBcmklGGcg-s=/cloudfront-u... 3 KB
4 KB 49ms
44ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/tGaWfzeUN03Sux0sIgXK1ygljpA=/105x105/filters:format(jpg):quality(70):focal(1072x611:1082x621)/www.chicagotribune.com/resizer/nLb_NctXqVZF1tFBBcmklGGcg-s=/cloudfront-us-east-1.images.arcpublishing.com/tronc/7CLFIRHVPRC6TFCSXWGTT6ONL4.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9ecee7405e7c0e3fae846610dece808620f05b0af369f5309839da3a415bdb2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000
x-edgeconnect-origin-mex-latency: 215
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
x-check-cacheable: YES
x-edgeconnect-midmile-rtt: 14
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=215
content-length: 3272
last-modified: Thu, 20 Oct 2022 16:49:50 GMT
x-serial: 858
server: Akamai Image Manager
etag: "3c93ccbf0e5fd54bf136c58f5a680d6f76b979d2"
x-edgeconnect-cache-status: 3
content-type: image/jpeg
cache-control: private, no-transform, max-age=31532980
expires: Fri, 20 Oct 2023 16:51:16 GMT

GET
H2 200 2XWTZZQLK5A6XLZ3X2KE34J2K4.jpg
www.chicagotribune.com/resizer/WorjHrfc4e4fVcXfzQmj-bDOXJI=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/HaZEOV91fmzxDlw6TQafj-zGOXI=/cloudfront-us-east-1.images.arcpublis... 3 KB
4 KB 24ms
19ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/WorjHrfc4e4fVcXfzQmj-bDOXJI=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/HaZEOV91fmzxDlw6TQafj-zGOXI=/cloudfront-us-east-1.images.arcpublishing.com/tronc/2XWTZZQLK5A6XLZ3X2KE34J2K4.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7e11b79bb7aa3386881439c012bd9dfcd28b9129a93b47b9fc77e31aca01807e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 01 Jul 2022 03:50:49 GMT
x-serial: 1091
server: Akamai Image Manager
x-check-cacheable: YES
etag: "b3988ff907b2b461d32bf8228b452ff3202c0428"
content-type: image/jpeg
cache-control: private, no-transform, max-age=30223181
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3211
expires: Thu, 05 Oct 2023 13:01:17 GMT

GET
H2 200 V5H6QUDWCFCU3M5WFTESOKOICM.jpg
www.chicagotribune.com/resizer/o6ixApjVkCqXb2de4KbZ81H7wfg=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/Lpw1bHJTnaqmA6UrXULB4vk79Qo=/cloudfront-us-east-1.images.arcpublis... 3 KB
4 KB 37ms
33ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/o6ixApjVkCqXb2de4KbZ81H7wfg=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/Lpw1bHJTnaqmA6UrXULB4vk79Qo=/cloudfront-us-east-1.images.arcpublishing.com/tronc/V5H6QUDWCFCU3M5WFTESOKOICM.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9fd0e2219e9aa850f2f80ce0a66c95d2339f07bd62dfcf0e907f485ce92ea5a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 20 Oct 2022 11:37:31 GMT
server: Akamai Image Manager
etag: "024f68b1a0fa88ff4a939ccfb1bc5fde771ee3e0"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31514138
server-timing: cdn-cache; desc=HIT, edge; dur=11
content-length: 3472
expires: Fri, 20 Oct 2023 11:37:14 GMT

GET
H2 200 WBZ2COWBIVDK7AACQ6UPANDHKI.jpg
www.chicagotribune.com/resizer/pltb1osG2708WqeBSuqhTqk6ed4=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/6mJMHB-RLs_pnHRS2T0Pis4QE1s=/cloudfront-us-east-1.images.arcpublis... 3 KB
4 KB 62ms
58ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/pltb1osG2708WqeBSuqhTqk6ed4=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/6mJMHB-RLs_pnHRS2T0Pis4QE1s=/cloudfront-us-east-1.images.arcpublishing.com/tronc/WBZ2COWBIVDK7AACQ6UPANDHKI.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c3351101ed7737fdb60e36683bba0f053b7210f3e790960805a0a3016b2a01e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 20 Oct 2022 10:25:32 GMT
server: Akamai Image Manager
etag: "3f5bac59cac542fcd72a0e439c15bbda9e1fd2a0"
x-edgeconnect-cache-status: 1
content-type: image/jpeg
cache-control: private, no-transform, max-age=31509813
server-timing: cdn-cache; desc=HIT, edge; dur=34
content-length: 3226
expires: Fri, 20 Oct 2023 10:25:09 GMT

GET
H2 200 LHUAKBX2KRASPCE7D77PERPF4E.jpg
www.chicagotribune.com/resizer/AC36-I3dWgmOwX0TUiuvVvzovoM=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/vbjT2noDqXDbf1yck3SMe6YfYn4=/cloudfront-us-east-1.images.arcpublis... 3 KB
3 KB 35ms
32ms Image
image/jpeg 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/AC36-I3dWgmOwX0TUiuvVvzovoM=/105x105/filters:format(jpg):quality(70)/www.chicagotribune.com/resizer/vbjT2noDqXDbf1yck3SMe6YfYn4=/cloudfront-us-east-1.images.arcpublishing.com/tronc/LHUAKBX2KRASPCE7D77PERPF4E.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5064f5852a11e833dd49c946f9f0b96b40deb80019e3692a8fe977f1fc98f825

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 20 Oct 2022 10:07:57 GMT
x-serial: 1242
server: Akamai Image Manager
x-check-cacheable: YES
etag: "459a680426ecff6632d762fbed921b993db7a692"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31508741
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2876
expires: Fri, 20 Oct 2023 10:07:17 GMT

GET
H/1.1

200
OK

chiarc.min.js Show response
www.tribdss.com/meter/
Redirect Chain

https://www.tribdss.com/meter/chiarc.min.js
https://www.tribdss.com/meter/chiarc.min.js?disabled=international

34 KB
12 KB

17ms
17ms

Script
text/javascript

104.94.186.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tribdss.com/meter/chiarc.min.js?disabled=international

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

HTTP/1.1

Server

104.94.186.13 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-94-186-13.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

34ec1683d2642299e982025227fedb587004b36ef9d3abcf47999e7f62a8afff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:41:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 11338
X-Request-Id: 8c1ccf2ce6b0d0d6951850f1d519b83e
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.013004
X-Content-Digest: edc59c57da0cb7d5cdcceb066e2be3ce240b497d
Last-Modified: Tue, 27 Sep 2022 09:54:52 GMT
Server: Apache
X-Host-Info: e810c620889b,; 6bc1041e00adf70b2570b8110e71a863d7d26646 (HEAD -> refs/heads/release/2208.1.0, refs/remotes/origin/release/2208.1.0, refs/remotes/origin/release/2207.1.0) dss-17031 added service account for health check app
ETag: 5978707471600083914R
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, must-revalidate, max-age=623
Httpd-Identifier: e810c620889b
X-Rack-Cache: fresh

Redirect headers

Location: /meter/chiarc.min.js?disabled=international
Date: Thu, 20 Oct 2022 17:41:36 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK chiarc.min.js Show response
ssor.tribdss.com/reg/tribune/ 32 KB
11 KB 339ms
52ms Script
text/javascript 104.94.186.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssor.tribdss.com/reg/tribune/chiarc.min.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=89

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.94.186.13 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-94-186-13.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e55a7357b8009cd60522a366c3763ffadcbae3c4c675e8c81ac54668694c130c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:41:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 10836
X-Request-Id: 42e85dd28ab8b088486dc98c1c69bba5
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.006331
X-Content-Digest: f3127480aaad3028ae1e98166009cf3fecd02a60
Last-Modified: Thu, 13 Oct 2022 07:19:21 GMT
Server: Apache
X-Host-Info: 47c5d20acc33,; 39d580edae79301908e7c587815e40232f5c8738 (HEAD -> refs/heads/release/2210.1.0, refs/remotes/origin/release/2210.1.0) Merge branch 'jira/dss-17069-prepare-auth0-endpoints' into 'release/2210.1.0'
ETag: 3704056442319512821
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, must-revalidate, max-age=606
Httpd-Identifier: b3395bf60508
X-Rack-Cache: fresh

GET
H2 200 / Show response
dynpaywall-api-chicagotribune.ml.sophi.io/v1// 18 B
296 B 127ms
49ms XHR
application/json 13.225.78.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dynpaywall-api-chicagotribune.ml.sophi.io/v1//?domain_userid=&content_id=WG5RZGGAQNFWRC77YXNP3BL4LI&user_id=&localtime=2022-10-20%2017:41:36%20GMT0000&section=/suburbs/elgin-courier-news&referrer=
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-24.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: e7d087167c0499c0e6631ed829e4959c27f4408f5c24b883fc95dbc8dda75f53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 18
x-amz-cf-id: pA38YrRkGRSw4OGQ7NAD5NAU50UqkSaln04FxjmO_bJxy7kam6G_Zw==

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/ 356 KB
92 KB 77ms
20ms Script
application/javascript 2600:9000:211e:ee00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:ee00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f23076cd7060947c9ec0b1a21728b303079369833007c4fa3c895a5ee2fe60ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 18:40:30 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 82866
x-cache: Hit from cloudfront
content-length: 93783
x-xss-protection: mode=block
last-modified: Wed, 05 Oct 2022 19:18:40 GMT
server: CloudFront
etag: "bfbd52e6ecba0733a98ff2d581e4ca79"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: PZQaorQWVks3h4NW1Lp7hQr_jtXhDk55oZrzC1an82NrF_BvKBl-DQ==

GET
H2 200 resize-image-api-client Show response
www.chicagotribune.com/pf/api/v3/content/fetch/ 216 B
584 B 26ms
26ms Fetch
application/json 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chicagotribune.com/pf/api/v3/content/fetch/resize-image-api-client?query=%7B%22raw_image_url%22%3A%22https%3A%2F%2Fcloudfront-us-east-1.images.arcpublishing.com%2Ftronc%2FVET36BLXDBHFTHXXH2EV4KR3YU.jpg%22%7D&filter=%7B377x0%2C600x0%7D&d=89&_website=chicago-tribune

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/engine/react.js?d=89

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f50a5f52096f35c35e49d5abd3dd78e1227d38feb3871569e155e776e032c8ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 300
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=22
content-length: 188
x-aws-lambda-call-status: 200
last-modified: Thu, 20 Oct 2022 17:33:41 GMT
server: openresty
etag: W/"d8-C4ltUeg298o/A6z7LFaD0IvOS+o"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/json; charset=utf-8
fusion-source: lambda
cache-control: max-age=0
expires: Thu, 20 Oct 2022 17:41:36 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tribunedigital-network/ 2 MB
90 KB 44ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17fb464c7d1f2fb8ac6ef31e4428b5775213540b0c32889a05482cdd46146ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: 1qfJaWhKE0e8AOwqm0Vdf06dEgL9oSHr
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Oct 2022 17:41:36 GMT
x-amz-request-id: J2S35HPP42W24ZWQ
age: 21992
x-cache: HIT
content-length: 91608
x-amz-id-2: X0S1J0pbxuclMswr+LtPYlJlT7gJUpE5N4RbqALI667ZI6LWTHqA4iKjqYZtTOcm1FqkGKTeVSk=
x-served-by: cache-fra19172-FRA
last-modified: Thu, 20 Oct 2022 11:23:14 GMT
server: AmazonS3
x-timer: S1666287697.578613,VS0,VE1
etag: "4540496d5e8326d9410f549e68fc86f8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 57
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih Show response
smoggysnakes.com/ 92 KB
28 KB 93ms
30ms Script
text/javascript 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

0b4ca67fff166f77769b9bf8615c26d6c67b9559180055538f8eec623e37f156

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Thu, 20 Oct 2022 17:41:36 GMT
x-datacenter: gce-europe-west1
etag: "2bdfabb319550f4008ddb199f61a602a14d44c2a2e977767062704ab4804ee52"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-9csr
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 661392823
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 main.js Show response
tribune-chicagotribune.zeustechnology.com/ 323 KB
68 KB 67ms
18ms Script
application/javascript 99.86.4.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tribune-chicagotribune.zeustechnology.com/main.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/pf/dist/components/combinations/default.js?d=89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-16.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51cae6e659047234cfc380bfa2c641744db07624830296e39462d4ac601c6bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: d8XLVTMKAFRnxecY8aJH2KOQjWWijT0h
content-encoding: gzip
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
date: Thu, 20 Oct 2022 17:17:14 GMT
last-modified: Wed, 05 Oct 2022 20:35:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 1463
etag: W/"9db13c92532f563e0db9a059c6d35f5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,s-maxage=3600
x-amz-cf-id: lF9HiH97RVyMVrAaGWtB1aj-Uru0jtot0h-paJxXFAoZvUTkwqj0-Q==

GET
H2 200 Chicago_Tribune-chiblue.svg
www.chicagotribune.com/pf/resources/logo/ 13 KB
5 KB 19ms
17ms Image
image/svg+xml 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/pf/resources/logo/Chicago_Tribune-chiblue.svg?d=89

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 3GP22D002XT7873F
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5118
x-amz-id-2: qcOqB/RvbgieA6sBYuS4h/I2cB8uUOg+HnXHFE+dLnvr0YhG2RoagM/1Tc7krXpLfIXMYXNAD5s=
last-modified: Fri, 14 Oct 2022 16:38:41 GMT
server: openresty
etag: W/"71456cc06238c3a185cccb135bec0329"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
fusion-source: s3
cache-control: public, max-age=31536000
expires: Fri, 20 Oct 2023 17:41:36 GMT

GET
H2 200 chicagotribune.com Show response
pubcast-files.remixd.com/player-configs/ 41 KB
42 KB 67ms
15ms Fetch
application/json 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/chicagotribune.com
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e1c68dfa663345d3e1c77ef5790cef07631f32f42a834862d3b1917fdf8bf1f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 16:42:24 GMT
age: 3552
x-guploader-uploadid: ADPycdtaVXXnDqvUsz4-oT8o6qzDubGnoKB-be9rVPBVNYl6LOOmQ2IkjU_yNbwasmI93ks3GkkTOMhFO-8QmO2XDQgzww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41910
last-modified: Mon, 17 Oct 2022 18:30:23 GMT
server: UploadServer
etag: "c6053b58db80d57cc753476b83ac9420"
x-goog-generation: 1666031423237429
x-goog-hash: crc32c=GoFLxw==, md5=xgU7WNuA1XzHU0drg6yUIA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-meta-cache-control: public, no-cache, must-revalidate
x-goog-stored-content-length: 41910
accept-ranges: bytes
content-type: application/json
expires: Thu, 20 Oct 2022 17:42:24 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 55ms
34ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 153
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 75d38b97e866bb7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 23 Oct 2022 17:41:36 GMT

GET
H2 200 cs Show response
tribune.blueconic.net/DG/DEFAULT/ 16 B
698 B 447ms
96ms Script
text/javascript 52.205.55.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tribune.blueconic.net/DG/DEFAULT/cs?&callback=bc_json111

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.55.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-55-37.compute-1.amazonaws.com

Software

- /

Resource Hash

9059ed26cdd479b2a5e3fcd28b93d2f45e3030feaa0fd95bdb2f850486527fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 110ms
39ms Script
text/javascript 108.128.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.97.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-97-80.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 5b21b8433dd2f0b6b7be59e7c23f53a3a7cd9de6838c5a41b376ccea1e1d4828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1136
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/chicagotribune.com/ 56 KB
21 KB 41ms
11ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/chicagotribune.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Thu, 20 Oct 2022 05:40:02 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jan 2022 19:15:41 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 43293
etag: W/"61d5ee5d-df47"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: EKCfTNNKvUXThukl3WdBUARwPQcs-4uswyik44YP9816Wq9iRmbfKQ==
expires: Fri, 21 Oct 2022 05:40:02 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/15aac723-64c8-4b23-ab62-e238fd624c21/ 3 KB
2 KB 41ms
11ms Script
text/javascript 13.225.78.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/15aac723-64c8-4b23-ab62-e238fd624c21/launchpad-liveramp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-60.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51ae82135498270faf7037bc1034285965dcde3c43476a24ac83ab3d14322522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: QPdapfnTKadTbAF2NRlea4Urx3BTN8sm
content-encoding: gzip
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
date: Thu, 20 Oct 2022 00:37:37 GMT
x-amz-cf-pop: FRA2-C2
age: 61444
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Fri, 22 Apr 2022 17:52:36 GMT
server: AmazonS3
etag: W/"862af1285f6bfb523bc7fcb34a8cf69f"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: U5eyFka-_zWFq1wJ7qW5TNT3-8kINP42m5HRp_CAO-97tytOG4s2Iw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
13ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K8DK4V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Oct 2022 17:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2377
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 20 Oct 2022 19:01:59 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 15ms
13ms Script
application/x-javascript 2600:9000:20eb:2400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 16:45:42 GMT
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
x-amz-cf-pop: FRA2-C1
age: 3353
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 6FcT8u7d9UCUrC-dWhwHlMBjSr78fkAQj6NWqwW_vl4qykc3sKdgkg==
expires: Thu, 20 Oct 2022 18:45:42 GMT

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/latest/ 124 KB
42 KB 36ms
8ms Script
application/javascript 13.224.189.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/sophi.min.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-91.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 11:53:06 GMT
content-encoding: br
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-version-id: 77yKHytHO_pcAyQcoklw1dHdk4sqBtp0
last-modified: Tue, 04 Oct 2022 14:09:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 20911
x-amz-server-side-encryption: AES256
etag: W/"dfd164092f8d8abc70b55ba8c1bc2e80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: A_jGvqXa6PoLtFfP0q-TSH6WFunStsXPM-stNRsfuKaxr35EfXwp_w==

GET
H3

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma89701/fusion/9/
Redirect Chain

https://js.matheranalytics.com/s/ma89701/197837611/fusion/ml.js?cb=1607
https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js

150 KB
43 KB

47ms
17ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H3
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32e8506d2f282e7132820c2c989104e013938da8c2214f6442eaec6945918211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 22:56:36 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 26 May 2022 16:23:18 GMT
server: nginx
age: 67500
etag: "31cd74de581fdfc9a6c0d6883d695597"
vary: Accept-Encoding
x-cache: HIT Thu, 26 May 2022 16:34:23 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44258

Redirect headers

date: Thu, 20 Oct 2022 17:41:36 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma89701/fusion/9/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 6-gc-euw1-10927

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 38ms
10ms Image
text/plain 13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036462&ns__t=1666287696667&ns_c=UTF-8&c8=Elgin%20to%20spend%20more%20than%20%241.2%20million%20on%20DuPage%20Court%20overhaul&c7=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&c9=
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:36 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Td0oef769UOL7UAW6nB5DI4BCBqtI2hqlFkjEeU5eHpYlc8mrCYe5g==
x-cache: Miss from cloudfront

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 283 B
563 B 156ms
105ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=chicagotribune.com&domain=chicagotribune.com&path=%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ef23308e560722a029cf1582daae770cc7d5b93196138eb979dcb4d5951cd152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 20 Oct 2022 17:41:36 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 210
x-served-by: cache-fra19144-FRA
x-timer: S1666287697.737949,VS0,VE99
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 18 Oct 2022 17:41:36 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/tribunedigital-network/ 4 KB
2 KB 329ms
302ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/tribunedigital-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1772b2203205468529b2ce91b979cbfd4e7ac95f5cf55463fdbb313cf9708403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: .erCKV8rV4noOWlsx_.BL4YowH6CZP0S
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 20 Oct 2022 17:41:37 GMT
x-amz-request-id: HFF0WWYFFJVG3SRN
age: 348
x-cache: HIT, HIT
content-length: 1495
x-amz-id-2: vHSS153OcdhcUM7aARwWh/Z4WVvMfMZtWuwFz5ZY7xLaDLxntjLHbNJoxJOsPqPpOirRL3c6Ql0=
x-served-by: cache-sna10730-LGB, cache-fra19135-FRA
last-modified: Wed, 28 Sep 2022 00:04:05 GMT
server: AmazonS3
x-timer: S1666287697.787031,VS0,VE294
etag: "deaebca6acf5ec5384c07f3fead3d4a8"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 impl.20221020-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 688 KB
143 KB 9ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c6cce6beb8587b0075a75db191541a7370f872c50bcf924bc94d705e5af45cef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: LHVi_uHFfrfbj8jraF9Uf3XN.dLPWuYg
content-encoding: br
via: 1.1 varnish
date: Thu, 20 Oct 2022 17:41:36 GMT
x-amz-request-id: 97Q513BNFWYS34EZ
age: 23391
x-cache: HIT
content-length: 145799
x-amz-id-2: guE301VzqjyfTmgkrjDG5vAoDVm+KmzgsaBdPbID2Ea89covpPWsZKMumN85rIGnQ4jxRzPYZWs=
x-served-by: cache-fra19172-FRA
last-modified: Thu, 20 Oct 2022 11:11:46 GMT
server: AmazonS3-br
x-timer: S1666287697.762231,VS0,VE0
etag: "843237e8a641bcdbbdbd25e0be3eb694"
vary: Accept-Encoding
content-type: application/javascript
abp: 35
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 27511

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 13ms
13ms Script
application/javascript 13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tribunedigital-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 03:01:00 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 52841
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: aPOomqodr9JETmgc1g5a4pnq22SSHMo__msJhD4b4CNnHKqVocLKXg==

GET
H2 200 / Show response
cmp.osano.com/ Frame 16BC 4 KB
1 KB 8ms
7ms Document
text/html 2600:9000:211e:ee00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:ee00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41047
content-encoding: br
content-type: text/html
date: Thu, 20 Oct 2022 16:03:36 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-id: 0WYYv7K5teDvxeKkGNze4B9GD0BzHAYGHW9QzlJQeV5b21hxMWdbNQ==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 VET36BLXDBHFTHXXH2EV4KR3YU.jpg
www.chicagotribune.com/resizer/t2EKnPOzmmDEgVA2CqIYVzfPSwc=/600x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/ 10 KB
11 KB 34ms
34ms Image
image/webp 2a02:26f0:1700:16::b856:fbde
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.chicagotribune.com/resizer/t2EKnPOzmmDEgVA2CqIYVzfPSwc=/600x0/filters:format(jpg):quality(70)/cloudfront-us-east-1.images.arcpublishing.com/tronc/VET36BLXDBHFTHXXH2EV4KR3YU.jpg

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbde Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

95f77dcaac4925f0f3c748d3b5f8d141b42d5b0c0cb7433285122c24533d89e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Thu, 20 Oct 2022 17:41:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 20 Aug 2022 03:45:13 GMT
x-serial: 476
server: Akamai Image Manager
x-check-cacheable: YES
etag: "8b1299f5818fbdee903c0cf21bd1f23788c960ce"
x-edgeconnect-cache-status: 1
content-type: image/webp
cache-control: private, no-transform, max-age=30730820
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=272
content-length: 10530
expires: Wed, 11 Oct 2023 10:01:56 GMT

GET
BLOB 200
OK ee61deed-64f7-4bc2-8d78-ca96e000c3bf
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/ee61deed-64f7-4bc2-8d78-ca96e000c3bf
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 standard-player.html Show response
tags.remixd.com/player/v5/players/ 129 KB
30 KB 44ms
25ms Fetch
text/html 13.224.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/players/standard-player.html
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:34 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 3
x-cache: Hit from cloudfront
content-length: 29730
last-modified: Tue, 21 Jun 2022 15:31:59 GMT
server: AmazonS3
etag: "9a2e807a291cbaccaab15c40f0629813"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
cache-control: public,max-age=1800
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: VRNuLJF-iLlkh8052oap0MhbLQS-kuxgVfJar77dbrtLYec70wlvXw==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 300ms
96ms Image
image/gif 18.213.10.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicagotribune.com&p=%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&u=DYcnJD2EHO9CZOVUo&d=chicagotribune.com&g=3906&g0=suburbs%2Csuburbs%3Aelgin-courier-news&g1=Gloria%20Casas&n=1&f=00001&c=0&x=0&m=0&y=4551&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1073&t=CyOL1PDxplLm9g9JLRirYwDRDDp4&V=136&i=Elgin%20to%20spend%20more%20than%20%241.2%20million%20on%20DuPage%20Court%20overhaul&tz=0&sn=1&sv=EYaS73SicABRz8erBOTSJxIzbAq&sd=1&im=067b0fff&_
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.10.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-10-203.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Oct 2022 17:41:37 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 175ms
36ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1666287697000&plid=3795266&idsite=chicagotribune.com&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&sref=&sts=1666287696999&slts=0&title=Elgin+to+spend+more+than+%241.2+million+on+DuPage+Court+overhaul&date=Thu+Oct+20+2022+17%3A41%3A36+GMT%2B0000+(GMT)&action=pageview&pvid=92196326&u=pid%3Ddd2db406173947dd240fa72a4ceb0cb0
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:41:37 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 20-Oct-2022 17:41:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 31ms
30ms Image
image/gif 108.128.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3657344&ntv_pl=1109740
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.97.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-97-80.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 17:41:37 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 31ms
30ms Image
image/gif 108.128.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=6f58dcee-a197-4d25-85ff-cfa0c92c411f&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDbHxTBOCmQZkA8uWQ5a9MCdWuxaTKJ7B4_7A4bWx2adOW_p00cPtEw0mm2lsbzWnCg6CCR4GlSwiVKGgESkqwGKYWGJKgSRLAfq-jfoJko1WfVTggXaeZVe5UReYG0sJHfd3Uretr9YPFpfbS6eOvwcsHYTyC0VthrqMUug3moNT7vMDy2yL9Q4w5EL0dao7tujSOQxpqA84RZi9FoiswovvAckquLsSKLLmGQB-6Cd1pJB01AYK6vMgQ-ZZC5oWhnodHA2mOvtfhOX7ifxNzGM&ntv_ht=UIhRYwA&ntv_at=303,302&ntv_a=AAAAAAAAAA7O4QA&ord=1666287697009&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.97.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-97-80.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 17:41:37 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 30ms
29ms Image
image/gif 108.128.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=6f58dcee-a197-4d25-85ff-cfa0c92c411f&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDbHxTBOCmQZkA8uWQ5a9MCdWuxaTKJ7B4_7A4bWx2adOW_p00cPtEw0mm2lsbzWnCg6CCR4GlSwiVKGgESkqwGKYWGJKgSRLAfq-jfoJko1WfVTggXaeZVe5UReYG0sJHfd3Uretr9YPFpfbS6eOvwcsHYTyC0VthrqMUug3moNT7vMDy2yL9Q4w5EL0dao7tujSOQxpqA84RZi9FoiswovvAckquLsSKLLmGQB-6Cd1pJB01AYK6vMgQ-ZZC5oWhnodHA2mOvtfhOX7ifxNzGM&ntv_ht=UIhRYwA&ntv_at=323&ntv_a=AAAAAAAAAA7O4QA&ntv_jtr=5&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.97.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-97-80.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 17:41:37 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 31ms
31ms Image
image/gif 108.128.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=6f58dcee-a197-4d25-85ff-cfa0c92c411f&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDbHxTBOCmQZkA8uWQ5a9MCdWuxaTKJ7B4_7A4bWx2adOW_p00cPtEw0mm2lsbzWnCg6CCR4GlSwiVKGgESkqwGKYWGJKgSRLAfq-jfoJko1WfVTggXaeZVe5UReYG0sJHfd3Uretr9YPFpfbS6eOvwcsHYTyC0VthrqMUug3moNT7vMDy2yL9Q4w5EL0dao7tujSOQxpqA84RZi9FoiswovvAckquLsSKLLmGQB-6Cd1pJB01AYK6vMgQ-ZZC5oWhnodHA2mOvtfhOX7ifxNzGM&ntv_ht=UIhRYwA&ntv_at=806&ntv_a=AAAAAAAAAA7O4QA&ntv_sat=5&ord=1666287697017&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.97.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-97-80.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 17:41:37 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 30ms
30ms Image
image/gif 108.128.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1115555&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.97.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-97-80.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 17:41:37 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 308ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 5
content-length: 0
date: Thu, 20 Oct 2022 17:41:37 GMT
server: nginx

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
228 B 291ms
100ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Thu, 20 Oct 2022 17:41:37 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
8 KB 69ms
11ms Script
application/x-javascript 13.226.153.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-21.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: br
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9604.cloudfront.net (CloudFront)
date: Thu, 20 Oct 2022 17:12:14 GMT
x-amz-cf-pop: DUS51-C1
age: 1764
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: D5xPC6Q_eELEea9gyv3ZD-8l1QIn7mbNx2o7CaD46luj-OUOkSjOvw==

GET
H2 200 read_auth Show response
authenticate.chicagotribune.com/ 101 B
695 B 885ms
175ms Script
application/javascript 54.202.115.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://authenticate.chicagotribune.com/read_auth?product_code=chiarc&master_id=&callback=jQuery237976941085477730_202106985060558560

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.202.115.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-202-115-110.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5348a314708b862d24952aef1498cf359149f0dbbd24e85be992d3caa87968f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-request-id: fa02620631df7b2629da221fe010ba73
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.002794
server: Apache
x-host-info: 5c5afd7b2e47,; 39d580edae79301908e7c587815e40232f5c8738 (HEAD -> refs/heads/release/2210.1.0, refs/remotes/origin/release/2210.1.0) Merge branch 'jira/dss-17069-prepare-auth0-endpoints' into 'release/2210.1.0'
etag: "dc788a1c1f40402be83b269dc48c8634"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: must-revalidate, private, max-age=0
httpd-identifier: 5c5afd7b2e47
x-rack-cache: miss

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 149 KB
46 KB 80ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a274d807ff49c89235376b78c95e39abaa08257a24df13b1f9837bc81ec98116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46717
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 21:18:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 17:57:44 GMT

GET
H/1.1

200
OK

chiarc-reaction-1q2w3-1580939748189956228.min.js Show response
www.tribdss.com/meter/assets/
Redirect Chain

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js
https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

64 KB
15 KB

27ms
27ms

Script
text/javascript

104.94.186.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tribdss.com/meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

HTTP/1.1

Server

104.94.186.13 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-94-186-13.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 17:41:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Status: 200 OK
Connection: keep-alive
Content-Length: 14251
X-Request-Id: 36790d8fb9e612530b4ba84a3465a1e4
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.009261
X-Content-Digest: c9ca80d4d04a3c68e0ddbe3fb7bf02448f0875e0
Last-Modified: Tue, 27 Sep 2022 09:54:52 GMT
Server: Apache
X-Host-Info: 362a1f820431,; 6bc1041e00adf70b2570b8110e71a863d7d26646 (HEAD -> refs/heads/release/2208.1.0, refs/remotes/origin/release/2208.1.0, refs/remotes/origin/release/2207.1.0) dss-17031 added service account for health check app
ETag: 1580939748189956228
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=29520759
Httpd-Identifier: 362a1f820431
X-Rack-Cache: fresh

Redirect headers

Location: /meter/assets/chiarc-reaction-1q2w3-1580939748189956228.min.js?disabled=international
Date: Thu, 20 Oct 2022 17:41:37 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 features Show response
zephr.chicagotribune.com/zephr/ 3 KB
1 KB 373ms
14ms Fetch
application/json 13.225.78.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/features
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-34.fra2.r.cloudfront.net
Software: /
Resource Hash: 65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:40:19 GMT
content-encoding: gzip
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 78
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: public, max-age=300
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: tTOkCe_9mNlMD_cFTQQabHDhCX7IRgBOFZmXdb7P3oj0ZubAxCFYWg==
x-blaize-request: ffffffffd40c1323

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 528ms
99ms Image
image/gif 3.219.38.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Elgin%20to%20spend%20more%20than%20%241.2%20million%20on%20DuPage%20Court%20overhaul&artpubt=1666130273&artsrc=Elgin%20Courier-News&artupt=1666130273&auth=Gloria%20Casas&cms=fusion&hier=suburbs%7Celgin-courier-news&ptype=story&prem=premium&pubname=chicagotribune&sec=suburbs&wrdcnt=446&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=afbedacd-0964-4cb0-99df-73c70c371f78&pid=01a42183-1191-4060-ac4a-886365cf1888&dtm=1666287697126&qnm=_matherq&visible=1&tabid=70431fda-ad62-42bc-a4fb-4fc546e9a9c3&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&vp=1600x1200&ds=1600x4551&tofa=1666287697&vid=1&lvidt=1666287697&duid=50488088a829f10d&fp=1496457183&cid=ma89701&mrk=197837611&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY2NjI4NzY5NTg5MSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNy4xbWIiLCJoZWFwVCI6IjIxLjdtYiIsImZzdFBhaW50IjoiNDA4IiwiZmV0Y2hTIjoiMCIsImRvbWFpblMiOiIyIiwiZG9tYWluRSI6IjIyOSIsImNvbm5TIjoiMjI5IiwiY29ubkUiOiIyNTEiLCJzc2xTIjoiMjM1IiwicmVxdVMiOiIyNTEiLCJyZXNwUyI6IjI4MCIsInJlc3BFIjoiMzM2IiwiZG9tTG9hZCI6IjI4MyIsImRvbUludGVyIjoiNDI5IiwiZG9tTG9hZFMiOiI0OTIiLCJkb21Mb2FkRSI6IjU1MSJ9LCJhdWRpZW5jZSI6W3sicHJvdmlkZXIiOiJ1c2VyREIiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiIwMWE0MjE4My0xMTkxLTQwNjAtYWM0YS04ODYzNjVjZjE4ODgifSx7InByb3ZpZGVyIjoiaVNlZ3MiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiIwMWE0MjE4My0xMTkxLTQwNjAtYWM0YS04ODYzNjVjZjE4ODgifV19
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-38-131.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Thu, 20 Oct 2022 17:41:37 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 json Show response
trc.taboola.com/tribunedigital-chicagotribune/trc/3/ 68 KB
20 KB 1179ms
1172ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tribunedigital-chicagotribune/trc/3/json?tim=17%3A41%3A37.170&lti=deflated&data=%7B%22id%22%3A600%2C%22ii%22%3A%22%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1666264959935%2C%22vi%22%3A1666287697166%2C%22cv%22%3A%2220221020-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgGMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIF5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAA.YAAAAAAAAAAA%22%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html%22%2C%22vpi%22%3A%22%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4551%2C%22nsid%22%3A%22tribunedigital-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22below-article-thumbs_ARC%22%2C%22orig_uip%22%3A%22below-article-thumbs_ARC%22%2C%22cd%22%3A3911.6875%2C%22mw%22%3A946.65625%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22orig_uip%22%3A%22taboola-right-rail-thumbnails_arc%22%2C%22cd%22%3A3077%2C%22mw%22%3A453.34375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html%2Cbelow-article-thumbs_ARC%3Dthumbs-1r%3Apub%3Dtribunedigital-network%3Aabp%3D0%2C%2Ctaboola-right-rail-thumbnails_arc%3Dthumbnails-rr2%3Apub%3Dtribunedigital-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 09a559dcf9b8ba4e8816880fa68d2f43d6d2bd2ce10da9222a488fba58cadf1c

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 1165
date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra19172-FRA
server: nginx
x-timer: S1666287697.179774,VS0,VE1165
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.chicagotribune.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 FUtg69tL.js Show response
cdn.jwplayer.com/libraries/ Frame 1822 118 KB
42 KB 61ms
11ms Script
text/javascript 2600:9000:225e:2e00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2e00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 3164fb53fad3444207a734d4dfae142f789d9de60bb10a7473f7877244f90a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:27 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 10
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
content-length: 42238
x-amz-cf-id: HfWw5Vumc0CqLbuvANlv0uRzoejNtgBx4117EF5-42kGrzDcHJi93g==

POST
H2 200 110 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 47 KB
10 KB 402ms
402ms XHR
application/json 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/110?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&bcsessionid=&bctempid=&overruleReferrer=&time=2022-10-20T17%3A41%3A37%2B00%3A00&ts=1666287697224

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

e081bf7305b257f0b11e7939573352598140f9c77bc95eb15d363b759f4105e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 8849
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: wCbSIc3e7zj2rSzKjMPmzVzalCAEMc-JWaN_5g6x3Q_O_WCyGYnaGw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 8ms
8ms Fetch
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Oct 2022 01:05:13 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront), 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA53-C1
age: 59784
x-amzn-requestid: bcca1e4b-9b9b-4d4d-b973-a7ef090e0835
x-amzn-trace-id: Root=1-63509ec9-1a300ccb69cf75b503e2a0dd;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: aR2_jFYPjoEFYqQ=
content-length: 30
x-amz-cf-id: _EX6987JOBcZhP55N0bMiVWK4Y2g5kEdLo0hEbTCwTNX16zFxlCyxQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 73ms
39ms Preflight
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 20 Oct 2022 17:41:37 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront), 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-apigw-id: aUI8uEl2joEFv6g=
x-amz-cf-id: Nu44TeRch1cm1UrjS15Xd3NkEvtGHD__MDNkgzCy6MpwmF9MADYRow==
x-amz-cf-pop: FRA53-C1 FRA53-C1
x-amzn-requestid: 4d1e598b-a7c2-4015-84f7-6e98b3f8bf90
x-cache: Miss from cloudfront

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 60ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 18:18:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 18:23:31 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 51ms
18ms Other
image/svg+xml 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 18:07:38 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/chicagotribune.com/ 2 B
58 B 113ms
85ms Fetch
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/chicagotribune.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 238ms
30ms XHR
application/json 2a02:26f0:7100:594::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=DA9NK-5NF4A-5FWA6-EFVPV-RL87Z&d=www.chicagotribune.com&t=5554292&v=1.720.0&sl=0&si=fe059469-2da4-4823-92f7-de13a1042058-rk2btc&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=544467
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/DA9NK-5NF4A-5FWA6-EFVPV-RL87Z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:594::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 385b775f1349e9d369a6c6f63a0aafc11c22515ca8c97f2303038a2c6cdaf858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Oct 2022 17:41:37 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H3 200 css2
fonts.googleapis.com/ Frame 1822 3 KB
492 B 59ms
26ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:29:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Oct 2022 17:41:37 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame 1822 43 B
582 B 309ms
138ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=0&sessionId=a31f0cfb-f20d-48b8-b4c7-7150bbe78127&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
x-guploader-uploadid: ADPycduyPe3h2JHuwu6LkpDhJ3AphTq1TsYITA3KufT5fKJbkVhVC_TEiTR8iqHLDNoSWUiiqA2bDJ7fXocu6_PAOLTAiQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Fri, 20 Oct 2023 17:41:37 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame 1822 43 B
193 B 428ms
257ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=a31f0cfb-f20d-48b8-b4c7-7150bbe78127&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
x-guploader-uploadid: ADPycduFNhMudE5GJNjfnd8x66wGWwKs9VUQZhZxQKs6_vp9yA-5ANNTw1eViErgOADRe05mYVVAl3RhrfCyYKegtXeEnQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Fri, 20 Oct 2023 17:41:37 GMT

GET
H2 200 ping.gif
player-files.remixd.com/ Frame 1822 43 B
192 B 560ms
389ms Image
image/gif 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&domain=chicagotribune.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=a31f0cfb-f20d-48b8-b4c7-7150bbe78127&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
x-guploader-uploadid: ADPycduHVk955DQSlLSMzjo5EzjP1JhlC1TGMOV5BoIXpjjxBSQAnpQJRjo7QDXqy9cH4yM8mOkUSTTov8chuc9Q1i0h-w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Wed, 23 Oct 2019 15:45:02 GMT
server: UploadServer
etag: "cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation: 1571845502045744
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers: Content-Type
cache-control: no-cache, no-store, must-revalidate
x-goog-stored-content-length: 43
accept-ranges: bytes
expires: Fri, 20 Oct 2023 17:41:37 GMT

GET
H3

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 38DC
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com
https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com

26 KB
8 KB

79ms
78ms

Document
text/html

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85abff98673582184da6512ffaa91cf207ab6d94808f8d0beed07cb7ef7a05f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-asHapYKVXcbNKtxGKgwmhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-asHapYKVXcbNKtxGKgwmhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Thu, 20 Oct 2022 17:41:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-OmtvY4pLaIRLGgaPBw1Tyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Thu, 20 Oct 2022 17:41:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 1822 20 KB
20 KB 45ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 22:25:57 GMT
x-content-type-options: nosniff
age: 155740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 22:25:57 GMT

GET
H3 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 1822 21 KB
21 KB 45ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:59:55 GMT
x-content-type-options: nosniff
age: 38502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 06:59:55 GMT

POST
H2 200 feature-decisions Show response
zephr.chicagotribune.com/zephr/ 10 KB
3 KB 69ms
46ms Fetch
application/json 13.225.78.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-34.fra2.r.cloudfront.net
Software: /
Resource Hash: a4f96c799c83f1785a3c8d50c7927cf587536a683e7447df4bc4903b16954863

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: i7GGjKiJnlldk0ac-CnyUTT_tQNGk3GaTkr2AZ3sP9xET7tcWuzmOw==
x-blaize-request: 1746d617

OPTIONS
H2 200 feature-decisions
zephr.chicagotribune.com/zephr/ Frame 0
0 75ms
75ms Preflight 13.225.78.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-34.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin: https://www.chicagotribune.com
content-length: 0
date: Thu, 20 Oct 2022 17:41:37 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-id: QeUh2wce0NmLP-Jpu6n36EWAvlUHvHnGXYU9bRgqeVOMItqRWwsTgg==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 38DC 0
25 B 67ms
65ms Other
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-6bB2aY-AFg6jHntHqcbxCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-6bB2aY-AFg6jHntHqcbxCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 38DC 21 KB
6 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 18:18:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 18:23:31 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI... Frame 38DC 172 KB
61 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6Jsu6RawnFOgq7b6lb-6OflfLYFA/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ac376dd4e310a2aae2674eefbbf3d52da86de9e608c24ed84901531af8b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61803
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 00:02:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 15:46:24 GMT

GET
H2 200 95eb14dfdee28fd91b988f5c4e62e0ae Show response
r610.chicagotribune.com/plugin/plugin/ 63 KB
15 KB 9ms
8ms Script
text/javascript 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/plugin/plugin/95eb14dfdee28fd91b988f5c4e62e0ae

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

d9f320c79dc763f8481c24d7d29989ddcb92f0e4f6f426b41d20d72fc51b8f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
age: 1135916
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 15268
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Oct 2022 14:09:41 GMT
server: -
etag: 95eb14dfdee28fd91b988f5c4e62e0ae
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: nQs_pskx3iM9SAQ9v9D0Ilv36upKJ8iA_oKtstLLcE9zuAXGFC0ZaQ==
expires: Sat, 07 Oct 2023 14:09:41 GMT

POST
H2 200 feature-decisions Show response
zephr.chicagotribune.com/zephr/ 29 KB
7 KB 172ms
171ms Fetch
application/json 13.225.78.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Requested by: Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.9/zephr-browser.umd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-34.fra2.r.cloudfront.net
Software: /
Resource Hash: f8754f1e349ea9ec40863a0cfe1776b7fc238482eab7151992fbea8e1610b969

Request headers

Accept: application/json
Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id: c3hiEFSn9JVeUteam9hXhYk-rCtqv0J65vuVf_aSYwndyjOzpab4Ug==
x-blaize-request: 5d5f00c

OPTIONS
H2 200 feature-decisions
zephr.chicagotribune.com/zephr/ Frame 0
0 79ms
79ms Preflight 13.225.78.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zephr.chicagotribune.com/zephr/feature-decisions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-34.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin: https://www.chicagotribune.com
content-length: 0
date: Thu, 20 Oct 2022 17:41:37 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-id: W_odq56V7YztHt5wQm08OPUybkvh1k3ZLio_Bu6JVsBgbsixi3gcDg==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 e52460a70d6e332e1c2525464eedfc0b Show response
r610.chicagotribune.com/plugin/library/ 194 KB
59 KB 15ms
15ms Script
text/javascript 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/plugin/library/e52460a70d6e332e1c2525464eedfc0b

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

c546a0c5a9b1164c5f8bd5d164eb093107f3755d7247189cb6ced71f20fda06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
age: 1135914
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 60063
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Oct 2022 14:09:43 GMT
server: -
etag: e52460a70d6e332e1c2525464eedfc0b
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: sFeOu0CFDRaGIYDTmIBBOAICEowCOtpIu4JIFbrkkCSCNW0xvTs0Qw==
expires: Sat, 07 Oct 2023 14:09:43 GMT

POST
H2 200 LB-Zone-2 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/110/ 2 KB
1 KB 378ms
378ms XHR
application/json 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/110/LB-Zone-2?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&bcsessionid=&bctempid=9c8a93c2-95a3-4d4f-bcd6-605e50296dba&overruleReferrer=&time=2022-10-20T17%3A41%3A37%2B00%3A00&ts=1666287697660

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

2a762b90980fe85c3de2c20008cff700214b88e2bdd07fd1ab1f5e870338d5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 699
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: KFEgZey_vVfFkT0fSqn9aLN-ECBA_PggGCnJYNugE41yJy20Qj7sBg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38DC 15 KB
15 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462857&publicationId=chicagotribune.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 174896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Oct 2023 17:06:41 GMT

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1... Frame 38DC 135 KB
45 KB 66ms
16ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1.O/am=ygAAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6mnO4h943LM8wP6Ca1hIlKzMXjCA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/am=ygAAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6Jsu6RawnFOgq7b6lb-6OflfLYFA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e208c369f47fd7ff11fae207abc5acc50db1d52823f4a9b5ab74f88a0656d7c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46245
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 00:02:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 17:00:17 GMT

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
227 B 98ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Thu, 20 Oct 2022 17:41:37 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 97ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 5
content-length: 0
date: Thu, 20 Oct 2022 17:41:37 GMT
server: nginx

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1... Frame 38DC 1 KB
726 B 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1.O/am=ygAAAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6mnO4h943LM8wP6Ca1hIlKzMXjCA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10fe596eff466213fc8e36e91a21d3e60f4f43d1c33d1d52a4068f0391aa63c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 700
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 00:02:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 17:00:17 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 38DC 505 B
386 B 44ms
43ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-1980595399455298356&bl=boq_subscribewithgoogleclientserver_20221017.07_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=63698&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac78e6941d881d41e0ee6b133b3f2b9b0c0b0f6c23a4285aaa30dc5a770bf2a2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1... Frame 38DC 17 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.qp8D37KiuBA.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XzRXQSkFNKY.L.B1.O/am=ygAAAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6mnO4h943LM8wP6Ca1hIlKzMXjCA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3415e4823b65c682afb0b4f3186894b41537148c123ac1941c8c307aa28bb449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7223
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 00:02:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 17:00:18 GMT

POST
H2 200 log Show response
play.google.com/ Frame 38DC 131 B
672 B 65ms
23ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Oct 2022 17:41:37 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
427 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

690ccd1d5147450547924d553c47ba22f8d9c3fc79c5357e5e51df1f709cca1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 17:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:41:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Oct 2022 17:41:37 GMT

POST
H3 200 log Show response
play.google.com/ Frame 38DC 131 B
155 B 56ms
25ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Oct 2022 17:41:38 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 54ms
22ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 20 Oct 2022 17:41:38 GMT
expires: Thu, 20 Oct 2022 17:41:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 38DC 131 B
155 B 54ms
24ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Oct 2022 17:41:38 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 53ms
24ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 20 Oct 2022 17:41:38 GMT
expires: Thu, 20 Oct 2022 17:41:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 38DC 131 B
155 B 55ms
24ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Oct 2022 17:41:38 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 49ms
22ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 20 Oct 2022 17:41:38 GMT
expires: Thu, 20 Oct 2022 17:41:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:10:10 GMT
x-content-type-options: nosniff
age: 174687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:10:10 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.chicagotribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 174863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:07:14 GMT

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
227 B 98ms
97ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.chicagotribune.com
date: Thu, 20 Oct 2022 17:41:38 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 98ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.chicagotribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.chicagotribune.com
access-control-max-age: 5
content-length: 0
date: Thu, 20 Oct 2022 17:41:38 GMT
server: nginx

GET
H2 200 web Show response
onesignal.com/api/v1/sync/3f49be5a-bc89-48d8-b745-f51873a6c36f/ 6 KB
2 KB 29ms
18ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/3f49be5a-bc89-48d8-b745-f51873a6c36f/web?callback=__jp0

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015f97085d087810badf86ad9e67a3fd6ad759ae74a595b074e93b5fdc2ac6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 155
cf-polished: origSize=5659
status: 200 OK
x-envoy-upstream-service-time: 29
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9c949249-1c53-4db5-8c79-7152fb1c0f4d
x-runtime: 0.026642
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"e72229194a37c95150a4cf26abbb1bdc"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 75d38ba0bab05b74-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 20 Oct 2022 18:41:38 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 7E98 0
0 91ms
21ms Document
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.chicagotribune.com
URL: https://www.chicagotribune.com/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.chicagotribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 20 Oct 2022 17:41:37 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 204 c780cfde9d493686
pixel.sitescout.com/iap/ 0
191 B 87ms
22ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/c780cfde9d493686
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 20 Oct 2022 17:41:38 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 stats Show response
r610.chicagotribune.com/rest/recommendations/ 14 B
856 B 383ms
383ms Script
text/javascript 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/rest/recommendations/stats?storeId=699df7a9-502c-4c05-85b0-78cce8b0f987&action=view&itemId=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&profileId=9c8a93c2-95a3-4d4f-bcd6-605e50296dba&isEntrypage=true&hash=49a9ccd81309c4d860f80e1e0901e79b&lastmodified=1666130272000&&callback=bc_json112

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

09108a1ffdbe53f546c38a9209313f34421fc852aabcc7a478bfe69bbc795465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 34
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
x-amz-cf-id: UYguhb0AKNn31GNCPjW_7K_Oo4MGmEiuMPTz60z55sspa3Z9z4wXJA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 110 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 383 B
1 KB 378ms
378ms XHR
application/json 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/110?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&bcsessionid=9c8a93c2-95a3-4d4f-bcd6-605e50296dba&bctempid=&overruleReferrer=&time=2022-10-20T17%3A41%3A38%2B00%3A00&ts=1666287698113

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

89318465a9eaa3ceca9c205ab47d78a0205bbba44942b8aef3b8c7b56d2375d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 180
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: QNe8Qac47O5PS-VaZ8RCR-kKB24MJnWKqQIuY5ikcV_ZthBbkeo1Eg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 110 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 192 B
1 KB 378ms
378ms XHR
application/json 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/110?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&bcsessionid=9c8a93c2-95a3-4d4f-bcd6-605e50296dba&bctempid=&overruleReferrer=&time=2022-10-20T17%3A41%3A38%2B00%3A00&ts=1666287698114

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

2db4e8ae406c92bc7bd98099e643814f36c74b3112a90b9d9bab20a761d66786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: EV1SRSskPcMeWi1BxxBT8qXvSZKuR1TkcsGIB1PZ2zQrP5WiJ4CxXw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 851595cc-d0f5-4f25-9d1b-c9ce54bf37c5
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/851595cc-d0f5-4f25-9d1b-c9ce54bf37c5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 40a63505-3364-4574-a6ce-550a60d7c7a4
https://www.chicagotribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.chicagotribune.com/40a63505-3364-4574-a6ce-550a60d7c7a4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 97ms
97ms Image
image/gif 3.219.38.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Elgin%20to%20spend%20more%20than%20%241.2%20million%20on%20DuPage%20Court%20overhaul&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=a4e5064f-a4b7-498d-a673-81d50e344ced&pid=01a42183-1191-4060-ac4a-886365cf1888&dtm=1666287698132&qnm=_matherq&visible=1&tabid=70431fda-ad62-42bc-a4fb-4fc546e9a9c3&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&vp=1600x1200&ds=1600x4551&tofa=1666287697&vid=1&lvidt=1666287697&duid=50488088a829f10d&fp=1496457183&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsidHlwZSI6InBheXdhbGwiLCJjYXRlZ29yeSI6ImJsb2NrIiwiYWN0aW9uIjoic3RvcCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJSZWNfUGF5d2FsbF9UZXN0Iiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vMSIsIm91dGNvbWVMYWJlbCI6IlNpdGUgTm90IEZvdW5kIn1dLCJtZXRlciI6e30sInRyaWFsVHJhY2tpbmdEZXRhaWwiOnt9LCJ2ZW5kb3IiOiJ6ZXBociIsImZsb3dyZWYiOnsiZGF5MCI6eyJmbG93IjoicGF5d2FsbCIsInRpZCI6ImE0ZTUwNjRmLWE0YjctNDk4ZC1hNjczLTgxZDUwZTM0NGNlZCIsInRpbWUiOiIxNjY2Mjg3Njk4In0sImRheTUiOnsidGltZSI6IjE2NjYyODc2OTgifSwiZGF5MzAiOnsidGltZSI6IjE2NjYyODc2OTgifX19LCJhdWRpZW5jZSI6W3sicHJvdmlkZXIiOiJ1c2VyREIiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiIwMWE0MjE4My0xMTkxLTQwNjAtYWM0YS04ODYzNjVjZjE4ODgifSx7InByb3ZpZGVyIjoiaVNlZ3MiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfRklSU1RUSU1FTUVUMl8yMDE5MTAxNiJdLCJwYWdlSWQiOiIwMWE0MjE4My0xMTkxLTQwNjAtYWM0YS04ODYzNjVjZjE4ODgifV19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-38-131.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Thu, 20 Oct 2022 17:41:38 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 110 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 1 KB
2 KB 110ms
109ms XHR
application/json 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/110?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&bcsessionid=9c8a93c2-95a3-4d4f-bcd6-605e50296dba&bctempid=&overruleReferrer=&time=2022-10-20T17%3A41%3A38%2B00%3A00&ts=1666287698138

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

bd25dea85e5a6d010f318aafdc126c0a9379100563cf83b4b8d32f14e1a06303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 649
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 1AXW7vLQRH_wS3aHPIF25pZ-JYt6EycqxlyKvTIxLcuTAHlqRIudbw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 47ms
47ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/f15ebf08-7008-40fe-9af3-db96dc3e8266/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 151
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 75d38ba17913bb7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Nov 2022 17:41:38 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 98ms
98ms Image
image/gif 3.219.38.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Elgin%20to%20spend%20more%20than%20%241.2%20million%20on%20DuPage%20Court%20overhaul&tv=js-3.0.153&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=9&tvcfg=fusion&tid=f0584065-41ba-481a-8151-9c90a7859f2d&pid=01a42183-1191-4060-ac4a-886365cf1888&dtm=1666287698135&qnm=_matherq&visible=1&tabid=70431fda-ad62-42bc-a4fb-4fc546e9a9c3&url=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&vp=1600x1200&ds=1600x4551&tofa=1666287697&vid=1&lvidt=1666287697&duid=50488088a829f10d&fp=1496457183&cid=ma89701&mrk=197837611&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoiY29udGVudCIsIm91dGNvbWVzIjpbeyJmZWF0dXJlTGFiZWwiOiJSZWNfUGF5d2FsbF9UZXN0Iiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vMSIsIm91dGNvbWVMYWJlbCI6IlNpdGUgTm90IEZvdW5kIn0seyJmZWF0dXJlTGFiZWwiOiJUb2FzdGVyIiwib3V0Y29tZUlkIjoidHJhbnNmb3JtYXRpb24vMTQ3Iiwib3V0Y29tZUxhYmVsIjoiQy1DVC1JWi1ELU4tVHN0In1dLCJtZXRlciI6e30sInRyaWFsVHJhY2tpbmdEZXRhaWwiOnt9LCJvdXRjb21lTGFiZWwiOiJTaXRlIE5vdCBGb3VuZCIsInZlbmRvciI6InplcGhyIiwidHlwZSI6InVua25vd24ifSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiMDFhNDIxODMtMTE5MS00MDYwLWFjNGEtODg2MzY1Y2YxODg4In0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0ZJUlNUVElNRU1FVDJfMjAxOTEwMTYiXSwicGFnZUlkIjoiMDFhNDIxODMtMTE5MS00MDYwLWFjNGEtODg2MzY1Y2YxODg4In1dfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-38-131.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Thu, 20 Oct 2022 17:41:38 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 110 Show response
r610.chicagotribune.com/DG/DEFAULT/rest/rpc/ 383 B
1 KB 375ms
375ms XHR
application/json 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r610.chicagotribune.com/DG/DEFAULT/rest/rpc/110?referer=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&bcsessionid=9c8a93c2-95a3-4d4f-bcd6-605e50296dba&bctempid=&overruleReferrer=&time=2022-10-20T17%3A41%3A38%2B00%3A00&ts=1666287698251

Requested by

Host: r610.chicagotribune.com
URL: https://r610.chicagotribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-66.fra53.r.cloudfront.net

Software

- /

Resource Hash

4357295557e9d4709731d2d574b6639e6a171c9d35f6982d7accd7c841cb974a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 180
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: m2z5b0tsut8LAcMq77H3fKlwhIA6Hj5N5VOOomc1XNCLb8JJdvkLvg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tb Show response
15.taboola.com/ 5 KB
3 KB 41ms
18ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=tribunedigital-chicagotribune&unitType=244&tbloc=&pageType=text&pstn=below-article-thumbs_ARC&uuip=Feed%20-%20below-article-thumbs_ARC&cisrf=&cirf=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&encoded=1&uid=0efa4542-b496-4b39-ae32-1b3cc79bbc3f-tucta4b0dd1&variant=779094|940&callback=TRC.videoTagCallbacks.videoCallback1&cb=1666287698423&tagid=&cntry=DE&platform=1&sesid=488b3209721690aae887b402edb1fda3&itemid=/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&viewid=1666287697166&geolat=&geoing=&deviceifa=&appid=&sd=&ri=71dae7cd6522d52e47594f2cc27a3740&appname=&cdb=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgGMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIF5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAA.YAAAAAAAAAAA&gdprApplies=true&rid=&sii=-7476017635778299342&oee=true&tpubid=1008941&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=BY&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1008940&prcnt=&layer=&normp=7&gvv=8350
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4194d75b1ad62b486b364957d132c705d972ee2d5b85addfce0997ae028ca7a

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 20 Oct 2022 17:41:38 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1415
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19172-FRA
pragma: no-cache
server: nginx
x-timer: S1666287698.447381,VS0,VE12
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
access-control-allow-origin: https://www.chicagotribune.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 20 Oct 2022 17:41:38 GMT
x-amz-request-id: QPRTT6V14CQSY5PX
age: 58
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: mQcKvbDt5hj7as8fOv4Xjt3B5qAII0y9zZHUZKn02y3baWaC914tOySZby5K5nMkU1vw56Gn4io=
x-served-by: cache-fra19172-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1666287698.445562,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 35
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 40

GET
H2 204 supply-feature
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 56ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=7ff33e46e4694e4407a3133f0ab11de3&sd=v2_488b3209721690aae887b402edb1fda3_0efa4542-b496-4b39-ae32-1b3cc79bbc3f-tucta4b0dd1_1666287697_1666287697_CNawjgYQrco9GI768bO_MCABKAEwODib4wlAgooQSMzK2QNQpewQWAFgAGi0ovD79tOEkd4BcAA&ui=0efa4542-b496-4b39-ae32-1b3cc79bbc3f-tucta4b0dd1&pi=/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&wi=-7476017635778299342&pt=text&vi=1666287697166&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A41%3A38.371&id=5281&llvl=2&cv=20221020-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 20 Oct 2022 17:41:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/ 0
90 B 55ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/2/debug?tim=17%3A41%3A38.458&type=info&msg=Load%20publisher%20card%3A%20%23taboola-skip%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23taboola-skip%20succeed&llvl=2&id=7860&cv=20221020-6-RELEASE&lt=deflated&idx=pc&pc=%23taboola-skip&st=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:41:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12319

GET
H2 204 abtests
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 56ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7ff33e46e4694e4407a3133f0ab11de3&sd=v2_488b3209721690aae887b402edb1fda3_0efa4542-b496-4b39-ae32-1b3cc79bbc3f-tucta4b0dd1_1666287697_1666287697_CNawjgYQrco9GI768bO_MCABKAEwODib4wlAgooQSMzK2QNQpewQWAFgAGi0ovD79tOEkd4BcAA&ui=0efa4542-b496-4b39-ae32-1b3cc79bbc3f-tucta4b0dd1&pi=/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&wi=-7476017635778299342&pt=text&vi=1666287697166&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22storageRef%22%3Anull%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1666287698461%7D&tim=17%3A41%3A38.462&id=7761&llvl=2&cv=20221020-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 20 Oct 2022 17:41:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/ 0
230 B 35ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/tribunedigital-chicagotribune/log/3/abtests?route=AM:AM:V&lti=deflated&ri=7ff33e46e4694e4407a3133f0ab11de3&sd=v2_488b3209721690aae887b402edb1fda3_0efa4542-b496-4b39-ae32-1b3cc79bbc3f-tucta4b0dd1_1666287697_1666287697_CNawjgYQrco9GI768bO_MCABKAEwODib4wlAgooQSMzK2QNQpewQWAFgAGi0ovD79tOEkd4BcAA&ui=0efa4542-b496-4b39-ae32-1b3cc79bbc3f-tucta4b0dd1&pi=/suburbs/elgin-courier-news/ct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&wi=-7476017635778299342&pt=text&vi=1666287697166&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1666287698484%7D&tim=17%3A41%3A38.484&id=5709&llvl=2&cv=20221020-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 20 Oct 2022 17:41:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 103ms
102ms Image
image/gif 18.213.10.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=chicagotribune.com&p=%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&u=DYcnJD2EHO9CZOVUo&d=chicagotribune.com&g=3906&g0=suburbs%2Csuburbs%3Aelgin-courier-news&g1=Gloria%20Casas&n=1&f=00001&c=0.03&x=0&m=0&y=9714&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=1073&t=CyOL1PDxplLm9g9JLRirYwDRDDp4&V=136&tz=0&_acct=anon&sn=2&sv=EYaS73SicABRz8erBOTSJxIzbAq&sd=1&im=067b0fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.10.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-10-203.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Oct 2022 17:41:38 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ Frame B467 36 KB
13 KB 85ms
18ms Script
application/javascript 13.224.189.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-91.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c39ba8204d711934ffd9be37e2538b0c3ba1154010ab24e72948cdf29c23e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:37:48 GMT
content-encoding: br
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Wed, 19 Oct 2022 14:59:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 237
etag: W/"6fd2d97f3258cb0cb022b5a41a5628ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: JHpr8g3VeOAsRDPX2M07WSuRy-xmSTNs1P1tEz44x-EmKMg6aL7tgg==

POST
H2 204 beacons
p.flipp.com/ Frame B467 0
0 177ms
120ms Fetch 13.32.99.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1190282
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-106.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 20 Oct 2022 17:41:39 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.chicagotribune.com
access-control-allow-credentials: true
x-amz-cf-id: dmpwgh89MJp-BnHWNuBZWASII8qe5OmhMtoNqvAknAuP78oD5JLnsg==

POST
H2 204 bulk Show response
trc.taboola.com/tribunedigital-chicagotribune/log/3/ 0
220 B 32ms
31ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tribunedigital-chicagotribune/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=13
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221020-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Thu, 20 Oct 2022 17:41:39 GMT
via: 1.1 varnish
x-served-by: cache-fra19172-FRA
server: nginx
x-timer: S1666287699.481231,VS0,VE12
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.chicagotribune.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 30ms
29ms Image
image/gif 108.128.97.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=6f58dcee-a197-4d25-85ff-cfa0c92c411f&ntv_fl=hFT75SEIQqn36BKsyWHPWBXdQyemWh6WL_7mtpfGfDbHxTBOCmQZkA8uWQ5a9MCdWuxaTKJ7B4_7A4bWx2adOW_p00cPtEw0mm2lsbzWnCg6CCR4GlSwiVKGgESkqwGKYWGJKgSRLAfq-jfoJko1WfVTggXaeZVe5UReYG0sJHfd3Uretr9YPFpfbS6eOvwcsHYTyC0VthrqMUug3moNT7vMDy2yL9Q4w5EL0dao7tujSOQxpqA84RZi9FoiswovvAckquLsSKLLmGQB-6Cd1pJB01AYK6vMgQ-ZZC5oWhnodHA2mOvtfhOX7ifxNzGM&ntv_ht=UIhRYwA&ntv_at=808&ntv_a=AAAAAAAAAA7O4QA&ntv_sat=5&ord=1666287700426&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.97.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-97-80.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 17:41:40 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 55ms
12ms Image
image/gif 2600:9000:214f:da00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:da00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10118923
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: mOQtCQ8QavXmxJ_znfushtEn9kuW5Q328Q-eWJFeTlBRwU-McreNsA==

POST
H3 200 v2wykpJaJyTXM81w3cuKEtbqM_asTJwhtyJwRsIIq-I1OefvBHNiMQu4J04PC1XaE5THT3DHe Show response
smoggysnakes.com/ 191 B
218 B 65ms
30ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2wykpJaJyTXM81w3cuKEtbqM_asTJwhtyJwRsIIq-I1OefvBHNiMQu4J04PC1XaE5THT3DHe

Requested by

Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef07aff22b70b7e93a2035e9fa192c686ae2874998b227b1e8b51dbffc901e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 20 Oct 2022 17:41:41 GMT
via: 1.1 google
x-buildnumber: 661392823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
x-hostname: fen-hoothoot-europe-west1-spot-9csr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 20 Oct 2022 17:41:40 GMT

POST
H3 200 v2htgCm8f6FbWuk5rlpP_kAAN6wjgsGSmfkIfGfVrN-0BCBURNzUJVTg9NWPvs3e7qAZ_0H7_ Show response
smoggysnakes.com/ 3 B
27 B 24ms
24ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smoggysnakes.com/v2htgCm8f6FbWuk5rlpP_kAAN6wjgsGSmfkIfGfVrN-0BCBURNzUJVTg9NWPvs3e7qAZ_0H7_

Requested by

Host: smoggysnakes.com
URL: https://smoggysnakes.com/v2lycXBmloNJvBgX1X4DVpaOIIEDRv-aIb6gvdB6L-b5V3hFPpKkarQ4Y2H5bdtih

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.chicagotribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 20 Oct 2022 17:41:42 GMT
via: 1.1 google
x-buildnumber: 661392823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.chicagotribune.com
x-hostname: fen-hoothoot-europe-west1-spot-9csr
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
11ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1757361571160924&ev=ViewContent&ts=1666287702061&it=1666287702061&v=2.7.21&if=false&cd[article_content_tier]=free&cd[is_subscriber]=true&dl=https%3A%2F%2Fwww.chicagotribune.com%2Fsuburbs%2Felgin-courier-news%2Fct-ecn-dupage-court-revamp-elgin-st-1019-20221018-wg5rzggaqnfwrc77yxnp3bl4li-story.html&rl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chicagotribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Oct 2022 17:41:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chicagotribune.com/suburbs/elgin-courier-news	1970-01-20 15:37:03	Name: _lbz Value: 0
www.chicagotribune.com/suburbs/elgin-courier-news	1969-12-31 23:59:59	Name: ntvSession Value: {"id":3657344,"placementID":1109740,"lastInteraction":1666287697007,"sessionStart":1666287697007,"sessionEndDate":1666310400000,"experiment":""}
r610.chicagotribune.com/DG/DEFAULT	1970-01-20 16:27:27	Name: BCSessionID Value: 9c8a93c2-95a3-4d4f-bcd6-605e50296dba
.chicagotribune.com/	1970-01-20 06:51:28	Name: _lb Value: 2
.postrelease.com/	1970-01-20 15:37:03	Name: opt_out Value: 1
.www.chicagotribune.com/	1970-01-20 06:51:29	Name: sophiTagses.7165 Value: *
tribune.blueconic.net/	1970-01-20 07:01:32	Name: AWSALBCORS Value: bdFjPio6ERvkUcoxlGdbVb4zDGsEYbkwnsaIuzOoDYaEAQvna2mtOPVpGdqmxkkNkFvG9YeitqnR5yOqShTAlcO3+G9ucTh3PjYjeEydS0YFrfZ4Dt9kaPfxjrYt
.chicagotribune.com/	1970-01-20 06:51:29	Name: _ml_ses Value: *
.chicagotribune.com/	1970-01-20 16:27:27	Name: _matheriSegs Value: MATHER_U9_FIRSTTIMEMET2_20191016
.chicagotribune.com/	1970-01-20 16:27:27	Name: _matherSegments Value: MATHER_U9_FIRSTTIMEMET2_20191016
zephr.chicagotribune.com/	1970-01-20 10:13:03	Name: blaize_session Value: b25be86f-1d92-4428-8709-a94e12b2ed2b
zephr.chicagotribune.com/	1970-01-20 16:27:27	Name: blaize_tracking_id Value: 88b14382-85a8-471e-ab70-a8dadeaa8c58
.www.chicagotribune.com/	1970-01-20 16:27:27	Name: sophiTagid.7165 Value: 23e0cda3-1f58-4354-b081-3b53516c1965.1666287697.1.1666287698.1666287697.9338d97c-3c5b-40b8-8dc0-c60f4007ac28
zephr.chicagotribune.com/	1970-01-20 07:01:32	Name: AWSALB Value: fJV81B9Bd/LlKlFTZVFqS7rJj1qI9x6aH0yisWJzZTbfygZUNi/QhnjruojQ+ryaKTIVM8T9WbMPYwWLr+Lzgxf35kI11yPV6LE1PD7l5WMrnxv32m4zP0+iHLpr
zephr.chicagotribune.com/	1970-01-20 07:01:32	Name: AWSALBCORS Value: fJV81B9Bd/LlKlFTZVFqS7rJj1qI9x6aH0yisWJzZTbfygZUNi/QhnjruojQ+ryaKTIVM8T9WbMPYwWLr+Lzgxf35kI11yPV6LE1PD7l5WMrnxv32m4zP0+iHLpr
.chicagotribune.com/	1970-01-20 11:10:39	Name: c_mId Value:
.chicagotribune.com/	1970-01-20 11:10:39	Name: c_PUID Value:
.www.chicagotribune.com/	1970-01-20 07:01:32	Name: RT Value: "z=1&dm=www.chicagotribune.com&si=fe059469-2da4-4823-92f7-de13a1042058&ss=l9hco6qb&sl=1&tt=1nk&rl=1&ld=1nn"
www.chicagotribune.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 9c8a93c2-95a3-4d4f-bcd6-605e50296dba
.chicagotribune.com/	1970-01-20 16:27:27	Name: _ml_id Value: 50488088a829f10d.1666287697.1.1666287698.1666287697
r610.chicagotribune.com/	1970-01-20 07:01:32	Name: AWSALB Value: yevFNa7Te7lyxWYl1fw699rxpDK+pwvn/kifTeGdq2ROwK1AkK7KxZnKgMPrEjWNUZHkNu9xd5HbX/8IfDSgNMNqhCOoqk9rHh/xXhgG800aCTbSYS+nsgqHCnlB
r610.chicagotribune.com/	1970-01-20 07:01:32	Name: AWSALBCORS Value: yevFNa7Te7lyxWYl1fw699rxpDK+pwvn/kifTeGdq2ROwK1AkK7KxZnKgMPrEjWNUZHkNu9xd5HbX/8IfDSgNMNqhCOoqk9rHh/xXhgG800aCTbSYS+nsgqHCnlB
www.chicagotribune.com/	1970-01-20 15:37:03	Name: flipp-uid Value: 2f7c6070-224c-4fbe-bf02-61de7042c97d
.chicagotribune.com/	1970-01-20 16:27:27	Name: _awl Value: 2.1666287701.0.5-58f76b38499f1ae6dbfe188a4bc59c29-6763652d6575726f70652d7765737431-0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
am-trc-events.taboola.com
assets.zephr.com
authenticate.chicagotribune.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn-gateflipp.flippback.com
cdn.confiant-integrations.net
cdn.jwplayer.com
cdn.onesignal.com
cdn.parsely.com
cdn.sophi.io
cdn.taboola.com
cmp.osano.com
code.jquery.com
collector2.sophi.io
dynpaywall-api-chicagotribune.ml.sophi.io
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
jadserve.postrelease.com
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
mab.chartbeat.com
news.google.com
onesignal.com
p.flipp.com
p1.parsely.com
ping.chartbeat.net
pixel.sitescout.com
play.google.com
player-files.remixd.com
polyfill.io
pubcast-files.remixd.com
r610.chicagotribune.com
s.go-mpulse.net
s.ntv.io
sb.scorecardresearch.com
smoggysnakes.com
ssor.tribdss.com
static.adsafeprotected.com
static.chartbeat.com
tags.remixd.com
trc.taboola.com
tribune-chicagotribune.zeustechnology.com
tribune.blueconic.net
widget.perfectmarket.com
www.chicagotribune.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.i.matheranalytics.com
www.tribdss.com
zephr.chicagotribune.com
104.94.186.13
107.178.250.234
108.128.97.80
108.156.255.76
13.224.189.28
13.224.189.91
13.225.78.24
13.225.78.28
13.225.78.34
13.225.78.60
13.226.153.21
13.32.99.106
13.32.99.52
141.226.228.48
143.204.215.111
143.204.215.66
151.101.193.44
18.213.10.203
18.66.100.58
2001:4de0:ac18::1:a:1b
23.35.237.64
2600:1901:0:d733::1
2600:9000:20eb:2400:18:1fcd:351:7bc1
2600:9000:211e:ee00:3:b7e:8940:93a1
2600:9000:214f:da00:8:48e:53c0:93a1
2600:9000:225e:2e00:1:a3fa:7cc0:93a1
2606:4700::6812:106b
2606:4700::6812:e134
2a00:1450:4001:803::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a00:1450:4001:830::200e
2a02:26f0:1700:16::b856:fbde
2a02:26f0:480:297::11a6
2a02:26f0:7100:594::11a6
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::714
2a04:4e42:600::282
3.219.38.131
35.190.38.143
52.17.99.225
52.205.55.37
52.223.1.76
54.202.115.110
66.155.71.149
99.86.4.16
015f97085d087810badf86ad9e67a3fd6ad759ae74a595b074e93b5fdc2ac6f9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09108a1ffdbe53f546c38a9209313f34421fc852aabcc7a478bfe69bbc795465
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510
09a559dcf9b8ba4e8816880fa68d2f43d6d2bd2ce10da9222a488fba58cadf1c
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b4ca67fff166f77769b9bf8615c26d6c67b9559180055538f8eec623e37f156
10fe596eff466213fc8e36e91a21d3e60f4f43d1c33d1d52a4068f0391aa63c8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1772b2203205468529b2ce91b979cbfd4e7ac95f5cf55463fdbb313cf9708403
17fb464c7d1f2fb8ac6ef31e4428b5775213540b0c32889a05482cdd46146ada
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
2574aa27d97447a4134230c05c7942c2b5a7a609892cf617b9f9ebc346853bdf
264fb6991243a26a1cc8fe9cb7eb66134d9960f3bddfbce9d793ec53c46ab780
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a762b90980fe85c3de2c20008cff700214b88e2bdd07fd1ab1f5e870338d5b8
2db4e8ae406c92bc7bd98099e643814f36c74b3112a90b9d9bab20a761d66786
2e739a9eaca6bf710447f7c39030f0f4f2d7b3074b6211968bf87c8f68bcd6ca
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3164fb53fad3444207a734d4dfae142f789d9de60bb10a7473f7877244f90a78
3252d36cc55b9da498335a311e43fc48b9ce4e1ee05be3d7f2db90f5ef7f01ce
32e8506d2f282e7132820c2c989104e013938da8c2214f6442eaec6945918211
3415e4823b65c682afb0b4f3186894b41537148c123ac1941c8c307aa28bb449
34ec1683d2642299e982025227fedb587004b36ef9d3abcf47999e7f62a8afff
37f8ab8769785287d8b890ba001c44d93c98ec851e4abe769e8a5e243bbe1f0b
385b775f1349e9d369a6c6f63a0aafc11c22515ca8c97f2303038a2c6cdaf858
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4357295557e9d4709731d2d574b6639e6a171c9d35f6982d7accd7c841cb974a
43c39ba8204d711934ffd9be37e2538b0c3ba1154010ab24e72948cdf29c23e0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4aa8d61c6482d1973b71146c94dfe741f00f1d414a645249edb142e1f219bda5
4de3df3f8c41b969312c7f8fb0ec105ca4ceebfeff99e9c4c6552f017c8aeb2e
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5064f5852a11e833dd49c946f9f0b96b40deb80019e3692a8fe977f1fc98f825
51ae82135498270faf7037bc1034285965dcde3c43476a24ac83ab3d14322522
51cae6e659047234cfc380bfa2c641744db07624830296e39462d4ac601c6bb4
5348a314708b862d24952aef1498cf359149f0dbbd24e85be992d3caa87968f8
5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7
5a36f55cf612549cc49d145502aeb8e706724cf3d6f155ebadcf3ade388e3b39
5b21b8433dd2f0b6b7be59e7c23f53a3a7cd9de6838c5a41b376ccea1e1d4828
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
65b72c57b7d3e026f367272cac181935f22cf55a317943e7a7458cb122c840a2
6613009940c32f6e3032a2ef430d34037d17904c9beac02478443798784faa98
690ccd1d5147450547924d553c47ba22f8d9c3fc79c5357e5e51df1f709cca1e
6ea52be86268c844b1f19106d8fbf005060bb93520541fd4f300f38a8da0a146
6ef7d841ea4a7fa82fc9d2ba49edacaeaf3e46bf282c6d9cbdc368a710e107dc
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7e11b79bb7aa3386881439c012bd9dfcd28b9129a93b47b9fc77e31aca01807e
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8464859e97324aaaf5650dbf65973c2ad6f7fddea8b1e7e6c7692cb2a0f541fb
85abff98673582184da6512ffaa91cf207ab6d94808f8d0beed07cb7ef7a05f7
89318465a9eaa3ceca9c205ab47d78a0205bbba44942b8aef3b8c7b56d2375d9
8ca60119a290a5178c4e4ccc7728baec26d2f016a6be49f28363ac67b19ef50d
8fc4c656fb606d73535160204c5fcb9786950480c185715d4cb677e04687a334
9059ed26cdd479b2a5e3fcd28b93d2f45e3030feaa0fd95bdb2f850486527fe1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
94dba5e97bd9780046fc76db034ae0132c04cdf51858c680ef043f841ee3a468
95f77dcaac4925f0f3c748d3b5f8d141b42d5b0c0cb7433285122c24533d89e2
9729f3eab64671484b7dc72a11b62aa1f6f7841711fa84c318e01007dd03e6c2
9ecee7405e7c0e3fae846610dece808620f05b0af369f5309839da3a415bdb2d
9fd0e2219e9aa850f2f80ce0a66c95d2339f07bd62dfcf0e907f485ce92ea5a4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c2b41a9f04396e6b2e280a11883953e5ee4e5da431f2891b2da6f1445fe86d
a274d807ff49c89235376b78c95e39abaa08257a24df13b1f9837bc81ec98116
a2b0336d194248a536f2b140c07c8d0d9205b076828de62ea2e037c56f4d4bb8
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a4f96c799c83f1785a3c8d50c7927cf587536a683e7447df4bc4903b16954863
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7
a98c1c48a21c3826cc82fbbd8e6e9308530f549a55c6570ff50628b6e35b6a97
a9e322e104caf61653b1595f938d5c774c6bc0ac2799aff3538fedaee835c8ca
ac78e6941d881d41e0ee6b133b3f2b9b0c0b0f6c23a4285aaa30dc5a770bf2a2
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd25dea85e5a6d010f318aafdc126c0a9379100563cf83b4b8d32f14e1a06303
c3351101ed7737fdb60e36683bba0f053b7210f3e790960805a0a3016b2a01e8
c546a0c5a9b1164c5f8bd5d164eb093107f3755d7247189cb6ced71f20fda06a
c6cce6beb8587b0075a75db191541a7370f872c50bcf924bc94d705e5af45cef
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbcbdef0608943e0933da5928be999f15b83042f772c8099bf8901725a2c8f1e
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d22f6e5562a0ef5aa020903f532024c9be3280776f4786433295a234589e9d90
d5ac376dd4e310a2aae2674eefbbf3d52da86de9e608c24ed84901531af8b666
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9f320c79dc763f8481c24d7d29989ddcb92f0e4f6f426b41d20d72fc51b8f94
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e081bf7305b257f0b11e7939573352598140f9c77bc95eb15d363b759f4105e1
e095f4fbb86c7318a76ae06340cfd812a5247ea02b416ed57933365d67648df7
e1c68dfa663345d3e1c77ef5790cef07631f32f42a834862d3b1917fdf8bf1f2
e208c369f47fd7ff11fae207abc5acc50db1d52823f4a9b5ab74f88a0656d7c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e55a7357b8009cd60522a366c3763ffadcbae3c4c675e8c81ac54668694c130c
e7d087167c0499c0e6631ed829e4959c27f4408f5c24b883fc95dbc8dda75f53
ea981e44acb824eef6c0b27e815fb653b7647283212e047e0b09cc8c809e300b
ed6b237b687782c7d85630dec9239d26965f826b0b1a64d2817b4dec65db486a
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef07aff22b70b7e93a2035e9fa192c686ae2874998b227b1e8b51dbffc901e8c
ef23308e560722a029cf1582daae770cc7d5b93196138eb979dcb4d5951cd152
f23076cd7060947c9ec0b1a21728b303079369833007c4fa3c895a5ee2fe60ca
f4194d75b1ad62b486b364957d132c705d972ee2d5b85addfce0997ae028ca7a
f50a5f52096f35c35e49d5abd3dd78e1227d38feb3871569e155e776e032c8ff
f8754f1e349ea9ec40863a0cfe1776b7fc238482eab7151992fbea8e1610b969
fcac0e1a4f11bbf64e60b1305ef1b935ff5c41e49d150c42ca8d8d6464dc240f

www.chicagotribune.com Open in urlscan Pro 2a02:26f0:1700:16::b856:fbde Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

96 %HTTPS

42 %IPv6

36 Domains

56 Subdomains

49 IPs

5 Countries

3228 kBTransfer

10074 kBSize

24 Cookies

42 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.chicagotribune.com Open in urlscan Pro
2a02:26f0:1700:16::b856:fbde Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

96 %
HTTPS

42 %
IPv6

36
Domains

56
Subdomains

49
IPs

5
Countries

3228 kB
Transfer

10074 kB
Size

24
Cookies

152 HTTP transactions
0 data transactions