urlscan.io logo urlscan.io
SecurityTrails logo

www.dailyherald.com Open in urlscan Pro
107.154.76.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.dailyherald.com/
Submission: On March 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 9 countries across 86 domains to perform 338 HTTP transactions. The main IP is 107.154.76.234, located in United States and belongs to INCAPSULA, US. The main domain is www.dailyherald.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on January 10th 2021. Valid for: a year.
This is the only time www.dailyherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40 107.154.76.234 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.24.101 16509 (AMAZON-02)
1 2.18.234.163 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
8 13.224.193.146 16509 (AMAZON-02)
1 199.19.89.14 54105 (SSM-NET)
1 65.9.187.115 16509 (AMAZON-02)
2 2.18.234.122 16625 (AKAMAI-AS)
7 34.96.77.232 15169 (GOOGLE)
2 69.195.148.66 19969 (JOESDATAC...)
2 169.50.137.179 36351 (SOFTLAYER)
6 162.244.66.114 18501 (CODERO-DFW)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
8 142.250.186.34 15169 (GOOGLE)
3 13.224.192.34 16509 (AMAZON-02)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 52.52.67.9 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.19.89.19 54105 (SSM-NET)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 65.9.23.176 16509 (AMAZON-02)
2 2a04:4e42:1b:... 54113 (FASTLY)
1 2a04:4e42:3::729 54113 (FASTLY)
2 13.224.198.208 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 35.244.232.184 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 10 185.33.221.14 29990 (ASN-APPNEX)
14 213.19.162.41 26667 (RUBICONPR...)
1 3.122.144.78 16509 (AMAZON-02)
5 136.144.59.88 54825 (PACKET)
1 184.31.84.150 20940 (AKAMAI-ASN1)
1 185.64.189.112 62713 (AS-PUBMATIC)
10 34.98.64.218 15169 (GOOGLE)
1 2 216.52.2.19 30282 (AS-INAPCD...)
2 65.9.187.20 16509 (AMAZON-02)
2 54.164.110.143 14618 (AMAZON-AES)
1 116.202.80.167 24940 (HETZNER-AS)
3 2a04:4e42:3::539 54113 (FASTLY)
14 151.101.114.27 54113 (FASTLY)
1 35.244.184.131 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 185.59.220.198 60068 (CDN77 (^_^)/)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 2.16.186.8 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 100.24.180.21 14618 (AMAZON-AES)
16 23 169.50.137.190 36351 (SOFTLAYER)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 35.227.248.159 15169 (GOOGLE)
1 1 52.28.42.15 16509 (AMAZON-02)
1 1 52.28.108.245 16509 (AMAZON-02)
2 143.204.209.21 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 2 18.198.69.109 16509 (AMAZON-02)
1 3.229.46.71 14618 (AMAZON-AES)
1 104.108.41.56 16625 (AKAMAI-AS)
1 2 99.80.128.92 16509 (AMAZON-02)
1 216.52.2.39 29791 (VOXEL-DOT...)
2 34.120.207.148 15169 (GOOGLE)
1 1 142.250.185.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
5 69.173.144.139 26667 (RUBICONPR...)
11 14 172.217.16.130 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.13.108 54113 (FASTLY)
3 10 2.18.234.21 16625 (AKAMAI-AS)
2 2.18.233.180 16625 (AKAMAI-AS)
2 104.108.50.124 16625 (AKAMAI-AS)
1 6 18.185.82.201 16509 (AMAZON-02)
3 9 185.64.190.80 62713 (AS-PUBMATIC)
2 3 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 18.159.182.76 16509 (AMAZON-02)
3 3 18.194.69.213 16509 (AMAZON-02)
2 2 63.33.75.105 16509 (AMAZON-02)
6 6 52.215.8.160 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.137.131 201081 (SMARTADSE...)
3 3 185.29.133.199 30419 (MEDIAMATH...)
2 2 2620:116:800d... 16509 (AMAZON-02)
3 3 37.157.6.241 198622 (ADFORM)
2 6 63.32.128.23 16509 (AMAZON-02)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 72.21.206.140 16509 (AMAZON-02)
1 1 64.202.112.191 22075 (AS-OUTBRAIN)
1 35.241.40.233 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 3 69.173.144.165 26667 (RUBICONPR...)
2 2 151.101.114.49 54113 (FASTLY)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 213.155.156.184 1299 (TELIANET ...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 1 18.156.0.31 16509 (AMAZON-02)
1 185.64.189.114 62713 (AS-PUBMATIC)
338 109
40    107.154.76.234 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.234.ip.incapdns.net
www.dailyherald.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    13.32.24.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-101.fra56.r.cloudfront.net
cdn.p-n.io
1    2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    13.224.193.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-146.fra2.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net
1    199.19.89.14 (United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-14.secondstreetmedia.com
embed.secondstreetapp.com
1    65.9.187.115 (United States)

ASN16509 (AMAZON-02, US)
webplayer.spokenlayer.net
2    2.18.234.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-122.deploy.static.akamaitechnologies.com
players.brightcove.net
7    34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com
origami.secure.ownlocal.com
2    69.195.148.66 (United States)

ASN19969 (JOESDATACENTER, US)
www.queryly.com
2    169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com
i.simpli.fi
6    162.244.66.114 (United States)

ASN18501 (CODERO-DFW, US)
PTR: 162-244-66-114.dedicated.codero.net
magnetapi.klangoo.com
cdn.klangoo.com
magnetrack.klangoo.com
1    2606:4700:e2::ac40:8a06 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
8    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
3    13.224.192.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net
c.amazon-adsystem.com
11    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
id.tinypass.com
buy.tinypass.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    52.52.67.9 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-67-9.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    2a02:26f0:6c00:2bd::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    199.19.89.19 (United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-19.secondstreetmedia.com
api.secondstreetapp.com
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    65.9.23.176 (Orlando, United States)

ASN16509 (AMAZON-02, US)
d1fc8wv8zag5ca.cloudfront.net
2    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
cdn.polyfill.io
1    2a04:4e42:3::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
2    13.224.198.208 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-208.fra2.r.cloudfront.net
edge.api.brightcove.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com
metrics.brightcove.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
14    213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    3.122.144.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-144-78.eu-central-1.compute.amazonaws.com
tlx.3lift.com
5    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
htlb.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ascendeum-d.openx.net
us-u.openx.net
eu-u.openx.net
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    65.9.187.20 (United States)

ASN16509 (AMAZON-02, US)
api.spokenlayer.net
2    54.164.110.143 (United States)

ASN14618 (AMAZON-AES, US)
d.spokenlayer.com
1    116.202.80.167 (Germany)

ASN24940 (HETZNER-AS, DE)
scomcluster.cxense.com
3    2a04:4e42:3::539 (United States)

ASN54113 (FASTLY, US)
manifest.prod.boltdns.net
14    151.101.114.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
f1.media.brightcove.com
1    35.244.184.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
snowplow.ownlocal.com
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
cdn.materialdesignicons.com
2    2606:4700:3036::ac43:9e2a (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.pl
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
19    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2.16.186.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
bcbolt446c5271-a.akamaihd.net
3    2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-kube-ownlocal.cloudfunctions.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
5    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2607:f8b0:4007:816::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2600:9000:20eb:8400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    100.24.180.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ping.chartbeat.net
23    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2600:1f18:612b:4264:7659:1bf:d736:fba9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    52.28.42.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    52.28.108.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    143.204.209.21 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
1    3.229.46.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
1    104.108.41.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    99.80.128.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.rlcdn.com
id.rlcdn.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
14    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)
id.dailyherald.com
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
10    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    18.185.82.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    18.159.182.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
3    18.194.69.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    63.33.75.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
6    52.215.8.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    63.32.128.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
b1sync.zemanta.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    2606:4700:3039::6815:c004 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    213.155.156.184 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
Apex Domain
Subdomains		 Transfer
41 dailyherald.com
www.dailyherald.com
id.dailyherald.com
712 KB
29 googlesyndication.com
pagead2.googlesyndication.com
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
tpc.googlesyndication.com
207 KB
25 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
215 KB
25 simpli.fi
i.simpli.fi
um.simpli.fi
14 KB
24 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
43 KB
21 brightcove.com
edge.api.brightcove.com
metrics.brightcove.com
f1.media.brightcove.com
161 KB
15 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
34 KB
11 adnxs.com
ib.adnxs.com
acdn.adnxs.com
24 KB
11 tinypass.com
experience.tinypass.com
cdn.tinypass.com
id.tinypass.com
buy.tinypass.com
379 KB
11 boltdns.net
cf-images.us-east-1.prod.boltdns.net
manifest.prod.boltdns.net
398 KB
10 openx.net
ascendeum-d.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
104 KB
10 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
storage.googleapis.com
448 KB
9 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
9 KB
8 ownlocal.com
origami.secure.ownlocal.com
snowplow.ownlocal.com
286 KB
7 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
7 google.com
ampcid.google.com
www.google.com
adservice.google.com
1 KB
7 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
35 KB
6 adsrvr.org
match.adsrvr.org
2 KB
6 bidr.io
match.prod.bidr.io
3 KB
6 klangoo.com
magnetapi.klangoo.com
cdn.klangoo.com
magnetrack.klangoo.com
81 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
2 KB
5 ampproject.org
cdn.ampproject.org
99 KB
5 a-mo.net
prebid.a-mo.net
1 KB
4 postrelease.com
jadserve.postrelease.com
2 KB
3 adform.net
c1.adform.net
1015 B
3 mathtag.com
sync.mathtag.com
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 googletagservices.com
www.googletagservices.com
94 KB
3 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
3 cxense.com
cdn.cxense.com
scomcluster.cxense.com
33 KB
3 google.de
ampcid.google.de
www.google.de
1 KB
3 spokenlayer.net
webplayer.spokenlayer.net
api.spokenlayer.net
107 KB
2 fiftyt.com
visitor.fiftyt.com
994 B
2 semasio.net
uipglob.semasio.net
1 KB
2 everesttech.net
sync-tm.everesttech.net
610 B
2 quantserve.com
pixel.quantserve.com
910 B
2 scoota.co
r.scoota.co
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 rlcdn.com
idsync.rlcdn.com
id.rlcdn.com
108 B
2 crwdcntrl.net
bcp.crwdcntrl.net
977 B
2 exelator.com
loadm.exelator.com
3 KB
2 pro-market.net
fei.pro-market.net
851 B
2 intentiq.com
sync.intentiq.com
2 agkn.com
aa.agkn.com
d.agkn.com
957 B
2 tapad.com
pixel.tapad.com
910 B
2 chartbeat.net
ping.chartbeat.net
337 B
2 akamaihd.net
bcbolt446c5271-a.akamaihd.net
3 MB
2 rsms.me
rsms.me
54 KB
2 materialdesignicons.com
cdn.materialdesignicons.com
292 KB
2 unpkg.com
unpkg.com
33 KB
2 spokenlayer.com
d.spokenlayer.com
779 B
2 cloudflare.com
cdnjs.cloudflare.com
33 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 queryly.com
www.queryly.com
10 KB
2 brightcove.net
players.brightcove.net
250 KB
2 secondstreetapp.com
embed.secondstreetapp.com
api.secondstreetapp.com
53 KB
1 zeotap.com
mwzeom.zeotap.com
596 B
1 criteo.com
dis.criteo.com
284 B
1 de17a.com
d5p.de17a.com
134 B
1 ad4m.at
ad4m.at
1 acuityplatform.com
ums.acuityplatform.com
637 B
1 brand-display.com
dmp.brand-display.com
253 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
444 B
1 smartadserver.com
rtb-csync.smartadserver.com
757 B
1 contextweb.com
bh.contextweb.com
496 B
1 googleadservices.com
www.googleadservices.com
633 B
1 bluekai.com
stags.bluekai.com
745 B
1 bfmio.com
sync.bfmio.com
421 B
1 tremorhub.com
simplifi.partners.tremorhub.com
183 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 cloudfunctions.net
us-central1-kube-ownlocal.cloudfunctions.net
379 B
1 google.pl
adservice.google.pl
799 B
1 polyfill.io
cdn.polyfill.io
584 B
1 2mdn.net
s0.2mdn.net
17 KB
1 zencdn.net
vjs.zencdn.net
7 KB
1 jsdelivr.net
cdn.jsdelivr.net
24 KB
1 cloudfront.net
d1fc8wv8zag5ca.cloudfront.net
413 B
1 googletagmanager.com
www.googletagmanager.com
53 KB
1 npttech.com
www.npttech.com
3 KB
1 ntv.io
s.ntv.io
102 KB
1 p-n.io
cdn.p-n.io
69 KB
0 kargo.com Failed
krk.kargo.com Failed
338 86
Domain Requested by
40 www.dailyherald.com 1 redirects www.dailyherald.com
cdnjs.cloudflare.com
buy.tinypass.com
23 um.simpli.fi 16 redirects ads.pubmatic.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.dailyherald.com
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
14 cm.g.doubleclick.net 11 redirects eu-u.openx.net
eb2.3lift.com
14 f1.media.brightcove.com www.dailyherald.com
14 fastlane.rubiconproject.com www.dailyherald.com
10 ib.adnxs.com 4 redirects www.dailyherald.com
acdn.adnxs.com
eb2.3lift.com
8 securepubads.g.doubleclick.net www.dailyherald.com
securepubads.g.doubleclick.net
cdnjs.cloudflare.com
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
8 cf-images.us-east-1.prod.boltdns.net www.dailyherald.com
7 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
srcdoc
cdnjs.cloudflare.com
tpc.googlesyndication.com
www.googletagservices.com
7 origami.secure.ownlocal.com www.dailyherald.com
origami.secure.ownlocal.com
cdnjs.cloudflare.com
6 match.adsrvr.org 2 redirects eu-u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
6 match.prod.bidr.io 6 redirects
6 image2.pubmatic.com 3 redirects ads.pubmatic.com
6 eb2.3lift.com 1 redirects www.dailyherald.com
eb2.3lift.com
5 us-u.openx.net eu-u.openx.net
5 pixel.rubiconproject.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 prebid.a-mo.net www.dailyherald.com
5 metrics.brightcove.com www.dailyherald.com
5 www.google.com 2 redirects www.dailyherald.com
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 eu-u.openx.net www.dailyherald.com
eu-u.openx.net
4 jadserve.postrelease.com s.ntv.io
www.dailyherald.com
4 fonts.googleapis.com www.dailyherald.com
embed.secondstreetapp.com
origami.secure.ownlocal.com
3 simage2.pubmatic.com ads.pubmatic.com
3 token.rubiconproject.com 3 redirects
3 c1.adform.net 3 redirects
3 sync.mathtag.com 3 redirects
3 x.bidswitch.net 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects eu-u.openx.net
3 csi.gstatic.com cdn.ampproject.org
securepubads.g.doubleclick.net
3 www.googletagservices.com securepubads.g.doubleclick.net
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
3 storage.googleapis.com www.dailyherald.com
3 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 manifest.prod.boltdns.net cdnjs.cloudflare.com
3 c.amazon-adsystem.com www.dailyherald.com
c.amazon-adsystem.com
3 magnetapi.klangoo.com www.dailyherald.com
magnetapi.klangoo.com
cdn.klangoo.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 pixel.quantserve.com 2 redirects
2 r.scoota.co 2 redirects
2 pm.w55c.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 eus.rubiconproject.com www.dailyherald.com
eus.rubiconproject.com
2 ads.pubmatic.com www.dailyherald.com
ads.pubmatic.com
2 js-sec.indexww.com www.dailyherald.com
ssum-sec.casalemedia.com
2 sync.search.spotxchange.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com
2 pixel.tapad.com 1 redirects
2 ping.chartbeat.net
2 magnetrack.klangoo.com www.dailyherald.com
2 googleads.g.doubleclick.net 1 redirects www.dailyherald.com
2 www.gstatic.com 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
2 bcbolt446c5271-a.akamaihd.net cdnjs.cloudflare.com
2 rsms.me origami.secure.ownlocal.com
rsms.me
2 cdn.materialdesignicons.com origami.secure.ownlocal.com
cdn.materialdesignicons.com
2 unpkg.com origami.secure.ownlocal.com
2 d.spokenlayer.com www.dailyherald.com
2 api.spokenlayer.net webplayer.spokenlayer.net
cdnjs.cloudflare.com
2 ap.lijit.com 1 redirects www.dailyherald.com
2 cdnjs.cloudflare.com origami.secure.ownlocal.com
www.dailyherald.com
2 imasdk.googleapis.com players.brightcove.net
imasdk.googleapis.com
2 edge.api.brightcove.com players.brightcove.net
2 www.google.de www.dailyherald.com
2 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
2 www.google-analytics.com www.googletagmanager.com
www.dailyherald.com
2 experience.tinypass.com www.dailyherald.com
cdn.tinypass.com
2 i.simpli.fi www.dailyherald.com
i.simpli.fi
2 www.queryly.com www.dailyherald.com
2 players.brightcove.net www.dailyherald.com
1 image4.pubmatic.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 d5p.de17a.com image6.pubmatic.com
1 id.rlcdn.com
1 ads.yahoo.com
1 ad4m.at ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 image6.pubmatic.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 acdn.adnxs.com www.dailyherald.com
1 id.dailyherald.com cdnjs.cloudflare.com
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 ce.lijit.com
1 stags.bluekai.com
1 sync.bfmio.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 static.chartbeat.com www.dailyherald.com
1 us-central1-kube-ownlocal.cloudfunctions.net www.dailyherald.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.pl securepubads.g.doubleclick.net
1 cdn.polyfill.io origami.secure.ownlocal.com
1 snowplow.ownlocal.com www.dailyherald.com
1 scomcluster.cxense.com www.dailyherald.com
1 cdn.klangoo.com magnetapi.klangoo.com
1 ascendeum-d.openx.net www.dailyherald.com
1 hbopenbid.pubmatic.com www.dailyherald.com
1 htlb.casalemedia.com www.dailyherald.com
1 tlx.3lift.com www.dailyherald.com
1 s0.2mdn.net imasdk.googleapis.com
1 vjs.zencdn.net players.brightcove.net
1 cdn.jsdelivr.net www.dailyherald.com
1 d1fc8wv8zag5ca.cloudfront.net 1 redirects
1 api.secondstreetapp.com embed.secondstreetapp.com
1 id.tinypass.com cdn.tinypass.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 cdn.tinypass.com experience.tinypass.com
1 www.googletagmanager.com www.dailyherald.com
1 www.npttech.com www.dailyherald.com
1 webplayer.spokenlayer.net www.dailyherald.com
1 embed.secondstreetapp.com www.dailyherald.com
1 s.ntv.io www.dailyherald.com
1 cdn.p-n.io www.dailyherald.com
1 ajax.googleapis.com www.dailyherald.com
0 krk.kargo.com Failed www.dailyherald.com
338 135
Subject Issuer Validity Valid
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-01-10 -
2021-12-31		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.p-n.io
Amazon		 2020-04-04 -
2021-05-04		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.prod.boltdns.net
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
*.secondstreetapp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-23 -
2022-07-23		 2 years crt.sh
spokenlayer.net
Amazon		 2020-04-19 -
2021-05-19		 a year crt.sh
players.brightcove.net
DigiCert SHA2 Secure Server CA		 2020-09-03 -
2021-10-03		 a year crt.sh
secure.ownlocal.com
GTS CA 1D2		 2021-01-16 -
2021-04-16		 3 months crt.sh
www.queryly.com
Go Daddy Secure Certificate Authority - G2		 2020-04-19 -
2022-06-02		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.klangoo.com
DigiCert SHA2 Secure Server CA		 2020-02-24 -
2021-03-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2020-09-17 -
2021-09-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2020-03-11 -
2021-06-10		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
*.api.brightcove.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
metrics.brightcove.com
GTS CA 1D2		 2021-01-30 -
2021-04-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.a-mo.net
R3		 2021-01-11 -
2021-04-11		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
spokenlayer.com
Amazon		 2021-01-19 -
2022-02-17		 a year crt.sh
brightcove.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-28 -
2021-04-20		 7 months crt.sh
snowplow.ownlocal.com
GTS CA 1D2		 2021-02-09 -
2021-05-10		 3 months crt.sh
cdn.materialdesignicons.com
R3		 2021-03-01 -
2021-05-30		 3 months crt.sh
*.google.pl
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
misc.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.intentiq.com
Amazon		 2020-04-10 -
2021-05-10		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-10-15 -
2021-04-09		 6 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
id.dailyherald.com
Cloudflare Inc ECC CA-3		 2021-01-04 -
2022-01-03		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-29 -
2021-04-14		 5 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-28 -
2021-04-13		 a month crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh

This page contains 20 frames:

Primary Page: https://www.dailyherald.com/
Frame ID: B81E514178A3FCCC972E5820953B4328
Requests: 201 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 60F5552B556A8EF1A5E11B7DF6404CB9
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
Frame ID: 9699A988697370FED416C64F0E751CE2
Requests: 5 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23flyoutNavSub&templateId=OTKE5NSJZOWA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQ3W7CMAxG3yXXRUpK_8gdE2UDJpAY66bdheC2UdO0a5ICm_buCxVswnf2OZ8t-RsxcUAURfU8l3amXtfIQy0rIBNwXFxIJfXZcpHHNSvlOdo7DqcWOgGKw2Ck79tltn16fA532zuanoBbIxo1aCTB8X6PsdYj7Mo3fQ24r8qYK6IbnpCkws1dfsr_wrpsjjuoW8kMTBaL8TyLV5vZw5IQlyiZvjFETWfBQ-baD-HNbpWG65flx-Ztiv5ZxjrBlLkoykrpIc7qlolC6dugF1oMHPWj6x-Kr8hE9vNUuUWidcRnmNAgTyiZ-DQMSECp75jV0E0LUMYph5pfzhqJKIlIkIzHURL__AK7PiFkewEAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-1-wG72S&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=0&_qh=ae7cf80941
Frame ID: 7DAB55E32C5E8A409C4AD5BD48E013EC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 77FF7DAE8FF627E1769B471D3F8F6EC5
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: F21E48E3B5A579BFAED34609B77B6450
Requests: 3 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Frame ID: 7C34FD1DEC58FEE844A0231F52824726
Requests: 18 HTTP requests in this frame

Frame: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: A3C4BF34884AF54B7600B20E289FAC92
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 05ED9F287C4870A6E5558662A3346520
Requests: 17 HTTP requests in this frame

Frame: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 04497874FF161BD8D073A7D19AC5517E
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9DA997315A8EBD9EB998F51E61B5AE72
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 28519EE42D9E9356385CCE36E83CD1FD
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Frame ID: BC50C14436B283E1778A57D3148048E3
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D546FBDC0A12CF7465E5440D04824353
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 756CF273A6E0A7A12F6C3F2E8EBAD674
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D49EEF03A4DA063992060582492934C9
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: FB144268DDD82AE1AB58F905553CF114
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CB94128CFD92FDC6828E13133A0FF519
Requests: 10 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 9A15DF6008BC7E9CBC56A57CD8C9BC89
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8E0FD1E27A67C1A43EBECBBDED8CC419
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • script /2mdn\.net/i

Page Statistics

338
Requests

97 %
HTTPS

39 %
IPv6

86
Domains

135
Subdomains

109
IPs

9
Countries

7176 kB
Transfer

13344 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.dailyherald.com/apps/pbcsi.dll/urlget?url=https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/642c87ad-ad8f-4b38-92bc-13c085a5d06c/98cf58ad-bad6-4060-acd6-d394ac707490/1280x720/match/image.jpg&updated=20210302113223&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder HTTP 302
  • https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/642c87ad-ad8f-4b38-92bc-13c085a5d06c/98cf58ad-bad6-4060-acd6-d394ac707490/1280x720/match/image.jpg
Request Chain 57
  • https://d1fc8wv8zag5ca.cloudfront.net/2.5.1/sp.js HTTP 301
  • https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.5.1/sp.js
Request Chain 224
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 247
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 248
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=3CEA30EEF8C44126A9035EA88C163A87 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 249
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=3CEA30EEF8C44126A9035EA88C163A87 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1614747290&ip=194.99.105.99&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165000803714000073980 HTTP 302
  • https://um.simpli.fi/aa_px?sk=165000803714000073980
Request Chain 251
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 254
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=3CEA30EEF8C44126A9035EA88C163A87;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=3CEA30EEF8C44126A9035EA88C163A87;mimetype=img;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=1193958521273732236
Request Chain 255
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=3CEA30EEF8C44126A9035EA88C163A87&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=3CEA30EEF8C44126A9035EA88C163A87&j=0&xl8blockcheck=1
Request Chain 257
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 258
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 259
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=3CEA30EEF8C44126A9035EA88C163A87 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 260
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 261
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 262
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1614747289652&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=447319212&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mRY_YOfiMOuyx_APpoSd-AE&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=447319212&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=mRY_YOfiMOuyx_APpoSd-AE&cid=CAQSKQCNIrLMEoJUvup0HDDBrhNWNGLtiBPny38566UKh5eg9A1PhB-Rb6gp&random=2012629850 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=447319212&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=mRY_YOfiMOuyx_APpoSd-AE&cid=CAQSKQCNIrLMEoJUvup0HDDBrhNWNGLtiBPny38566UKh5eg9A1PhB-Rb6gp&random=2012629850&ipr=y
Request Chain 263
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=3CEA30EEF8C44126A9035EA88C163A87 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=3CEA30EEF8C44126A9035EA88C163A87&__user_check__=1&sync_id=95c9ed15-7bdc-11eb-862e-1b9fb9072206
Request Chain 264
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=3CEA30EEF8C44126A9035EA88C163A87 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D3CEA30EEF8C44126A9035EA88C163A87
Request Chain 265
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3CEA30EEF8C44126A9035EA88C163A87&expires=365
Request Chain 266
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=3CEA30EEF8C44126A9035EA88C163A87
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEFTd8-NdvMpK9FaNyGNEicg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3CEA30EEF8C44126A9035EA88C163A87 HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 280
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=sovrn&uid=dd2e0cd44ec50674a75876fd
Request Chain 281
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=pubmatic&uid=05BDD6D7-67C7-4CDA-8AC5-D5A7B241E6E4
Request Chain 282
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=appnexus&uid=2442156384613536453
Request Chain 283
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=index_rtb&uid=YD8Wmyivirx17yRZPeHHhAAA%261170
Request Chain 285
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iQBkl0kO1Lhjx95
Request Chain 286
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=5d6a3158-2572-4fb2-ba2e-7b1a880f09e9&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=632f92ba-83e7-4d2d-bddc-3bcd0fef5c97
Request Chain 287
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGQUJrN0FmaTBBQUJENmJKb2F1Zw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFABk7Afi0AABD6bJoaug&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFABk7Afi0AABD6bJoaug&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFABk7Afi0AABD6bJoaug&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFABk7Afi0AABD6bJoaug&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1018407256517183077 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAFABk7Afi0AABD6bJoaug
Request Chain 288
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e052603f-169a-4000-a3c7-c906ef4d8e46
Request Chain 289
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bs-vfmnJpXp1zqh8OcuxLWjJ-n51z6woPJuTyaK5
Request Chain 290
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6778854354827970440
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJV0taXQkp3KoZyRtR7EMo&google_cver=1
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELyecrtbiOf_YckJKT0867k&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 300
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcwMzQ2NTM1Njk4MTY3OTMzODU%3D
Request Chain 302
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/17034653569816793385?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-5dSuOqR1lwOyYCcEs.UD5s8.ew3nqPJ5m8bsJOgawA--&dongle=0883
Request Chain 303
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2442156384613536453&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 304
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=17034653569816793385 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=17034653569816793385&dcc=t
Request Chain 305
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 309
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YD8Wmyivirx17yRZPeHHhAAABJIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YD8Wmyivirx17yRZPeHHhAAABJIAAAIB&dcc=t
Request Chain 310
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YD8Wmyivirx17yRZPeHHhAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHr3h15_ijCTHsRGGXNkLM&google_cver=1
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YD8Wmyivirx17yRZPeHHhAAABJIAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEF9HeuvJcsofnUmjIeD_i9Y&google_cver=1
Request Chain 313
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=563318501989
Request Chain 314
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=eNDDt3_WybNj0cS1L9Td5H7Wlrdj0MDhKoR_lPJu
Request Chain 317
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xTWVVEQlYtRi1IUDBS
Request Chain 318
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YD8WnAAAAEla9lLS HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YD8WnAAAAEla9lLS&_test=YD8WnAAAAEla9lLS
Request Chain 319
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLSYUDBV-F-HP0R&sigv=1&esig=2~592de03f47edfaf86bf9319d1990fb0e8ea447e4
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGERjUQk4Uxa6-zCeHk9xLQ&google_cver=1
Request Chain 322
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/UJoz57WQn9SDMkk9zNOoGw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4278442616825050790
Request Chain 323
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e052603f-169a-4000-a3c7-c906ef4d8e46
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N9Izv5sUQ_iWqmeWc0Wrzg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 329
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=37D233BF-9B14-43F8-96AA-67967345ABCE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=37D233BF-9B14-43F8-96AA-67967345ABCE&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 330
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=37D233BF-9B14-43F8-96AA-67967345ABCE&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=37D233BF-9B14-43F8-96AA-67967345ABCE&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=37D233BF-9B14-43F8-96AA-67967345ABCE&addseg=21
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzdEMjMzQkYtOUIxNC00M0Y4LTk2QUEtNjc5NjczNDVBQkNF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJUuKKNNyvdg4kTi4U678MQ&google_cver=1
Request Chain 334
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4220f990-e1df-4a52-837f-49b29eb8b63a
Request Chain 335
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6778854354827970440
Request Chain 336
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e052603f-169a-4000-a3c7-c906ef4d8e46&gdpr=0&gdpr_consent=
Request Chain 337
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2442156384613536453&gdpr=0&gdpr_consent=
Request Chain 338
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37D233BF-9B14-43F8-96AA-67967345ABCE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0VAYUQt1l2L7OodSgoiEwIRn3hYMk2E-&gdpr=0&gdpr_consent=

338 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dailyherald.com/ 		108 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
aba7b24a2d4a2c1f228353dc57404ff5acd290e301db90f6f6e36094723dd9a0

Request headers

:method
GET
:authority
www.dailyherald.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=0, s-maxage=0
content-encoding
gzip
content-type
text/html; charset=iso-8859-1
date
Wed, 03 Mar 2021 04:57:48 GMT
expires
Wed, 03 Mar 2021 04:54:20 GMT
last-modified
Wed, 03 Mar 2021 04:52:27 GMT
servedby
NC1-D-WEB-03.DIGUSVA1.LOC
server
Microsoft-IIS/7.5
set-cookie
PBCSPERMUSERID=273785182460525; path=/; expires=Wed, 02 Mar 2022 22:54:20 GMT PBCSSESSIONID=273785182460525; path=/ visid_incap_929947=UWF9zm5oQHqKg4rjurmd5pUWP2AAAAAAQUIPAAAAAAAtS9znSfLMcSJWhe4Mrmn6; expires=Wed, 02 Mar 2022 07:52:04 GMT; HttpOnly; path=/; Domain=.dailyherald.com nlbi_929947=HzBzLiaYaSNfiLhquhlZUwAAAAALprocvjemHBeVcwy5VkRR; path=/; Domain=.dailyherald.com incap_ses_687_929947=7H4jIpZxrGwG3NZeJLeICZUWP2AAAAAAugiO6E3/dXUCiHcBUwwgVA==; path=/; Domain=.dailyherald.com
vary
X-UA,Accept-Encoding, User-Agent
x-actual-url
NC1-D-WEB-03, (/apps/pbcs.dll/section?category=frontpage&profile=1266)
x-cache
MISS-Varnish
x-cacheable
NO:Not Cacheable
x-forwarded-for
194.99.105.99, 198.143.55.9, 172.19.36.170, 172.19.36.170
x-handled-by
NC1-D-WEB-03, Rewrite on site DA
x-original-request
/
x-passed-to
NC1-D-WEB-03, URL Rewrite on site DA (2021-03-02 23:54:20:494)
x-passed-to-beforedispatch
NC1-D-WEB-03, on site DA (2021-03-02 23:54:20:509)
x-passed-to-dll
NC1-D-WEB-03, (2021-03-02 23:54:20:509)
x-passed-to-postprocessresponse
NC1-D-WEB-03, on site DA (2021-03-02 23:54:20:556)
x-powered-by
ASP.NET
x-returned-from
NC1-D-WEB-03(2021-03-02 23:54:20:556)
x-returned-from-beforedispatch
NC1-D-WEB-03, on site DA (2021-03-02 23:54:20:541)
x-returned-from-dll
NC1-D-WEB-03 (2021-03-02 23:54:20:556)
x-returned-from-postprocessresponse
NC1-D-WEB-03, on site DA (2021-03-02 23:54:20:556)
x-served-by
ip-172-19-37-29.digusva1.loc
x-stale
false
x-ua-device
pc
x-varnish
1774844193
x-varnish-beresp-grace
43200.000
x-varnish-beresp-status
200
x-varnish-beresp-ttl
-1.000
x-cdn
Imperva
x-iinfo
14-9666866-9666867 NNNN CT(101 204 0) RT(1614747285069 0) q(0 0 3 0) r(5 6) U4
theme2018-3.css
www.dailyherald.com/css/rspsv/ 		123 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/css/rspsv/theme2018-3.css?ver=20210210.2
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f7144a2e7656a803483e894eae252e1195a35b57393bae3ccdc2d578e607ba86

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
content-encoding
gzip
x-cdn
Imperva
age
54947
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9666883-9666867 PNNN RT(1614747285694 0) q(0 0 0 -1) r(1 1) U4
x-ua-device
pc
x-cache-hits
12677
servedby
NC1-D-WEB-07.DIGUSVA1.LOC
content-length
33697
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
86400.000
last-modified
Thu, 11 Feb 2021 13:30:59 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"e0eeb3227a0d71:0"
vary
X-UA,Accept-Encoding, User-Agent
x-varnish
1774844203 1770138865
cache-control
public, max-age=86400
x-stale
true
accept-ranges
bytes
content-type
text/css
x-varnish-beresp-grace
43200.000
prebid.js
www.dailyherald.com/js/prebid/ 		235 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4723f0132121c0ace958f3cdddb877604149310f99be16b16f358b934adcab80

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
content-encoding
gzip
x-cdn
Imperva
age
48554
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9666886-9666887 NNNY CT(0 0 0) RT(1614747285697 0) q(0 0 0 -1) r(2 3) U4
x-ua-device
pc
x-cache-hits
6061
servedby
NC1-D-WEB-15.DIGUSVA1.LOC
content-length
99477
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
86400.000
last-modified
Wed, 17 Feb 2021 16:51:54 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"0f1fc314d5d71:0"
vary
X-UA,Accept-Encoding, User-Agent
x-varnish
1774844205 1770797180
cache-control
public, max-age=86400
x-stale
true
accept-ranges
bytes
content-type
application/x-javascript
x-varnish-beresp-grace
43200.000
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 13:01:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57170
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 13:01:56 GMT
dh-min.js
www.dailyherald.com/js/rspsv/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/js/rspsv/dh-min.js?ver=20210128.0
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c6d8f7a0584aef0b79dc1004ca57d5a106e0373726a54ccb4f4ccba88a48b9e0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
content-encoding
gzip
x-cdn
Imperva
age
35569
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9666884-9666885 NNNY CT(0 0 0) RT(1614747285696 0) q(0 0 0 -1) r(1 1) U4
x-ua-device
pc
x-cache-hits
6780
servedby
NC1-D-WEB-13.DIGUSVA1.LOC
content-length
5948
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
86400.000
last-modified
Mon, 22 Feb 2021 16:54:11 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"b7f811583b9d71:0"
vary
X-UA,Accept-Encoding, User-Agent
x-varnish
1774844204 1772014876
cache-control
public, max-age=86400
x-stale
true
accept-ranges
bytes
content-type
application/x-javascript
x-varnish-beresp-grace
43200.000
pushly-sdk.min.js
cdn.p-n.io/ 		341 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=qdGT1zQoMOplpLubDrYDK6gDywAwYrAPp8jo
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c26892c3a43ac2bd5c6cb1772f30aca1b7bf01d7e80e3b03cf8e4ff3a7ca8d8c

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:52:20 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 03:11:16 GMT
server
AmazonS3
age
159
etag
W/"8824c0bba9e30e5245449719738bd270"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
iUZ5Px_OuPQKgZ89sxhSAbkS--pz8cPsV_MbZRLgWP0omvbfQ6qdNw==
load.js
s.ntv.io/serve/ 		348 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7350a08cef5a1ca2017f8cafc8e48e385cd3f5e07cb8790cc95dd02cb830853f

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:46 GMT
Content-Encoding
gzip
x-amz-request-id
656FA0C7177A7760
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
+0nPNwjO5Kp81B3CgcCUcpBDMTJJonPJfy5ffXrS00eBzK5YEz06idMVQO/ejMkTCSdxlTpodtk=
Last-Modified
Fri, 05 Feb 2021 18:53:22 GMT
Server
AmazonS3
ETag
"f26986557d331d9bccef002058601094"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
css
fonts.googleapis.com/ 		4 KB
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:800
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aae50a05451ced85fdf5edb26b1ecdee057d5974bb6e5769c715ce41e874f7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Mar 2021 04:54:46 GMT
server
ESF
date
Wed, 03 Mar 2021 04:54:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Mar 2021 04:54:46 GMT
AR-210309803.jpg&updated=20210302184211_ffd&imageversion=HorizontalOne&exactH=573&exactW=928&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/NEWS/210309803/AR/0/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/NEWS/210309803/AR/0/AR-210309803.jpg&updated=20210302184211_ffd&imageversion=HorizontalOne&exactH=573&exactW=928&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3a8f906dc787432c5a726a7e1a0aeaaab8798a67acc4c5a99b85c79eba3101d1

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
14906
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666891-9666885 PNNy RT(1614747285858 0) q(0 0 0 -1) r(1 2) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-14.DIGUSVA1.LOC
content-length
72175
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 00:42:13 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844219 1773746238
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
298
AR-210309853.jpg&updated=20210302160938_ffd&imageversion=HorizontalOne&exactH=206&exactW=310&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/BUSINESS/210309853/AR/0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/BUSINESS/210309853/AR/0/AR-210309853.jpg&updated=20210302160938_ffd&imageversion=HorizontalOne&exactH=206&exactW=310&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f4dd8d97792e5c2cec51804078a387d948faf27462553908a80b79b0334e1863

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
24148
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666892-9666867 PNNN RT(1614747285861 0) q(0 0 0 -1) r(1 1) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-04.DIGUSVA1.LOC
content-length
9407
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Tue, 02 Mar 2021 22:09:42 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844220 1772971067
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
363
AR-210309846.jpg&updated=20210302183121_ffd&imageversion=HorizontalOne&exactH=206&exactW=310&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/NEWS/210309846/AR/0/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/NEWS/210309846/AR/0/AR-210309846.jpg&updated=20210302183121_ffd&imageversion=HorizontalOne&exactH=206&exactW=310&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4200f444f4ccee83aecf34740b8fdc486bd6f297bc3bc579c38c78b4c0a6a828

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
15290
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666893-9666894 NNNY CT(0 0 0) RT(1614747285862 0) q(0 0 0 -1) r(1 1) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-03.DIGUSVA1.LOC
content-length
6567
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 00:31:23 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844222 1773715236
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
287
AR-210309757.jpg&updated=20210302183428_ffd&imageversion=HorizontalOne&exactH=206&exactW=310&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/NEWS/210309757/AR/0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/NEWS/210309757/AR/0/AR-210309757.jpg&updated=20210302183428_ffd&imageversion=HorizontalOne&exactH=206&exactW=310&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ffaa50a452b5d63f6de2c644dddaad0a0d7b10d3bce941d4d95df2302d0e95d3

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
15290
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666895-9666896 NNNY CT(0 0 0) RT(1614747285864 0) q(0 0 0 -1) r(1 1) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-04.DIGUSVA1.LOC
content-length
9730
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 00:34:31 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844223 1773715237
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
286
AR-210309760.jpg&updated=20210302175255_ffd&imageversion=HorizontalOne&exactH=206&exactW=310&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/SPORTS/210309760/AR/0/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/SPORTS/210309760/AR/0/AR-210309760.jpg&updated=20210302175255_ffd&imageversion=HorizontalOne&exactH=206&exactW=310&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b3e8b1ebbc30e01166c957b4b8668cbdbcda8718f4fe05f87d1e0b0f30d3cea7

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
16790
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666897-9666898 NNNN CT(103 103 0) RT(1614747285865 0) q(0 0 2 -1) r(3 3) U18
x-ua-device
pc
servedby
NC1-D-WEB-07.DIGUSVA1.LOC
content-length
9523
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Tue, 02 Mar 2021 23:53:00 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844248 1773590112
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
302
AR-210309777.jpg&updated=20210302192141_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/NEWS/210309777/AR/0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/NEWS/210309777/AR/0/AR-210309777.jpg&updated=20210302192141_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3b81306b85bc014295651cf3338436f9c46dc7a4fa331dce3b6571799506f9e5

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
12392
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666899-9666867 PNNN RT(1614747285867 0) q(0 1 1 -1) r(2 2) U18
x-ua-device
pc
servedby
NC1-D-WEB-15.DIGUSVA1.LOC
content-length
3658
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 01:21:43 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844237 1773950046
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
257
AR-210309769.jpg&updated=20210302184817_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/NEWS/210309769/AR/0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/NEWS/210309769/AR/0/AR-210309769.jpg&updated=20210302184817_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
341521dec6faf29712d9139d1b7eddaca56091ef77475bbd1d6917662472eb02

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
14566
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666900-9666894 PNNy RT(1614747285869 0) q(0 1 1 -1) r(2 2) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-14.DIGUSVA1.LOC
content-length
2068
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 00:48:18 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844239 1773773397
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
281
AR-210309775.jpg&updated=20210302193526_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/NEWS/210309775/AR/0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/NEWS/210309775/AR/0/AR-210309775.jpg&updated=20210302193526_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8b2eaa263e3dce3b3488c0f3372c0f496c50d5883b0c97b815e435cc3b3c0477

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
11628
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666901-9666896 PNNy RT(1614747285870 0) q(0 1 1 -1) r(2 2) U18
x-ua-device
pc
servedby
NC1-D-WEB-08.DIGUSVA1.LOC
content-length
2790
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 01:35:29 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844238 1774017234
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
255
AR-210309748.jpg&updated=20210302201502_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/NEWS/210309748/AR/0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/NEWS/210309748/AR/0/AR-210309748.jpg&updated=20210302201502_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
000ba16ca65492c48e564e33cf170757d7a04200b10659afba33f1d366a6e832

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
9525
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666902-9666867 PNNN RT(1614747285872 0) q(0 2 2 -1) r(3 3) U18
x-ua-device
pc
servedby
NC1-D-WEB-01.DIGUSVA1.LOC
content-length
2765
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 02:15:03 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844245 1774176774
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
240
AR-210309762.jpg&updated=20210302192351_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/BUSINESS/210309762/AR/0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/BUSINESS/210309762/AR/0/AR-210309762.jpg&updated=20210302192351_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d6bc8083c4836e2e91f0047c1c2fef53d647a3bfed2967e2beb86abbf04862ef

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
12390
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666903-9666896 PNNy RT(1614747285873 0) q(0 2 2 -1) r(3 3) U18
x-ua-device
pc
servedby
NC1-D-WEB-01.DIGUSVA1.LOC
content-length
3995
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 01:23:55 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844246 1773950047
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
257
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/642c87ad-ad8f-4b38-92bc-13c085a5d06c/98cf58ad-bad6-4060-acd6-d394ac707490/1280x720/match/
Redirect Chain
  • https://www.dailyherald.com/apps/pbcsi.dll/urlget?url=https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/642c87ad-ad8f-4b38-92bc-13c085a5d06c/98cf58ad-bad6-4060-acd6-d394ac707490/128...
  • https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/642c87ad-ad8f-4b38-92bc-13c085a5d06c/98cf58ad-bad6-4060-acd6-d394ac707490/1280x720/match/image.jpg
184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/642c87ad-ad8f-4b38-92bc-13c085a5d06c/98cf58ad-bad6-4060-acd6-d394ac707490/1280x720/match/image.jpg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
ed6249a2d2174575902beb1035eb0669e7050956ef6bba3cd53006e40b4aa42e

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 17:09:33 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
42313
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
y22WDQ66sKTCmDs7AbOVQLihWA032ouF64g1RNsGSNnIHwIG5F-EEg==
Expires
Wed, 02 Mar 2022 17:09:33 GMT

Redirect headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
28852
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9666904-9666894 PNNy RT(1614747285883 0) q(0 2 2 -1) r(3 3) U11
x-ua-device
pc
x-cache-hits
8129
servedby
NC1-D-WEB-09.DIGUSVA1.LOC
content-length
287
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
86400.000
server
Microsoft-IIS/7.5
x-varnish-beresp-status
302
x-cachereason
CMS Images
x-varnish
1774844247 1772570755
location
https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/642c87ad-ad8f-4b38-92bc-13c085a5d06c/98cf58ad-bad6-4060-acd6-d394ac707490/1280x720/match/image.jpg
cache-control
max-age=86400
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-varnish-beresp-grace
43200.000
AR-210309752.jpg&updated=20210302194940_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/NEWS/210309752/AR/0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/NEWS/210309752/AR/0/AR-210309752.jpg&updated=20210302194940_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ee250a7246a577f9a185d73f03403c113de717ad7a37e4418739eb18f8fbbbbf

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
10908
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666905-9666887 PNNy RT(1614747285886 0) q(0 3 3 -1) r(4 4) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-05.DIGUSVA1.LOC
content-length
3155
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 01:49:41 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844253 1774073200
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
244
AR-210309792.jpg&updated=20210302140950_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210302/BUSINESS/210309792/AR/0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210302/BUSINESS/210309792/AR/0/AR-210309792.jpg&updated=20210302140950_ffd&imageversion=HorizontalOne&exactH=108&exactW=163&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d42d4ddb5bd8656cc580b7040f84e42c466503936deb9a7467be8579c8ff5503

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
15197
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666906-9666885 PNNy RT(1614747285887 0) q(0 3 3 -1) r(4 4) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-13.DIGUSVA1.LOC
content-length
2582
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Tue, 02 Mar 2021 20:09:52 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844265 1773723435
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
171
urlget
www.dailyherald.com/apps/pbcsi.dll/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/apps/pbcsi.dll/urlget?url=http://eedition.dailyherald.com/images/frontpage/DuPage-County.jpg&Q=50&exactW=147&exactH=133&exactFit=crop&alignV=top&updated=202103022200
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a8ca621cacc45c81ff1e96dd1e106e156ff31c06671b619f0a6ee84756696390

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
3098
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9666907-9666867 PNNN RT(1614747285888 0) q(0 3 3 -1) r(4 4) U2
x-ua-device
mobile-smartphone
x-cache-hits
722
servedby
NC1-D-WEB-10.DIGUSVA1.LOC
content-length
5071
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 04:02:43 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844264 1774646715
expires
Wed, 03 Mar 2021 04:02:43 GMT
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-varnish-beresp-grace
43200.000
pni-promo-300x60-2.png
www.dailyherald.com/gfx/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/gfx/pni-promo-300x60-2.png
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8d71d6818636c36da57b8fc3ff638b0ae1b8689ea452d46cec86dcc9fb2e1dbc

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:49 GMT
x-cdn
Imperva
age
76230
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9666908-9666896 PNNy RT(1614747285890 0) q(0 3 3 -1) r(4 4) U4
x-ua-device
pc
x-cache-hits
12727
servedby
NC1-D-WEB-10.DIGUSVA1.LOC
content-length
5442
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
86400.000
last-modified
Fri, 19 Feb 2021 23:46:18 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"3a2d806b197d71:0"
vary
X-UA,User-Agent
x-varnish
1774844267 1768816764
cache-control
public, max-age=86400
x-stale
true
accept-ranges
bytes
content-type
image/png
x-varnish-beresp-grace
43200.000
optin.js
embed.secondstreetapp.com/Scripts/dist/ 		176 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.19.89.14 , United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-14.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83835f07531a2fa62871c7a60465b56be21f400f657904a9552bf0c94e485f60

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:46 GMT
Content-Encoding
gzip
ETag
"0da33cef5ed71:0"
Last-Modified
Mon, 01 Mar 2021 23:51:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
114
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
51758
webplayer.js
webplayer.spokenlayer.net/0.1/ 		318 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webplayer.spokenlayer.net/0.1/webplayer.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
270176c759641300aa06016b1cc8bb6efaa82db6b89c4e84d22ebb4896e736e9

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
dSIRWzD5qG1wL2ZQHKYMigypzuwg2oL2
content-encoding
gzip
last-modified
Tue, 05 May 2020 18:35:13 GMT
server
AmazonS3
age
40807
etag
W/"c6325a6e6a06e4ac61044bcb737c233e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e25359babcc045566ea407b8f6ab0b65.cloudfront.net (CloudFront)
date
Tue, 02 Mar 2021 17:34:40 GMT
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
TWVgZiMA5jVfGBmdxD2HsqqT77zccKJWtTJMVUC8gMVtMXBqqfMJew==
index.min.js
players.brightcove.net/1659832549/B1GVHvGLz_default/ 		918 KB
243 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/1659832549/B1GVHvGLz_default/index.min.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ab28ca87d8d015e8ce96cd6067af666564eb6990e9e5d529f764938ffd806eed

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
XqGzpQJMkoeo6rZe0iBV_LwoEc.nKSWE
Content-Encoding
gzip
ETag
"42d29bf3d7e62cf1ea0bc6af1d5f06f8"
x-amz-request-id
B90CCB9817DF1323
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
247994
x-amz-id-2
+J6GgjrrJOaSWMx+qgFh3FNFnbkMLHEZyfeM/nAYR05ynuzKqT8c7FCXTIqzmznlEIh588MYHTw=
X-BCOV-Response-Mode
1
X-Served-By
cache-dca17730-DCA
Last-Modified
Thu, 25 Feb 2021 20:45:40 GMT
Server
AmazonS3
X-Timer
S1614286641.454854,VS0,VE1
Date
Wed, 03 Mar 2021 04:54:46 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=173
Accept-Ranges
bytes
X-Cache-Hits
1
AR-210229210.jpg&updated=20210226184152&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210228/NEWS/210229210/AR/0/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210228/NEWS/210229210/AR/0/AR-210229210.jpg&updated=20210226184152&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
30c7146c07c237202ba684dfb80cb6dce88713c03980620707c0732dad072318

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
last-modified
Sat, 27 Feb 2021 00:41:55 GMT
x-cdn
Imperva
etag
"e8be846c"
content-type
image/jpeg
x-iinfo
14-9666909-9666894 PVNy RT(1614747285892 0) q(0 3 3 -1) r(4 4)
cache-control
max-age=31449600, public, must-revalidate
content-length
75666
expires
Wed, 02 Mar 2022 04:54:46 GMT
AR-210229994.jpg&updated=20210218163303&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210222/NEWS/210229994/AR/0/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210222/NEWS/210229994/AR/0/AR-210229994.jpg&updated=20210218163303&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
23b96b186348e77e3280790f3a3b406eb257331bc69e8f423ea59ae7a03339c2

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
last-modified
Thu, 18 Feb 2021 22:33:04 GMT
x-cdn
Imperva
etag
"65b58f9e"
content-type
image/jpeg
x-iinfo
14-9666910-9666898 PVNN RT(1614747285893 0) q(0 3 3 -1) r(4 4)
cache-control
max-age=31449600, public, must-revalidate
content-length
51449
expires
Wed, 02 Mar 2022 04:54:46 GMT
AR-210229972.jpg&updated=20210219215958&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210221/NEWS/210229972/AR/0/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210221/NEWS/210229972/AR/0/AR-210229972.jpg&updated=20210219215958&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
4102f7873b802d35b762dcaa11531b5bbb9f28a32c43609dfdeb8928a92f0da1

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
last-modified
Sat, 20 Feb 2021 04:00:00 GMT
x-cdn
Imperva
etag
"4d7be613"
content-type
image/jpeg
x-iinfo
14-9666911-9666887 PVNy RT(1614747285895 0) q(0 4 4 -1) r(5 5)
cache-control
max-age=31449600, public, must-revalidate
content-length
39928
expires
Wed, 02 Mar 2022 04:54:46 GMT
AR-210219237.jpg&updated=20210218035435&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder
www.dailyherald.com/storyimage/DA/20210217/NEWS/210219237/AR/0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210217/NEWS/210219237/AR/0/AR-210219237.jpg&updated=20210218035435&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
79f8fccf0a68fc6c99f854db28a44f1893ad95e8a84c93e844cd8fba28586a8b

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
last-modified
Thu, 18 Feb 2021 09:54:37 GMT
x-cdn
Imperva
etag
"7962aaf9"
content-type
image/jpeg
x-iinfo
14-9666912-9666867 PVNN RT(1614747285896 0) q(0 4 4 -1) r(5 5)
cache-control
max-age=31449600, public, must-revalidate
content-length
4542
expires
Wed, 02 Mar 2022 04:54:46 GMT
origami-widget.js
origami.secure.ownlocal.com/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami-widget.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:02:40 GMT
age
49926
x-guploader-uploadid
ABg5-UzreMtICZP67nwEmkVI4qKJxZvIXdlqFm-54q32xKpTJQ537j9ttVsnHG11NhQKNtIw9LbrOsDjBlbDb3VcEx4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
13289
last-modified
Mon, 19 Oct 2020 18:40:43 GMT
server
UploadServer
etag
"f5183a07384a657e61aaaeba0fc72448"
x-goog-hash
crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
x-goog-generation
1603132843078573
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13289
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 03 Mar 2021 15:02:40 GMT
queryly.v4.js
www.queryly.com/js/ 		45 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.195.148.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1a56cbe8d675baaaf04f892f237e3d7a87a3bd45d57aabd2d455a5930dc08447

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:42 GMT
Content-Encoding
gzip
ETag
"803432b39abd71:0"
Last-Modified
Thu, 25 Feb 2021 17:21:49 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
8732
dpx.js
i.simpli.fi/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/dpx.js?cid=33483&m=1&sifi_tuid=15402
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Wed, 03 Mar 2021 04:54:46 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3095
x-request-id
Fmi8GgsIK5DOI-0jtNvh
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
Widgets_270.js
magnetapi.klangoo.com/w/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://magnetapi.klangoo.com/w/Widgets_270.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS
162-244-66-114.dedicated.codero.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
28281670a1950d2ee1caa13e27cf344ad889e8e9c364078ec953f8597bc5e8a7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:46 GMT
Content-Encoding
gzip
ETag
"0543d95ccf3d51:0"
Last-Modified
Fri, 06 Mar 2020 15:33:28 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
4055
_Incapsula_Resource
www.dailyherald.com/ 		138 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1532303621
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
aa8a9f6681a75f5ced3a3395aed4f77364044093bb6cdc9db0796b9793b401a1

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
20144
content-type
application/javascript
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1880
content-type
application/javascript
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
A27C212E2231D899
x-amz-id-2
1cd2S2WOvb8G1v6HhOOni90/eIlZtIGi7dwRoYQbHPFhDHUXZRY7neebruxV0Y4+WgfDzXsJLfY=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zmPAd8jTBvQDOi%2BiPU8QdDaLXc7YA0mA7oKO0QAwyI8ZpW2s1rUK8F53aCupUJiMZ6LIvJ3ZNP77QTRLEKb0cPzpmi16mN%2BpN%2B%2F%2Bw%2B0aZNBKKY2M8nm0sVyCfPE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control
max-age=28800
cf-request-id
089809534600004e0eb7826000000001
cf-ray
62a044cba8c74e0e-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
07cf3ec13161cf9bf040c87478633412d55a6fee971f4519961d87acb731aa37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"800 / 607 of 1000 / last-modified: 1614726621"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19335
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:46 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
pkiOsnrw5ub40d2SPOSAjPBBoA7O4uIM
content-encoding
gzip
server
Server
age
93
etag
d7c8ebbead57940cf77ae4183f7ff01a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Wed, 03 Mar 2021 04:53:13 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
usf8_n2ePpdmkGAFfBFjN1m7LbXRK7oBAJas0oaLx2_NBGq9qQkHjg==
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=6mFfluDnUN
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36e356aeca3af4a8e0e9c4edf74272dd07e2dcda0b59c3eaf964935ecd76ff4
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08980953e300004ec7f7026000000001
x-request-id
CazmdpqCatJ
wn
prod-exp-10-0-140-192
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
62a044cc99d54ec7-FRA
expires
Wed, 03 Mar 2021 05:24:46 GMT
gtm.js
www.googletagmanager.com/ 		242 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TM4Q43
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1afb3730318ab0f5929b55c0eb190985ae221005eee5cfd8ae1a41bbe19f1402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54464
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:46 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailyherald.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:800
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 13:34:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:00 GMT
server
sffe
age
141640
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10228
x-xss-protection
0
expires
Tue, 01 Mar 2022 13:34:06 GMT
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:800
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailyherald.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:800
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 12:56:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:44 GMT
server
sffe
age
489498
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9192
x-xss-protection
0
expires
Fri, 25 Feb 2022 12:56:28 GMT
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:46 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
4757
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 29 Jan 2021 06:42:57 GMT
server
AmazonS3
date
Wed, 03 Mar 2021 03:35:30 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
GfDZApitf3re6IxmBIXyTFp2t-7LpZrcj_eoYx7c7HsbMsn2KZlFFA==
t
jadserve.postrelease.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.dailyherald.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
02804b436deb08bfbfacec0114f59e05b0c0f037e1a448b626170cf64a8241b0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
617
expires
Mon, 1 Jan 1990 12:00:00 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM4Q43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3130
date
Wed, 03 Mar 2021 04:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Wed, 03 Mar 2021 06:02:36 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		398 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=6mFfluDnUN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51497b2aeabfad615d9e84c2f68b6bf7a8273258c77770d92ce35253fa5a84a5
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
69
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
089809548d00004ec7ae8ae000000001
wn
prod-dash-10-0-118-46
last-modified
Mon, 01 Mar 2021 16:52:18 GMT
server
cloudflare
etag
W/"408063-1614617538000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript
server-time
0.005
cache-control
public, max-age=300
cf-ray
62a044cdaac54ec7-FRA
expires
Wed, 03 Mar 2021 04:59:46 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyherald.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Mar 2021 04:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dailyherald.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
cx.cce.js
cdn.cxense.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9b18e7bfca8064c887385c5cf57bdbcb6f7d263d0fb9cb320d94bc1f82a62a7c

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Feb 2021 15:28:34 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5903
Expires
Wed, 03 Mar 2021 05:54:46 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-39205744-27&cid=56080417.1614747287&jid=167089783&gjid=1500484014&_gid=891035429.1614747287&_u=YGBAgUABAAQCAE~&z=75887528
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 03 Mar 2021 04:54:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.dailyherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=132662883&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailyherald.com%2F&ul=en-us&de=windows-1252&dt=Daily%20Herald%20-%20Suburban%20Chicago%20Breaking%20News%2C%20Daily%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQC~&jid=167089783&gjid=1500484014&cid=56080417.1614747287&tid=UA-39205744-27&_gid=891035429.1614747287&gtm=2wg2h0TM4Q43&cg2=index&cd2=2021-03-03T05%3A54%3A46.631%2B01%3A00&cd3=GTM-TM4Q43&cd4=80&cd5=https%3A%2F%2Fwww.dailyherald.com%2F&cd6=&cd7=www.dailyherald.com&cd8=0&cd11=index&cd17=Paddock%20Publications&cd18=www&cd21=0&cd22=0&cd29=logged%20out&cm7=0&z=508766363
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:30:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1439
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-39205744-27&cid=56080417.1614747287&jid=167089783&_u=YGBAgUABAAQCAE~&z=198243500
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-39205744-27&cid=56080417.1614747287&jid=167089783&_u=YGBAgUABAAQCAE~&z=198243500
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.js
cdn.cxense.com/ 		111 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6ecec59b25967f1bdaa608b17605aec20f75a0f75ca9caaf178fa13f0d0cc3c9

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Mar 2021 12:14:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26762
Expires
Wed, 03 Mar 2021 05:54:46 GMT
validation
id.tinypass.com/id/api/v1/identity/token/ 		160 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.tinypass.com/id/api/v1/identity/token/validation?client_id=6mFfluDnUN&site=https%3A%2F%2Fwww.dailyherald.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48402587fd6eaa3cd13f0612c942bf8b2208052305887b2a4bddbbeac77216d2
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
089809552c00002b1ee7162000000001
x-request-id
Cbzmdpq7X9y
pragma
no-cache
wn
prod-id-10-0-80-192
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials
true
server-time
0.003
cf-ray
62a044ceaf1e2b1e-FRA
access-control-allow-headers
origin, content-type, accept, authorization
expires
Thu, 01 Jan 1970 00:00:00 GMT
254461
api.secondstreetapp.com/audience_signup_widgets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.secondstreetapp.com/audience_signup_widgets/254461?callback=secondStreetOptinWidget_254461
Requested by
Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.19.89.19 , United States, ASN54105 (SSM-NET, US),
Reverse DNS
199-19-89-19.secondstreetmedia.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
497c23fc32147281ff2a722c8488a273597457be2594fa2e8f1d87df0ab238d2

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:46 GMT
Content-Encoding
br
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
79
Content-Type
text/javascript; charset=utf-8
X-StackifyID
V2|bdcd4c63-e969-4c42-827a-64abb03ffbff|C69601|CD12
Cache-Control
private
Expires
Wed, 03 Mar 2021 05:04:47 GMT
css
fonts.googleapis.com/ 		2 KB
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c50acf54e17870e9a5ebe944f589ecc5e1d947426519c6a969ae9db93040c88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Mar 2021 04:49:39 GMT
server
ESF
date
Wed, 03 Mar 2021 04:54:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Mar 2021 04:54:46 GMT
sp.js
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.5.1/
Redirect Chain
  • https://d1fc8wv8zag5ca.cloudfront.net/2.5.1/sp.js
  • https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.5.1/sp.js
67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.5.1/sp.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b95e4126bb3dfdc24dd8c8c626860866fca381d93a1c7e16c55b522ed32867eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1835702
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
24059
etag
W/"10adf-rt3dQctv3ADgbUQDy3hcTDIjgZI"
x-served-by
cache-fra19138-FRA, cache-hhn4051-HHN
date
Wed, 03 Mar 2021 04:54:47 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Date
Tue, 02 Mar 2021 10:37:27 GMT
Via
1.1 cd58d60f2b52ca321822f27453e5f098.cloudfront.net (CloudFront)
Server
AmazonS3
Age
65841
X-Cache
Hit from cloudfront
Location
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.5.1/sp.js
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Content-Length
0
X-Amz-Cf-Id
nj-Kzr8pUSwOWr0OTIlJjEsvwzMhB1J6NdKrOzLfe41XnpZAkKaEOA==
vtt.global.min.js
vjs.zencdn.net/vttjs/0.12.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/1659832549/B1GVHvGLz_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2017 21:04:55 GMT
etag
"f30dac97e5c2aaa10a7695b93cc66699"
x-served-by
cache-fra19137-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7231
x-cache-hits
97214
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://www.dailyherald.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
5786176757001
edge.api.brightcove.com/playback/v1/accounts/1659832549/playlists/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/1659832549/playlists/5786176757001?limit=100
Protocol
HTTP/1.1
Server
13.224.198.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-208.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
accept
Origin
https://www.dailyherald.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Connection
keep-alive
access-control-allow-headers
accept
access-control-allow-methods
HEAD,GET,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
BCOV-instance
i-078265576038f72a0, 8e1da63, 2021-03-03 04:54:47.351Z
BCOV-REQUEST-ID
d5a9a684-1aa8-4dba-b9f9-90b62a183a31
Cache-Control
max-age=0, no-cache, no-store
Date
Wed, 03 Mar 2021 04:54:47 GMT
Strict-Transport-Security
max-age=77766000; includeSubDomains
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/1659832549/playlists/5786176757001?limit=100
X-Cache
Miss from cloudfront
Via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
ZoUzZqokk-wciR4diDQlqe9s4oKaD-eZoQmurCwlF5ufo2_VfixtTg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/1659832549/B1GVHvGLz_default/index.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:47 GMT
5786176757001
edge.api.brightcove.com/playback/v1/accounts/1659832549/playlists/ 		87 KB
88 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/1659832549/playlists/5786176757001?limit=100
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/1659832549/B1GVHvGLz_default/index.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-208.fra2.r.cloudfront.net
Software
/
Resource Hash
493d8961b2fad1e099523dd7662847ade16afef1b91d50de9c577833ce044e36
Security Headers
Name Value
Strict-Transport-Security max-age=77766000; includeSubDomains

Request headers

Accept
application/json;pk=BCpkADawqM3aidyGt1MoqOOcXXzVZ3o2uBGFZtpr6nwv8tNrWSOlaKgdtPIC3sZj3LEgiv12fQtSBNI6rttKB8mi3MrAFGlYueunNp43FdFa7-phMIjQK-6nI9s
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=77766000; includeSubDomains
Via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
BCOV-REQUEST-ID
fdae4a37-64d1-45a2-ba26-94f07debcfe4
Age
150
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
BCOV-instance
i-0843a0dbc678f47a9, 8e1da63, 2021-03-03 04:52:17.678Z
Date
Wed, 03 Mar 2021 04:52:17 GMT
X-Originating-URL
https://edge-elb.api.brightcove.com/playback/v1/accounts/1659832549/playlists/5786176757001?limit=100
access-control-allow-origin
*
access-control-expose-headers
x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control
max-age=296
X-Amz-Cf-Pop
FRA2-C1
Content-Type
application/json; charset=UTF-8
X-Amz-Cf-Id
GejTji_lpdoeahR2_eYEMO3RHGhtvA3DZGC9uBMziF22RhnERIIr9A==
tracker
metrics.brightcove.com/v2/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=aa3f81abc29c80cbc5163b5a&account=1659832549&destination=https%3A%2F%2Fwww.dailyherald.com%2F&platform_version=6.48.5&player=players.brightcove.com%2F1659832549%2FB1GVHvGLz_default&player_name=DH-2018-Playlist-Homepage&source=&event=player_init&time=1614747287176&seq=0
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Wed, 03 Mar 2021 04:54:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
B1GVHvGLz-880861fe-20d7-4f81-a2ed-0d9282d9c9c0.png
players.brightcove.net/1659832549/studio_overlays/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://players.brightcove.net/1659832549/studio_overlays/B1GVHvGLz-880861fe-20d7-4f81-a2ed-0d9282d9c9c0.png
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f80d25388f03cd0dee4c8fb81c3a704151ac0cf55f9b1c137b1fc62808c2bbe5

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Kie0I23SdT89mwvaEpKr1KPIcmIN6_s7
ETag
"06ade676454a011cfaf2bc52f955ced1"
x-amz-request-id
BAA24772690B5003
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
6945
x-amz-id-2
2t4oNhfs4wknwkQE75GXiyvBepmRGsb9tZjSLM6YIMU3J1Na7EZYaCBQNhHLn3/NR7DGdb4KnNg=
X-BCOV-Response-Mode
1
X-Served-By
cache-dca17728-DCA
Last-Modified
Mon, 09 Sep 2019 20:38:04 GMT
Server
AmazonS3
X-Timer
S1603836785.183708,VS0,VE1
Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Type
image/png
Cache-Control
public, max-age=141
Accept-Ranges
bytes
X-Cache-Hits
1
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=aa3f81abc29c80cbc5163b5a&account=1659832549&destination=https%3A%2F%2Fwww.dailyherald.com%2F&platform_version=6.48.5&player=players.brightcove.com%2F1659832549%2FB1GVHvGLz_default&player_name=DH-2018-Playlist-Homepage&source=&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F1659832549%2Fplaylists%2F5786176757001%3Flimit%3D100&time=1614747287181&seq=1
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Wed, 03 Mar 2021 04:54:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
c03abe7f-c0b0-4ca4-8106-feff3a3f8f54
https://www.dailyherald.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyherald.com/c03abe7f-c0b0-4ca4-8106-feff3a3f8f54
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
c2d5ba70-9298-4e72-b4c4-bbac2c359909
https://www.dailyherald.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyherald.com/c2d5ba70-9298-4e72-b4c4-bbac2c359909
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
d0caed95-7495-4a34-972b-e87339016db8
https://www.dailyherald.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyherald.com/d0caed95-7495-4a34-972b-e87339016db8
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
c030c9fa-625c-4bd8-b57f-1e813a98ca85
https://www.dailyherald.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyherald.com/c030c9fa-625c-4bd8-b57f-1e813a98ca85
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
b8e6fc35-e835-4c8f-ae21-0cf90a9a7fa0
https://www.dailyherald.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyherald.com/b8e6fc35-e835-4c8f-ae21-0cf90a9a7fa0
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.dailyherald.com
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2354865
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17086
cf-request-id
08980956bb0000c281d6b80000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Nbby6p2fFiNsMOG9AG00aRpAEa9L0wmQ1BPd6xVDUW%2B3CoXKueBpdBk0J51aEhibvrRDNhFH%2Bgy3AnusnAT9e7exngDxnN7aq2%2BBRG%2BdBWfdAe4mnBsr0XxIDQefdjQyQ%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62a044d12a43c281-FRA
expires
Mon, 21 Feb 2022 04:54:47 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=aa3f81abc29c80cbc5163b5a&account=1659832549&destination=https%3A%2F%2Fwww.dailyherald.com%2F&platform_version=6.48.5&player=players.brightcove.com%2F1659832549%2FB1GVHvGLz_default&player_name=DH-2018-Playlist-Homepage&source=&usage=social!3.12.2&usage=qualityLevels!2.0.9&usage=qualityMenu!1.4.0&usage=bcPlaylistUi!3.8.0&usage=overlay!2.1.4&usage=schema!0.4.0&usage=inpage-embed&event=player_load&time=1614747287240&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=13400000&qos.performance.memory.totalJSHeapSize=16100000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=0&qos.performance.timing.domContentLoadedEventStart=0&qos.performance.timing.domInteractive=0&qos.performance.timing.domLoading=1614747286136&qos.performance.timing.responseEnd=1614747286160&qos.performance.timing.responseStart=1614747286132&qos.performance.timing.requestStart=1614747285526&qos.performance.timing.secureConnectionStart=1614747285497&qos.performance.timing.connectEnd=1614747285526&qos.performance.timing.connectStart=1614747285472&qos.performance.timing.domainLookupEnd=1614747285472&qos.performance.timing.domainLookupStart=1614747285460&qos.performance.timing.fetchStart=1614747285459&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1614747285459&qos.player.dimensions=%5B%5B1614747287240%2C%220x0%22%2C%221280x720%22%5D%5D&qos.player.pixelratio=%5B%5B1614747287240%2C1%5D%5D&qos.player.screendimensions=%5B%5B1614747287240%2C%221600x1200%22%5D%5D&seq=2
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Wed, 03 Mar 2021 04:54:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
social-btm-44.png
www.dailyherald.com/gfx/rwd/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/gfx/rwd/social-btm-44.png
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/css/rspsv/theme2018-3.css?ver=20210210.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
fd9c5eb69df779ede0d59aae6b06f92167ef7198295bc4248b17c8235de32d4a

Request headers

Referer
https://www.dailyherald.com/css/rspsv/theme2018-3.css?ver=20210210.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:50 GMT
x-cdn
Imperva
age
28504
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9666945-9666867 PNNN RT(1614747286823 0) q(0 0 0 -1) r(1 1) U4
x-ua-device
pc
x-cache-hits
13855
servedby
NC1-D-WEB-14.DIGUSVA1.LOC
content-length
3950
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
86400.000
last-modified
Wed, 08 Aug 2018 15:57:32 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"f9b44584302fd41:0"
vary
X-UA,User-Agent
x-varnish
1774844354 1772599445
cache-control
public, max-age=86400
x-stale
true
accept-ranges
bytes
content-type
image/png
x-varnish-beresp-grace
43200.000
execute
experience.tinypass.com/xbuilder/experience/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/execute?aid=6mFfluDnUN
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa46b7915d5f18d4447382ba36e52d592bd056eb2b95c956319d99eb583805d6
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08980956ff00004ec7fa197000000001
x-request-id
CbzmdpqrrJ4
pragma
no-cache
wn
prod-exp-10-0-117-172
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailyherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
62a044d19f624ec7-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.195.148.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:43 GMT
Last-Modified
Thu, 11 Jun 2020 23:20:57 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"d7046f64640d61:0"
Content-Type
image/png
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
816
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 60F5 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailyherald.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
37101
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:47 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=d7c935d6-85b2-46af-93a4-c6e8577e58ba&ntv_fl=zOcEDJFzfNKR6SyJk0keXkrKNyyGdCSl2ChbV7U_SZE=&ntv_ht=lxY_YAA&ntv_at=303,302&ntv_a=AAAAAAAAAA46sQA&ord=1614747287341&ntv_it
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:47 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=d7c935d6-85b2-46af-93a4-c6e8577e58ba&ntv_fl=zOcEDJFzfNKR6SyJk0keXkrKNyyGdCSl2ChbV7U_SZE=&ntv_ht=lxY_YAA&ntv_at=323&ntv_a=AAAAAAAAAA46sQA&ntv_jtr=2&ntv_it
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:47 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092579&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:47 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1538e3b9cb885329d7ec37ef73e34053f4b55174a738028bd62a83e25d48c9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6355
x-xss-protection
0
server
cafe
etag
18225610270060991024
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Mar 2021 05:02:31 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid
df19b9e1-f32c-4a9b-ba67-3e04c29a8634
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
krk.kargo.com/api/v2/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895638&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=cf3aa798-d9c9-4a27-ae09-8d6ef40eefa7&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5009491303005424
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
83d913a9caeb4e9c0c4cf72c647cdb249929e5c21dc956fb5b80e97de72974e2

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1444
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895640&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=cf3aa798-d9c9-4a27-ae09-8d6ef40eefa7&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8374382508081752
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0bfd0eef0544e7dfdc9892e5b4e7965cfda11f3ec67c58a0673f3852fa495ec3

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895646&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=cf3aa798-d9c9-4a27-ae09-8d6ef40eefa7&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.09297207070862745
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f59557dcce07ba2b2e7ada11093c04399f580c1d1d435cc26b761517a7a89080

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895636&size_id=15&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=43746571-3196-487b-8f9b-b5440c9298bf&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.2308566545658961
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c95624b4ab1cde29519d12306d2d1701862ee47c00ddb432c69465b7f508567d

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1427
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895636&size_id=15&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=57f74cfb-d05e-4de3-9fb9-5bdf038a8d75&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7024843241133152
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fada062c8a25d4057f5db61fe68fb75c5714e921e7f19aab306fef12c9c875ab

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895636&size_id=15&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=03c4aa86-7485-4d5a-98b0-c00c2db43f8e&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.04592341326963023
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
585b7c8d677cf9dc7ba144a9716e600e66fcd0d06edca44c371ba07636d1a2e3

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1433
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895636&size_id=15&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=07a9a9bd-e469-4efe-8cf8-ace8c0b6baa4&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.403777226474727
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
39d626523fb31577b052d6bee922d2feea93278a01941167c79aea3858dc777f

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895636&size_id=15&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=820be312-9c28-4ae1-af4d-b245ca07ca74&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.9122373485370749
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e3d5beaec7a94d57feadbdc3dc8da8df0f590c5e004f7575931da1b3e14f82e1

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1434
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895636&size_id=15&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=964fe741-e862-46a0-a31b-5d99b48c8a7a&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.9983088305543717
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
64e8f8573f370fb02f752f670f9d6953f38dde485393a98bf71293f0116c884a

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895636&size_id=15&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=649d6ac4-82af-4097-98fe-5e368fdbc7c4&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8462816247423124
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3538091bdf7fcc15c569a87e5af8174a1169bdf58deb72e05a11b9b966984f58

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895636&size_id=15&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=868ddeec-edd4-4058-ab4e-2f24b579eabf&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5043419181172168
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
39bc1bb25b65ff4ca558e37c6775588510b456f557fb7e07fc73530ee5a7a5c7

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1425
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895638&size_id=2&alt_size_ids=1%2C55%2C57&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=5432d7e2-2249-424f-8b52-045dc87389a3&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.3065855613770907
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2e36ecccc423dae67e5c4d66a0137a6882e2704aa308b6ca31376610121a6e47

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1442
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895640&size_id=2&alt_size_ids=1%2C55%2C57&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=5432d7e2-2249-424f-8b52-045dc87389a3&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.13712715193523972
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6434333245f005814e7e5fbca477782bbd1e9b14e91ceba5a45e69b84fc3ec88

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17672&site_id=183704&zone_id=895646&size_id=2&alt_size_ids=1%2C55%2C57&rf=https%3A%2F%2Fwww.dailyherald.com%2F&tk_flint=pbjs_lite_v4.19.0&x_source.tid=5432d7e2-2249-424f-8b52-045dc87389a3&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8977124135543189
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
81045982f43fd08dd1153365fa2f319d51ae9575f0b831ad9a0e8801c5d7f92d

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailyherald.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.19.0&referrer=https%3A%2F%2Fwww.dailyherald.com%2F&tmax=2500
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.144.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-144-78.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:47 GMT
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailyherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		781 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
8137ccdda58173a1dfcd36b12230d6c9ce8c849d385d405691e320491bfc98f1

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailyherald.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
86
content-length
340
cygnus
htlb.casalemedia.com/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=261775&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2270d1d7a45aa568e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailyherald.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22710694b8fcf3f87%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261775%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227236dce9c33f3d8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261776%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227393f873476074a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261778%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22749abdee7f324c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261774%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2275b8f9d763789db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261774%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227619097e769aacc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261774%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2277943df46b9a1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261774%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227824d48153c09be%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261774%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227980fe2c602e024%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261774%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22805e9277f57111e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261774%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22818c751ea432542%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261774%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2282720d4141d4828%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261775%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22838e0f92e0ef644%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261776%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2284dceb4c41d3c38%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261778%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2282720d4141d4828%22%2C%22ext%22%3A%7B%22siteID%22%3A%22261775%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
6aaa77cf213b9296a13ae8206ec41bf565ca100678b7f002baf07bad74c42be3

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[194.99.105.99], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailyherald.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
09
expires
Wed, 03 Mar 2021 04:54:47 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailyherald.com
date
Wed, 03 Mar 2021 04:54:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
ascendeum-d.openx.net/w/1.0/ 		174 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ascendeum-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailyherald.com%2F&ch=windows-1252&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cf3aa798-d9c9-4a27-ae09-8d6ef40eefa7%2Ccf3aa798-d9c9-4a27-ae09-8d6ef40eefa7%2Ccf3aa798-d9c9-4a27-ae09-8d6ef40eefa7%2C43746571-3196-487b-8f9b-b5440c9298bf%2C57f74cfb-d05e-4de3-9fb9-5bdf038a8d75%2C03c4aa86-7485-4d5a-98b0-c00c2db43f8e%2C07a9a9bd-e469-4efe-8cf8-ace8c0b6baa4%2C820be312-9c28-4ae1-af4d-b245ca07ca74%2C964fe741-e862-46a0-a31b-5d99b48c8a7a%2C649d6ac4-82af-4097-98fe-5e368fdbc7c4%2C868ddeec-edd4-4058-ab4e-2f24b579eabf%2C5432d7e2-2249-424f-8b52-045dc87389a3%2C5432d7e2-2249-424f-8b52-045dc87389a3%2C5432d7e2-2249-424f-8b52-045dc87389a3&nocache=1614747287393&aus=970x90%2C970x250%2C728x90%7C970x90%2C970x250%2C728x90%7C970x90%2C970x250%2C728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C970x90%2C970x250%2C728x90%2C468x60%7C970x90%2C970x250%2C728x90%2C468x60%7C970x90%2C970x250%2C728x90%2C468x60&divIds=div-gpt-ad-12-leaderboard2Ad%2Cdiv-gpt-ad-12-leaderboard2Ad%2Cdiv-gpt-ad-12-leaderboard2Ad%2Cdiv-gpt-ad-11-generic%2Cdiv-gpt-ad-9-generic%2Cdiv-gpt-ad-8-billboard6Ad%2Cdiv-gpt-ad-7-billboard5Ad%2Cdiv-gpt-ad-6-generic%2Cdiv-gpt-ad-4-generic%2Cdiv-gpt-ad-3-generic%2Cdiv-gpt-ad-2-billboard1Ad%2Cdiv-gpt-ad-0-leaderboard1Ad%2Cdiv-gpt-ad-0-leaderboard1Ad%2Cdiv-gpt-ad-0-leaderboard1Ad&auid=543815484%2C543815485%2C543815488%2C543815481%2C543815481%2C543815481%2C543815481%2C543815481%2C543815481%2C543815481%2C543815481%2C543815484%2C543815485%2C543815488
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
da7f2d9845d6b9076863d49e59e675b490d864d584b5d3d6dc3b54d728de5c9d

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailyherald.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.19.0
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
efc773e545bb28feab4c3d6c1be4623d469c9b94284929383676d1649072593e

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailyherald.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dailyherald.com%2F&pid=JJGiBgDroiGL8&cb=0&ws=1600x1200&v=7.59.00&t=2500&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F30709998%2Fdailyherald.com%2Ffront%22%7D%5D&cfgv=0&pubid=e2650c4b-7b1a-4c11-993a-beb18b2d9629&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailyherald.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
8sTWP5MW8tVAcPwq3A7reA7FKEf1Mk-H5q75T4dyt1PR4hL_-03qRg==
settings
api.spokenlayer.net/web-player/ 		179 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.spokenlayer.net/web-player/settings?publisher=daily-herald
Requested by
Host: webplayer.spokenlayer.net
URL: https://webplayer.spokenlayer.net/0.1/webplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
32dac8a5cfdc613c51af6cb35580e7bb18c886bfc3263be636c5ab698d90b9cb

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 447f0defb04b912ed949f0fdd5a6492e.cloudfront.net (CloudFront)
x-amzn-requestid
11c3e284-027a-4421-b209-a55e7923c40f
x-amzn-remapped-content-length
179
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
etag
W/"b3-1/tpyfk2JGjietKPDAPDN3vhS7w"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amzn-trace-id
Root=1-603f1697-2ae2249f1b4104cf19262d1b;Sampled=1
access-control-allow-headers
origin, X-Requested-With, Content-Type, Accept
x-amz-apigw-id
bmB3tHYeIAMFXiA=
content-length
179
x-amz-cf-id
QlG6xAi85X4WCqC9r5tJyyhHzS_-tzqjPT_u0T49Q8rvmKvSBpEiWw==
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailyherald.com
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:30:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
339862
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:30:25 GMT
active_orders
origami.secure.ownlocal.com/api/ 		335 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=d67833b4-2b7f-462d-8207-989125421219
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
d49f39adb9c9f3f56e8ea5fccd4ed17c42efa9c4cb7d5742c22c92314ae3a886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:09:49 GMT
via
1.1 google
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
2698
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
335
x-xss-protection
1; mode=block
x-request-id
77084370-e7d4-4609-a1fd-b8901437e199
x-runtime
0.161759
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
x-frame-options
SAMEORIGIN
etag
W/"d49f39adb9c9f3f56e8ea5fccd4ed17c"
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cache-control
max-age=3600, public
access-control-expose-headers
i
d.spokenlayer.com/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.spokenlayer.com/i?e=se&se_ca=app&se_ac=init&se_la=%7B%22publication%22%3A%22daily-herald%22%2C%22playlist%22%3A%22publication%22%7D&se_pr=%7B%22iframe%22%3A%22false%22%2C%22border%22%3A%22false%22%2C%22share%22%3A%22false%22%2C%22variant%22%3A%22minimal%22%7D&se_va=300&tv=js-2.5.1&tna=production-player&p=web&tz=Europe%2FBerlin&lang=en-US&cs=windows-1252&res=1600x1200&cd=24&cookie=1&eid=628b7a53-e705-4d9c-862b-3b23b5257139&dtm=1614747287438&vp=1600x1200&ds=1600x7106&vid=1&sid=6f43f25b-8900-43e3-882a-797db1ac3360&duid=a7dfcc795a39a140&fp=2240177259&url=https%3A%2F%2Fwww.dailyherald.com%2F
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.110.143 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
akka-http/10.1.12 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
Widgets_270.css
magnetapi.klangoo.com/w/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://magnetapi.klangoo.com/w/Widgets_270.css
Requested by
Host: magnetapi.klangoo.com
URL: https://magnetapi.klangoo.com/w/Widgets_270.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS
162-244-66-114.dedicated.codero.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f512eb9e46ca8e2dcbbfcbd2cb9e7a36925c12045c613c471c4714ab0b56a012
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
ETag
"0543d95ccf3d51:0"
Last-Modified
Fri, 06 Mar 2020 15:33:28 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=86400
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
2843
magnet.js
cdn.klangoo.com/wgt/ 		306 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klangoo.com/wgt/magnet.js
Requested by
Host: magnetapi.klangoo.com
URL: https://magnetapi.klangoo.com/w/Widgets_270.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS
162-244-66-114.dedicated.codero.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e038aae8b93b75a9c3e6c1d88597cb321bd73592bee2a99f2b7f1bc6670c6fac

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:47 GMT
Content-Encoding
gzip
ETag
"09e1dbca91fd61:0"
Last-Modified
Fri, 01 May 2020 11:14:52 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
71682
_Incapsula_Resource
www.dailyherald.com/ 		1 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7922363732628732
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
show
buy.tinypass.com/checkout/template/ Frame 9699 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb982b31ad55093dfacb6ee94d1ee19dee7b561c43cb3fde08ce861d351b4ead
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Xss-Protection 0

Request headers

:method
GET
:authority
buy.tinypass.com
:scheme
https
:path
/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailyherald.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-type
text/html;charset=UTF-8
access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
no-cache
server-time
0.003
set-cookie
LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4bjw2k7K1gMveY; SameSite=Lax; path=/; expires=Thu, 04-Mar-21 03:54:47 GMT; HttpOnly
strict-transport-security
max-age=60; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-81-153
x-forwarded-https
on
x-request-id
CbzmdpqDa3c
x-xss-protection
0
cf-cache-status
DYNAMIC
cf-request-id
08980957da00004ec7c5bfb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62a044d2f8e44ec7-FRA
content-encoding
br
show
buy.tinypass.com/checkout/template/ Frame 7DAB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23flyoutNavSub&templateId=OTKE5NSJZOWA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQ3W7CMAxG3yXXRUpK_8gdE2UDJpAY66bdheC2UdO0a5ICm_buCxVswnf2OZ8t-RsxcUAURfU8l3amXtfIQy0rIBNwXFxIJfXZcpHHNSvlOdo7DqcWOgGKw2Ck79tltn16fA532zuanoBbIxo1aCTB8X6PsdYj7Mo3fQ24r8qYK6IbnpCkws1dfsr_wrpsjjuoW8kMTBaL8TyLV5vZw5IQlyiZvjFETWfBQ-baD-HNbpWG65flx-Ztiv5ZxjrBlLkoykrpIc7qlolC6dugF1oMHPWj6x-Kr8hE9vNUuUWidcRnmNAgTyiZ-DQMSECp75jV0E0LUMYph5pfzhqJKIlIkIzHURL__AK7PiFkewEAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-1-wG72S&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=0&_qh=ae7cf80941
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf05433199ab6b67a6a672b8db7e503530879b88caca01a1b962829e036a446c
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Xss-Protection 0

Request headers

:method
GET
:authority
buy.tinypass.com
:scheme
https
:path
/checkout/template/show?displayMode=inline&containerSelector=%23flyoutNavSub&templateId=OTKE5NSJZOWA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQ3W7CMAxG3yXXRUpK_8gdE2UDJpAY66bdheC2UdO0a5ICm_buCxVswnf2OZ8t-RsxcUAURfU8l3amXtfIQy0rIBNwXFxIJfXZcpHHNSvlOdo7DqcWOgGKw2Ck79tltn16fA532zuanoBbIxo1aCTB8X6PsdYj7Mo3fQ24r8qYK6IbnpCkws1dfsr_wrpsjjuoW8kMTBaL8TyLV5vZw5IQlyiZvjFETWfBQ-baD-HNbpWG65flx-Ztiv5ZxjrBlLkoykrpIc7qlolC6dugF1oMHPWj6x-Kr8hE9vNUuUWidcRnmNAgTyiZ-DQMSECp75jV0E0LUMYph5pfzhqJKIlIkIzHURL__AK7PiFkewEAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-1-wG72S&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=0&_qh=ae7cf80941
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailyherald.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-type
text/html;charset=UTF-8
access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 12:00:00 NZST
p3p
CP="NON DSP COR OUR IND"
pragma
no-cache
server-time
0.003
set-cookie
LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4bjw2k7K1gMveY; SameSite=Lax; path=/; expires=Thu, 04-Mar-21 03:54:47 GMT; HttpOnly
strict-transport-security
max-age=60; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-141-60
x-forwarded-https
on
x-request-id
CbzmdpqhuM1
x-xss-protection
0
cf-cache-status
DYNAMIC
cf-request-id
08980957e000004ec70c920000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62a044d308ef4ec7-FRA
content-encoding
br
/
www.dailyherald.com/json/sections/ 		37 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/json/sections/?updated=202103030545
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a966f8a6fd5fe53136f5c150f8923abda56267402f354d5bd3d03af28465585f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailyherald.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-returned-from-postprocessresponse
NC1-D-WEB-11, on site DA (2021-03-02 23:54:22:285)
content-encoding
gzip
x-cdn
Imperva
age
0
x-returned-from
NC1-D-WEB-11(2021-03-02 23:54:22:285)
x-iinfo
14-9666981-9666867 PNNN RT(1614747287081 0) q(0 0 0 -1) r(2 2) U18
x-returned-from-beforedispatch
NC1-D-WEB-11, on site DA (2021-03-02 23:54:22:285)
servedby
NC1-D-WEB-11.DIGUSVA1.LOC
x-served-by
ip-172-19-37-29.digusva1.loc
x-passed-to-dll
NC1-D-WEB-11, (2021-03-02 23:54:22:222)
x-passed-to-postprocessresponse
NC1-D-WEB-11, on site DA (2021-03-02 23:54:22:285)
x-actual-url
NC1-D-WEB-11, (/apps/pbcs.dll/section?category=json&template=ovr.sections&profile=1266&mime=json&updated=202103030545)
x-varnish-beresp-status
200
x-powered-by
ASP.NET
vary
X-UA,Accept-Encoding, User-Agent
content-type
text/json; charset=iso-8859-1
cache-control
max-age=0, s-maxage=0
x-passed-to
NC1-D-WEB-11, URL Rewrite on site DA (2021-03-02 23:54:22:207)
expires
Wed, 03 Mar 2021 04:54:22 GMT
x-original-request
/json/sections/?updated=202103030545
date
Wed, 03 Mar 2021 04:57:50 GMT
x-returned-from-dll
NC1-D-WEB-11 (2021-03-02 23:54:22:285)
x-cacheable
NO:Not Cacheable
x-handled-by
NC1-D-WEB-11, Rewrite on site DA
x-varnish-beresp-ttl
-1.000
x-cache
MISS-Varnish
x-ua-device
pc
content-length
14011
last-modified
Wed, 03 Mar 2021 04:32:02 GMT
server
Microsoft-IIS/7.5
x-forwarded-for
194.99.105.99, 198.143.55.9, 172.19.36.170, 172.19.36.170
x-varnish
1774844371
x-passed-to-beforedispatch
NC1-D-WEB-11, on site DA (2021-03-02 23:54:22:222)
x-stale
false
accept-ranges
bytes
x-varnish-beresp-grace
43200.000
/
www.dailyherald.com/json/breaking/ 		52 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/json/breaking/?updated=202103030554
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
45db672e7cf689ddd1e6a60ea2dc5ce32c2f6fa4513e18c8bb9d7b3b0e1f88cf

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailyherald.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-returned-from-postprocessresponse
NC1-D-WEB-13, on site DA (2021-03-02 23:54:22:316)
content-encoding
gzip
x-cdn
Imperva
age
0
x-returned-from
NC1-D-WEB-13(2021-03-02 23:54:22:316)
x-iinfo
14-9666982-9666887 PNNy RT(1614747287087 0) q(0 0 0 -1) r(2 2) U18
x-returned-from-beforedispatch
NC1-D-WEB-13, on site DA (2021-03-02 23:54:22:316)
servedby
NC1-D-WEB-13.DIGUSVA1.LOC
x-served-by
ip-172-19-37-29.digusva1.loc
x-passed-to-dll
NC1-D-WEB-13, (2021-03-02 23:54:22:253)
x-passed-to-postprocessresponse
NC1-D-WEB-13, on site DA (2021-03-02 23:54:22:316)
x-actual-url
NC1-D-WEB-13, (/apps/pbcs.dll/section?category=json&template=ovr.breaking&mime=json&updated=202103030554)
x-varnish-beresp-status
200
x-powered-by
ASP.NET
vary
X-UA,Accept-Encoding, User-Agent
content-type
text/json; charset=iso-8859-1
cache-control
max-age=0, s-maxage=0
x-passed-to
NC1-D-WEB-13, URL Rewrite on site DA (2021-03-02 23:54:22:238)
expires
Wed, 03 Mar 2021 04:54:22 GMT
x-original-request
/json/breaking/?updated=202103030554
date
Wed, 03 Mar 2021 04:57:50 GMT
x-returned-from-dll
NC1-D-WEB-13 (2021-03-02 23:54:22:316)
x-cacheable
NO:Not Cacheable
x-handled-by
NC1-D-WEB-13, Rewrite on site DA
x-varnish-beresp-ttl
-1.000
x-cache
MISS-Varnish
x-ua-device
pc
content-length
168
last-modified
Wed, 03 Mar 2021 04:53:40 GMT
server
Microsoft-IIS/7.5
x-forwarded-for
194.99.105.99, 198.143.55.9, 172.19.36.170, 172.19.36.170
x-varnish
1774844373
x-passed-to-beforedispatch
NC1-D-WEB-13, on site DA (2021-03-02 23:54:22:253)
x-stale
false
accept-ranges
bytes
x-varnish-beresp-grace
43200.000
/
www.dailyherald.com/json/trending/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/json/trending/?updated=202103030554
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
9721c190b94c40a366cba56131dceca307ea460c0a75df330fa2d4df6ef6a35c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailyherald.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-returned-from-postprocessresponse
NC1-D-WEB-14, on site DA (2021-03-02 23:54:22:268)
content-encoding
gzip
x-cdn
Imperva
age
0
x-returned-from
NC1-D-WEB-14(2021-03-02 23:54:22:268)
x-iinfo
14-9666983-9666898 PNNN RT(1614747287091 0) q(0 0 0 -1) r(2 2) U18
x-returned-from-beforedispatch
NC1-D-WEB-14, on site DA (2021-03-02 23:54:22:268)
servedby
NC1-D-WEB-14.DIGUSVA1.LOC
x-served-by
ip-172-19-37-29.digusva1.loc
x-passed-to-dll
NC1-D-WEB-14, (2021-03-02 23:54:22:221)
x-passed-to-postprocessresponse
NC1-D-WEB-14, on site DA (2021-03-02 23:54:22:268)
x-actual-url
NC1-D-WEB-14, (/apps/pbcs.dll/section?category=json&template=ovr.trending&mime=json&updated=202103030554)
x-varnish-beresp-status
200
x-powered-by
ASP.NET
vary
X-UA,Accept-Encoding, User-Agent
content-type
text/json; charset=iso-8859-1
cache-control
max-age=0, s-maxage=0
x-passed-to
NC1-D-WEB-14, URL Rewrite on site DA (2021-03-02 23:54:22:205)
expires
Wed, 03 Mar 2021 04:54:22 GMT
x-original-request
/json/trending/?updated=202103030554
date
Wed, 03 Mar 2021 04:57:50 GMT
x-returned-from-dll
NC1-D-WEB-14 (2021-03-02 23:54:22:268)
x-cacheable
NO:Not Cacheable
x-handled-by
NC1-D-WEB-14, Rewrite on site DA
x-varnish-beresp-ttl
-1.000
x-cache
MISS-Varnish
x-ua-device
pc
content-length
11851
last-modified
Wed, 03 Mar 2021 04:53:39 GMT
server
Microsoft-IIS/7.5
x-forwarded-for
194.99.105.99, 198.143.55.9, 172.19.36.170, 172.19.36.170
x-varnish
1774844374
x-passed-to-beforedispatch
NC1-D-WEB-14, on site DA (2021-03-02 23:54:22:221)
x-stale
false
accept-ranges
bytes
x-varnish-beresp-grace
43200.000
/
www.dailyherald.com/json/obits/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/json/obits/?updated=202103030500
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
5cd2256b39a0be30eb7ff226c43b4a4db3b4f3f46e2e9b3afefa41435b861a79

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailyherald.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-returned-from-postprocessresponse
NC1-D-WEB-15, on site DA (2021-03-02 23:54:22:313)
content-encoding
gzip
x-cdn
Imperva
age
0
x-returned-from
NC1-D-WEB-15(2021-03-02 23:54:22:313)
x-iinfo
14-9666984-9666894 PNNy RT(1614747287106 0) q(0 0 0 -1) r(2 2) U18
x-returned-from-beforedispatch
NC1-D-WEB-15, on site DA (2021-03-02 23:54:22:313)
servedby
NC1-D-WEB-15.DIGUSVA1.LOC
x-served-by
ip-172-19-37-29.digusva1.loc
x-passed-to-dll
NC1-D-WEB-15, (2021-03-02 23:54:22:235)
x-passed-to-postprocessresponse
NC1-D-WEB-15, on site DA (2021-03-02 23:54:22:313)
x-actual-url
NC1-D-WEB-15, (/apps/pbcs.dll/section?category=json&template=ovr.obits&mime=json&updated=202103030500)
x-varnish-beresp-status
200
x-powered-by
ASP.NET
vary
X-UA,Accept-Encoding, User-Agent
content-type
text/json; charset=iso-8859-1
cache-control
max-age=0, s-maxage=0
x-passed-to
NC1-D-WEB-15, URL Rewrite on site DA (2021-03-02 23:54:22:220)
expires
Wed, 03 Mar 2021 04:54:22 GMT
x-original-request
/json/obits/?updated=202103030500
date
Wed, 03 Mar 2021 04:57:50 GMT
x-returned-from-dll
NC1-D-WEB-15 (2021-03-02 23:54:22:313)
x-cacheable
NO:Not Cacheable
x-handled-by
NC1-D-WEB-15, Rewrite on site DA
x-varnish-beresp-ttl
-1.000
x-cache
MISS-Varnish
x-ua-device
pc
content-length
1537
last-modified
Wed, 03 Mar 2021 04:32:02 GMT
server
Microsoft-IIS/7.5
x-forwarded-for
194.99.105.99, 198.143.55.9, 172.19.36.170, 172.19.36.170
x-varnish
1774844375
x-passed-to-beforedispatch
NC1-D-WEB-15, on site DA (2021-03-02 23:54:22:235)
x-stale
false
accept-ranges
bytes
x-varnish-beresp-grace
43200.000
/
www.dailyherald.com/json/topjobs/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/json/topjobs/?updated=202103030500
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e7e0f3aece51bcac342b4224dd89fbd1f781ab88aa7f3a0a6116def727a97de0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailyherald.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-returned-from-postprocessresponse
NC1-D-WEB-01, on site DA (2021-03-02 23:54:22:300)
content-encoding
gzip
x-cdn
Imperva
age
0
x-returned-from
NC1-D-WEB-01(2021-03-02 23:54:22:300)
x-iinfo
14-9666985-9666896 PNNy RT(1614747287107 0) q(0 0 0 -1) r(1 1) U18
x-returned-from-beforedispatch
NC1-D-WEB-01, on site DA (2021-03-02 23:54:22:284)
servedby
NC1-D-WEB-01.DIGUSVA1.LOC
x-served-by
ip-172-19-37-29.digusva1.loc
x-passed-to-dll
NC1-D-WEB-01, (2021-03-02 23:54:22:269)
x-passed-to-postprocessresponse
NC1-D-WEB-01, on site DA (2021-03-02 23:54:22:300)
x-actual-url
NC1-D-WEB-01, (/apps/pbcs.dll/section?category=json&template=ovr.topjobs&mime=json&updated=202103030500)
x-varnish-beresp-status
200
x-powered-by
ASP.NET
vary
X-UA,Accept-Encoding, User-Agent
content-type
text/json; charset=iso-8859-1
cache-control
max-age=0, s-maxage=0
x-passed-to
NC1-D-WEB-01, URL Rewrite on site DA (2021-03-02 23:54:22:269)
expires
Wed, 03 Mar 2021 04:54:22 GMT
x-original-request
/json/topjobs/?updated=202103030500
date
Wed, 03 Mar 2021 04:57:50 GMT
x-returned-from-dll
NC1-D-WEB-01 (2021-03-02 23:54:22:300)
x-cacheable
NO:Not Cacheable
x-handled-by
NC1-D-WEB-01, Rewrite on site DA
x-varnish-beresp-ttl
-1.000
x-cache
MISS-Varnish
x-ua-device
pc
content-length
8068
last-modified
Wed, 03 Mar 2021 04:31:47 GMT
server
Microsoft-IIS/7.5
x-forwarded-for
194.99.105.99, 198.143.55.9, 172.19.36.170, 172.19.36.170
x-varnish
1774844376
x-passed-to-beforedispatch
NC1-D-WEB-01, on site DA (2021-03-02 23:54:22:269)
x-stale
false
accept-ranges
bytes
x-varnish-beresp-grace
43200.000
/
www.dailyherald.com/json/calendar/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailyherald.com/json/calendar/?updated=202103030500
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0b819274a4bd02819de9a9e6abdaad2c082e2317a44fbc765c9d3cc25e10a3ae

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.dailyherald.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-returned-from-postprocessresponse
NC1-D-WEB-02, on site DA (2021-03-02 23:54:22:255)
content-encoding
gzip
x-cdn
Imperva
age
0
x-returned-from
NC1-D-WEB-02(2021-03-02 23:54:22:255)
x-iinfo
14-9666986-9666885 PNNy RT(1614747287108 0) q(0 0 0 -1) r(1 1) U18
x-returned-from-beforedispatch
NC1-D-WEB-02, on site DA (2021-03-02 23:54:22:240)
servedby
NC1-D-WEB-02.DIGUSVA1.LOC
x-served-by
ip-172-19-37-29.digusva1.loc
x-passed-to-dll
NC1-D-WEB-02, (2021-03-02 23:54:22:224)
x-passed-to-postprocessresponse
NC1-D-WEB-02, on site DA (2021-03-02 23:54:22:255)
x-actual-url
NC1-D-WEB-02, (/apps/pbcs.dll/section?category=json&template=ovr.calendar&mime=json&updated=202103030500)
x-varnish-beresp-status
200
x-powered-by
ASP.NET
vary
X-UA,Accept-Encoding, User-Agent
content-type
text/json; charset=iso-8859-1
cache-control
max-age=0, s-maxage=0
x-passed-to
NC1-D-WEB-02, URL Rewrite on site DA (2021-03-02 23:54:22:208)
expires
Wed, 03 Mar 2021 04:54:22 GMT
x-original-request
/json/calendar/?updated=202103030500
date
Wed, 03 Mar 2021 04:57:50 GMT
x-returned-from-dll
NC1-D-WEB-02 (2021-03-02 23:54:22:255)
x-cacheable
NO:Not Cacheable
x-handled-by
NC1-D-WEB-02, Rewrite on site DA
x-varnish-beresp-ttl
-1.000
x-cache
MISS-Varnish
x-ua-device
pc
content-length
6438
last-modified
Wed, 03 Mar 2021 04:32:02 GMT
server
Microsoft-IIS/7.5
x-forwarded-for
194.99.105.99, 198.143.55.9, 172.19.36.170, 172.19.36.170
x-varnish
1774844377
x-passed-to-beforedispatch
NC1-D-WEB-02, on site DA (2021-03-02 23:54:22:224)
x-stale
false
accept-ranges
bytes
x-varnish-beresp-grace
43200.000
AR-210229210.jpg&updated=20210226184152&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder&q=30
www.dailyherald.com/storyimage/DA/20210228/NEWS/210229210/AR/0/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210228/NEWS/210229210/AR/0/AR-210229210.jpg&updated=20210226184152&imageversion=HorizontalOne&exactH=556&exactW=900&exactW=535&exactfit=crop&Q=50&noborder&q=30
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
25e233fa39337f2f91afed3cd5bd09be0d45ffcb7ff9b71b407b3c6bd3b2b2de

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:50 GMT
x-cdn
Imperva
age
211729
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9666987-9666896 PNNy RT(1614747287109 0) q(0 1 1 -1) r(2 2) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-09.DIGUSVA1.LOC
content-length
75684
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Sat, 27 Feb 2021 00:41:55 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844391 1759323211
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1233
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 77FF 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1148
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 03 Mar 2021 05:35:39 GMT
css
fonts.googleapis.com/ Frame F21E 		2 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,700
Requested by
Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c38c25c07bab6ed7b15cc489003e2d4f6c1c287ca083304f802781853b3e5aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Mar 2021 04:41:48 GMT
server
ESF
date
Wed, 03 Mar 2021 04:54:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Mar 2021 04:54:47 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=aa3f81abc29c80cbc5163b5a&account=1659832549&destination=https%3A%2F%2Fwww.dailyherald.com%2F&platform_version=6.48.5&player=players.brightcove.com%2F1659832549%2FB1GVHvGLz_default&player_name=DH-2018-Playlist-Homepage&source=&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F1659832549%2Fplaylists%2F5786176757001%3Flimit%3D100&time=1614747287589&response_time_ms=408&seq=3
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Wed, 03 Mar 2021 04:54:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
rep.gif
scomcluster.cxense.com/Repo/ 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=klsyucif7mahly6b&acc=0&sid=1140844842679956851&loc=https%3A%2F%2Fwww.dailyherald.com%2F&gol=&pgn=&new=0&arf=0&ltm=1614747286811&ref=&tzo=-60&res=1600x1200&dpr=1&col=24&jav=0&bln=en-US&chs=windows-1252&cks=klsyud6n8ca3vnku&ckp=klsyucisfeg8qs8y&glb=&wsz=1600x1200&cp_userState=anon&cp_ver=2.40&cp_testGroup=58&fls=0&flv=
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.80.167 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c

Request headers

Accept
text/html
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:41:02 GMT
age
47625
x-guploader-uploadid
ABg5-UxOKCnMMfLmiKbrKdhjor2OXKmp3I-uTUkbtrX-uq9JVDMPMTGCURzN7B51gPul5KTPslvzSQn2CmW75vOKntc
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
13753
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:45:02 GMT
server
UploadServer
etag
"0ac794e2a61ea0f7ec1bc4cf3520238b"
x-goog-hash
crc32c=HivesQ==, md5=CseU4qYeoPfsG8TPNSAjiw==
x-goog-generation
1605019502335578
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
13753
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/html
expires
Wed, 03 Mar 2021 15:41:02 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/edef2b9b-9d32-4f94-a16f-978b7101dce6/1280x720/match/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/edef2b9b-9d32-4f94-a16f-978b7101dce6/1280x720/match/image.jpg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
44edeb4aa15486f33d33a4e15afa9ca077cbc88b16e58aebc6bf99c9d5268e51

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:06:45 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
373682
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
huynZGUgeog5MO4BFSZU9kkjm-9UJUSkIWELCBFWoZFJxOKi5AoNXw==
Expires
Sat, 26 Feb 2022 21:06:45 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame F21E 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailyherald.com
Referer
https://fonts.googleapis.com/css?family=Muli:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 03:14:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:49:47 GMT
server
sffe
age
524434
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Fri, 25 Feb 2022 03:14:13 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame F21E 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailyherald.com
Referer
https://fonts.googleapis.com/css?family=Muli:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 03:14:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:49:47 GMT
server
sffe
age
524434
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Fri, 25 Feb 2022 03:14:13 GMT
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/10s/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/10s/master.m3u8?fastly_token=NjAzZjZjYWRfYjI0OGQzYTg0ZDQ4OGE1YWY3MGE3YTgxZDRhODNiNjY4MzBhMGFlODkyNjAzN2NmNDIzNGJlOWYyZjllZmVhMw%3D%3D
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
4b963640b17f152a31adfc689bd6c7ce1c77fc8b3c6bf68ab13051c8761a6851

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
x-bolt-device-group
desktop-chrome
content-length
7207
x-served-by
cache-fra19129-FRA
x-device-group
desktop-chrome
x-timer
S1614747288.680875,VS0,VE70
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/cfbe1980-df0c-4a2c-a9c2-265e556bb89a/160x90/match/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/cfbe1980-df0c-4a2c-a9c2-265e556bb89a/160x90/match/image.jpg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
17657fb91d6f0899eddf887c6846adeb6841157f5f562fe169b8b26abee02c01

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:06:48 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
373679
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Content-Length
6167
X-Amz-Cf-Id
BhMKFq-GJNo5OFS9_jwKgMDejcjldhYArlkBRegrQ3ltGHD9VYs2vQ==
Expires
Sat, 26 Feb 2022 21:06:48 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/4775bec4-099f-4cb3-97b2-d93772ece66b/6516343c-cf5f-4bf5-a841-3026124913c0/160x90/match/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/4775bec4-099f-4cb3-97b2-d93772ece66b/6516343c-cf5f-4bf5-a841-3026124913c0/160x90/match/image.jpg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
6e8f9a92bd3c9790f9ae26406f35158f0df740d92d60502e87d8088ef0c6d9ef

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 23 Feb 2021 21:32:04 GMT
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
631363
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Content-Length
7228
X-Amz-Cf-Id
CuWVK4B8hQOgN6-KWAuV4S52vo1r2CXcsn5h-FQIncM0MXzPRnA4pg==
Expires
Wed, 23 Feb 2022 21:32:04 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/1659832549/628426c3-5751-4952-9ff0-35bd78e9affe/main/160x90/51s248ms/match/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/jit/1659832549/628426c3-5751-4952-9ff0-35bd78e9affe/main/160x90/51s248ms/match/image.jpg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
02587cf2ced190dfd755b87db7a2d8ee68900ca3c608ec99199a7c148c392788

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 00:07:50 GMT
Via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
1313217
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Content-Length
3718
X-Amz-Cf-Id
6M1_C-oiVXF4vdgCFpy2GeWq6Rl43m0iNkvDZy206EqfdHuVkMS1cw==
Expires
Wed, 16 Feb 2022 00:07:50 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/0488b56c-c37d-4d48-859a-76ee2de7d619/2f79f6ee-98ec-4cd4-9c99-79d82a5b5b6f/160x90/match/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/0488b56c-c37d-4d48-859a-76ee2de7d619/2f79f6ee-98ec-4cd4-9c99-79d82a5b5b6f/160x90/match/image.jpg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
8b2d74a0f84fa9d68f746d3adb92a4cb69e025d5b4db2cf402dd33a6b3c75921

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Feb 2021 02:17:36 GMT
Via
1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
1737431
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Content-Length
5505
X-Amz-Cf-Id
rXYqbjtX58RKPlJP_529khHXOPEj2GxSbYnZL1cyAHPhfla5ij7IMg==
Expires
Fri, 11 Feb 2022 02:17:36 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/0bb6b5cd-d182-4f75-924f-85eab6d4c0e7/c3a5fe7a-b6a7-4f32-866b-1b535ef8f4e1/160x90/match/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/0bb6b5cd-d182-4f75-924f-85eab6d4c0e7/c3a5fe7a-b6a7-4f32-866b-1b535ef8f4e1/160x90/match/image.jpg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
8a2ba3189943eec12387c5ab51207c1a145dd42b46099c4c5755c34ede4f0b2b

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 01:15:44 GMT
Via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
1827543
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Content-Length
6713
X-Amz-Cf-Id
xUlw1zCWSss-ICJvyVYctWgdrRD9yzkENx1DjiMtB3t8zPrMLhFadg==
Expires
Thu, 10 Feb 2022 01:15:44 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/ed798ede-b012-426c-903f-484a212c54ea/5a2989e4-3421-41bf-9d12-3996087c79c9/160x90/match/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/1659832549/ed798ede-b012-426c-903f-484a212c54ea/5a2989e4-3421-41bf-9d12-3996087c79c9/160x90/match/image.jpg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
89fca5acb8b49a14110351a8275933eb49b543b76d485e7002635f35aab1c1a3

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 21:43:17 GMT
Via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
2531490
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Content-Length
5814
X-Amz-Cf-Id
T4vebvNnQ6Dn5DeJ282FGQtKc9W2FW9R7TIQ0gFNX6IlYohdpO4hWg==
Expires
Tue, 01 Feb 2022 21:43:17 GMT
1659832549_6227180981001_6227180383001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6227180981001_6227180383001-th.jpg?pubId=1659832549&videoId=6227180383001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
acc2607fc31615441696a8ea5ac6b9adf2518c25918bb04b6b791a4b2565ecf7

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 76a7fdbced88b6eccf433c4e386bae41.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
2237562
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
5859
x-served-by
cache-dca17771-DCA, cache-hhn4052-HHN
last-modified
Fri, 29 Jan 2021 01:11:47 GMT
x-timer
S1614747288.817375,VS0,VE0
etag
"fdbb431c80307ca9c34aa951b830c7e2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ahcQ09D_5-2QrQuv8QBRWHcsSN_xAgCWesfhqa16ci8taYP6zPfKmw==
expires
Fri, 12 Feb 2021 07:22:04 GMT
1659832549_6226749774001_6226757643001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6226749774001_6226757643001-th.jpg?pubId=1659832549&videoId=6226757643001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4eb2be02fda536a919f6941f769da4ee33b1ccc298c1820a2dbae45f495a7030

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 82c27f654a5635aeb67d519456516244.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
2323570
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
6157
x-served-by
cache-dca17738-DCA, cache-hhn4052-HHN
last-modified
Wed, 27 Jan 2021 21:24:31 GMT
x-timer
S1614747288.817375,VS0,VE1
etag
"5f18ae193997822aacd7e784b495b79e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
k3kJDtzJUZEKxiQwwnUsdrW9VltcklAfO3FC9ecIvxHquiT90o5q9Q==
expires
Thu, 11 Feb 2021 07:28:37 GMT
1659832549_6226749724001_6226742958001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6226749724001_6226742958001-th.jpg?pubId=1659832549&videoId=6226742958001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
269cee479c19afd99299503b0db9b9b73564cbb3d4701a15ce9a385330b19c81

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
2323570
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
4946
x-served-by
cache-dca17750-DCA, cache-hhn4052-HHN
last-modified
Wed, 27 Jan 2021 20:26:11 GMT
x-timer
S1614747288.817807,VS0,VE1
etag
"30522d35ba2d6fc2c9bbeee5d040db3d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
fJa-2dp0UmRw4A11TdkfZQsb4pZv3aDzixzI3f7FV7YPbecaK6WlaQ==
expires
Thu, 11 Feb 2021 07:28:37 GMT
1659832549_6225285988001_6225288306001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6225285988001_6225288306001-th.jpg?pubId=1659832549&videoId=6225288306001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0803024b2b9566d695b052541e3b41dd393643353cc0589e9717957ddac4f3cc

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 d93f61c3371a812d64846df2034f9796.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
2299452
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
3555
x-served-by
cache-dca17774-DCA, cache-hhn4052-HHN
last-modified
Fri, 22 Jan 2021 15:40:24 GMT
x-timer
S1614747288.817817,VS0,VE0
etag
"6a6a927bfc9eaa540518cc46b013c322"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
OxXkcMgVz2MMjRST63aNOZ6DEJrQzelNKnkgv_KUQRoWwkbixTn3Og==
expires
Thu, 11 Feb 2021 14:10:35 GMT
1659832549_6224257647001_6224263784001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6224257647001_6224263784001-th.jpg?pubId=1659832549&videoId=6224263784001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ae29aa4a761613c1551a5a13f94232f09b357f501272661ef71110d19b31202

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
1784886
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
3312
x-served-by
cache-dca17731-DCA, cache-hhn4052-HHN
last-modified
Tue, 19 Jan 2021 22:55:42 GMT
x-timer
S1614747288.827383,VS0,VE0
etag
"726b7aace87d1fbb2af80ad9ed7b9a43"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
438IrWdqyfTsYazdIGRbqCp_jRyXgnnELOwfZqmLVw2sL6RMSDTwgA==
expires
Wed, 17 Feb 2021 13:06:42 GMT
1659832549_6221983533001_6221966882001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6221983533001_6221966882001-th.jpg?pubId=1659832549&videoId=6221966882001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dbcdb615a4e040504a673d8d4c95f59a0d7358a6bf2ac30ec25dce8b993fad2d

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 b811db48800bf619dbaff61a71022f7f.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
2318572
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
4429
x-served-by
cache-dca17744-DCA, cache-hhn4052-HHN
last-modified
Mon, 11 Jan 2021 21:23:48 GMT
x-timer
S1614747288.827376,VS0,VE1
etag
"421f8be2c82e69ddb118873a7c243d07"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
7mjMBOxEVedJUSj_E1sTGcYpWOFlNmUpPpBb_Ur0a0v9Lyb5H-ZIGA==
expires
Thu, 11 Feb 2021 08:51:56 GMT
1659832549_6218618052001_6216518210001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6218618052001_6216518210001-th.jpg?pubId=1659832549&videoId=6216518210001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c449c2859c7ea6a8396e4c66011c4f37981a283a2cc540038ff59b032d317d4

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
1705379
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
7293
x-served-by
cache-dca17761-DCA, cache-hhn4052-HHN
last-modified
Mon, 28 Dec 2020 15:25:15 GMT
x-timer
S1614747288.827359,VS0,VE1
etag
"1a387954f15df0aae93e5f33343c0ffe"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
U6aaF0QZCiNv7vZ_q63Oeozrk_M6dou5sDciL7wRlI1y9Om95Oz5jw==
expires
Thu, 18 Feb 2021 11:11:48 GMT
1659832549_6215032689001_6214951515001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6215032689001_6214951515001-th.jpg?pubId=1659832549&videoId=6214951515001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
132023c0087d569886faab022f1d1825357cb9bb81673fd311c5400c82db2e67

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 c9bcf1ef5ff6ccbffc94a95572996803.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
2299452
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
5314
x-served-by
cache-dca17775-DCA, cache-hhn4052-HHN
last-modified
Wed, 09 Dec 2020 01:20:28 GMT
x-timer
S1614747288.827316,VS0,VE0
etag
"d27ccc48beee84d13518fb9313dce2f5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
cLqVdze5eEDDB8Y1XjLY86vstyZWl21ge7M7BXVMkXA9AJWqNoBMYQ==
expires
Thu, 11 Feb 2021 14:10:35 GMT
1659832549_6212956796001_6212963721001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6212956796001_6212963721001-th.jpg?pubId=1659832549&videoId=6212963721001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
438c96e0ddb4cf64bc3a1a0571ba1e53834540df8548ea58ef7da6e3fd6b355b

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 91541e88a15c80bced2ffb950f407c1e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
4127518
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
5760
x-served-by
cache-dca17773-DCA, cache-hhn4052-HHN
last-modified
Mon, 30 Nov 2020 01:14:56 GMT
x-timer
S1614747288.842801,VS0,VE0
etag
"4806a8fd28f1fa3281c41e9e6a1438d5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
YyKzRqmpdR8KM-4SpUxJtDTv-J8PRgTRzEORaToNh5u3Spvi4cJ_Cw==
expires
Thu, 21 Jan 2021 10:22:49 GMT
1659832549_6212681684001_6212535723001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6212681684001_6212535723001-th.jpg?pubId=1659832549&videoId=6212535723001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
185149e76413a7f9c685220834b1393784eb6ca6385c5eaf6a0c178a1372cf2c

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
1714019
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
4356
x-served-by
cache-dca17739-DCA, cache-hhn4052-HHN
last-modified
Fri, 27 Nov 2020 14:18:14 GMT
x-timer
S1614747288.842777,VS0,VE1
etag
"28e3ddfa661c63dddb59f7f4b7a8d399"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
lkWCAGb2uSaxzUFdcWvgIHKrFGfBNoTqva4Nki0LQbEOTjt_yQ1b4A==
expires
Thu, 18 Feb 2021 08:47:48 GMT
1659832549_6211800552001_6211803420001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6211800552001_6211803420001-th.jpg?pubId=1659832549&videoId=6211803420001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d6c39afecfcbf5e0234b3e24fa1c659e3b6b6c27809ccde75c4518e8c6d1c34a

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 15d56bef7b8d30c7328ed4685742279e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
2916564
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
4695
x-served-by
cache-dca17764-DCA, cache-hhn4052-HHN
last-modified
Mon, 23 Nov 2020 21:30:30 GMT
x-timer
S1614747288.842759,VS0,VE0
etag
"b2b445005b44c7353f6343f5d2d74331"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Tn6gek8y5AQ1yvH-AeRqACBtlhwXb24T8rOmH8dQOD3wcSvhDEe9Yg==
expires
Thu, 04 Feb 2021 10:45:24 GMT
1659832549_6209492857001_6209486210001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6209492857001_6209486210001-th.jpg?pubId=1659832549&videoId=6209486210001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba8501db326a5fcb204078e2d2aea61be7d04b19d05a6c8811227977b87c2cea

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 a497eba714f030335fd7adebea6fe8b6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
1706887
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
5173
x-served-by
cache-dca17732-DCA, cache-hhn4052-HHN
last-modified
Thu, 12 Nov 2020 22:37:52 GMT
x-timer
S1614747288.842768,VS0,VE0
etag
"aaf320ce777af76ee6d3c2d021c14e59"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
TnEpIpHWpEqi_bJDqrBLhv3Looc2X3zQe9cG5_4NIR_6rKen0a2vBg==
expires
Thu, 18 Feb 2021 10:46:40 GMT
1659832549_6209171758001_6209165017001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6209171758001_6209165017001-th.jpg?pubId=1659832549&videoId=6209165017001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c103367d54c30e98d6b186615393a000bb9f1a9687e8206a83ad41266a2c3fdd

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 b811db48800bf619dbaff61a71022f7f.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
3530363
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
5243
x-served-by
cache-dca17769-DCA, cache-hhn4052-HHN
last-modified
Wed, 11 Nov 2020 22:42:06 GMT
x-timer
S1614747288.842739,VS0,VE1
etag
"7517b32b25a1820c3c08a557a6ae20ea"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
5PcaDhlSdYkIpzRiTuZ9Pqe34jDD_xJ8_BnnQaZHMJRM29pzjsxLJg==
expires
Thu, 28 Jan 2021 08:15:24 GMT
1659832549_6208459711001_6208447983001-th.jpg
f1.media.brightcove.com/8/1659832549/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f1.media.brightcove.com/8/1659832549/1659832549_6208459711001_6208447983001-th.jpg?pubId=1659832549&videoId=6208447983001
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41f5345360c88d8b0ef5ed62ad98ec345d6986cacb46491ffe53463b9a16b10c

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 d93f61c3371a812d64846df2034f9796.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
2918628
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
1, 1
content-length
4037
x-served-by
cache-dca17776-DCA, cache-hhn4052-HHN
last-modified
Mon, 09 Nov 2020 21:14:32 GMT
x-timer
S1614747288.842719,VS0,VE0
etag
"80a1556fed0fe0f1a8440ddd87a04dfa"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0
x-amz-cf-pop
IAD79-C3
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
fBYJxklCH-CinzU-fnnEs-Vn_vdPKrk_kApazAmGaVMbVt3l3QH-Wg==
expires
Thu, 04 Feb 2021 10:10:59 GMT
d0c37f9b-a8be-435c-bacd-0348db3a9fba
https://www.dailyherald.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyherald.com/d0c37f9b-a8be-435c-bacd-0348db3a9fba
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9927ca08ec88adca944e9d114421e0ead89fdadd227a5bf379c0ea207824a84a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
5192
Content-Type
application/javascript
3ac6f956-4547-45a6-b741-315ecd18e837
https://www.dailyherald.com/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyherald.com/3ac6f956-4547-45a6-b741-315ecd18e837
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd320a52548c2bf657125117279260bbe57e24dd637a291e8395ba66191bcec4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
85961
Content-Type
application/javascript
e21cf285-a5e1-4269-8bb4-db87502f1da6
https://www.dailyherald.com/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailyherald.com/e21cf285-a5e1-4269-8bb4-db87502f1da6
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd320a52548c2bf657125117279260bbe57e24dd637a291e8395ba66191bcec4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
85961
Content-Type
application/javascript
ares-unit.css
origami.secure.ownlocal.com/origami_unit/production/ Frame 7C34 		43 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9eb5cb26a1730c20ee1a11202c2a06c6cc7ff4312c9c9ee8dd805ded1edbf673

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 19:04:32 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
35415
x-guploader-uploadid
ABg5-UxL8ElVBT2-ttD1jm2eK9jtzBuOaRD1eT9Ovz6Yrvhkcw2Nwisf06-Q6uLrXs2D6ccGihkOwK791g_Dsvm0oy9p5MIWMQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
44190
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"ca2d3510261a58fb4fbc8ac0361b8e23"
x-goog-hash
crc32c=1WBR9g==, md5=yi01ECYaWPtPvIrANhuOIw==
x-goog-generation
1605019923580659
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
44190
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
text/css
expires
Wed, 03 Mar 2021 19:04:32 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame 7C34 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.dailyherald.com
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2971520
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
cf-request-id
08980959020000c28172365000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2WKh7aytHKE5WObne4t7FM6bF5sBnk5qa9qubDp2mlbhS3yE6CEb7ra%2BfTcQvNgkRwofLj05w9Hjhzgbbnuj%2F4VcEu9YCchVEf1X%2BAZJe3MVwwQsjd4di3PnWkBDbanAdg%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62a044d4cbebc281-FRA
expires
Mon, 21 Feb 2022 04:54:47 GMT
sp.js
snowplow.ownlocal.com/ Frame 7C34 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:17:05 GMT
age
2262
x-guploader-uploadid
ABg5-Uz3MM74-cYIM2IhY_N5euhHczjX0q3_qMVaCrdzd5vtyznC0ClS-AB9qp4Oa0yD6J6D9G1FPWSV-nDaUh0aVVruxPTpWQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
97919
last-modified
Mon, 19 Aug 2019 14:47:45 GMT
server
UploadServer
etag
"53030ece69ef259990486148c204d820"
x-goog-hash
crc32c=/u8IMA==, md5=UwMOzmnvJZmQSGFIwgTYIA==
x-goog-generation
1566226065807390
cache-control
public, max-age=3600
x-goog-stored-content-length
97919
accept-ranges
bytes
content-type
application/x-javascript
expires
Wed, 03 Mar 2021 05:17:05 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame 7C34 		222 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.dailyherald.com
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
4016051
detected-user-agent
Chrome/83.0.4103
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Fri, 15 Jan 2021 17:17:37 GMT
date
Wed, 03 Mar 2021 04:54:47 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame 7C34 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.dailyherald.com
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5792215
vary
Accept-Encoding
cf-request-id
08980958a80000062d3c3ee000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
9264cb57e791e6eb40fe6303caf00acf
cache-control
public, max-age=31536000
cf-ray
62a044d44c2c062d-FRA
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame 7C34 		92 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.dailyherald.com
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5792215
vary
Accept-Encoding
cf-request-id
08980958a90000062d300e9000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
9c1e4b2daa5f001e4b2c0e0893530e46
cache-control
public, max-age=31536000
cf-ray
62a044d44c2d062d-FRA
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 9699 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dfcb1e08f64107d39e7020919a82d4bd6791110e3011a47211c88194f09d94c
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
3031
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08980958ba00004ec70a207000000001
wn
prod-dash-10-0-121-178
last-modified
Mon, 01 Mar 2021 16:47:00 GMT
server
cloudflare
etag
W/"25743-1614617220000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
62a044d45a654ec7-FRA
expires
Wed, 03 Mar 2021 06:54:47 GMT
angular-locale_en-us.js
buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/ Frame 9699 		355 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/angular-locale_en-us.js?v=12.97.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164346316ca3ee6a3d7b0f85cf2c2afb022c2642a107fbac67851cee49ab820b
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
82241
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08980958b800004ec7ef118000000001
wn
prod-dash-10-0-92-13
last-modified
Mon, 01 Mar 2021 16:54:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=522559
x-optimized-by
_sam
cf-ray
62a044d45a674ec7-FRA
expires
Tue, 09 Mar 2021 06:04:06 GMT
urlget
www.dailyherald.com/apps/pbcsi.dll/ Frame 9699 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/apps/pbcsi.dll/urlget?url=http://eedition.dailyherald.com/images/frontpage/DuPage-County.jpg&exactW=172&exactH=155&exactFit=crop&alignV=top&updated=201805231600
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
79de9477102e44c89cd5e91133c6e0ba23228de337ab51cc2ac15cfe38dc4b5b

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23subscriptionPromo&templateId=OTR3UPZ06R1A&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQXW-CMBSG_0uvMWkBC-sd2dxXFmVEyeJdrUdoKIXRFnXL_vuA6BZ7d_q8zzkn5xtxuUcM0frxoNyD3iyRh1peQC7h-DKSSpmzE_IQ1bxUZ7obOJxa6CRoAVNi8ZG95tnz09t8nd3QxQmEs7LRU4zEONrtMDZmhofn274G3FdlJDQxjYhJXOHmxk_En2zK5riGulXcQrBNyTZL71fJ-5L4g1Fyc2WI2c6Bh-ylnuTVOgs26RbTjCTon-W8k1zbMaKdUh4SvG65LLS5fvTSyImjfna5Q_FFLXWfp2poJNuB-BwTFh5iRu58Ng9JyNi4kzPQJQVoO0T2tRjHWoUYoSSMg4DG0c8vG2WBVnsBAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-0-eeOXt&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1590&_qh=4e8db4c95f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:50 GMT
x-cdn
Imperva
age
7977454
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9667003-9667004 NNNN CT(102 209 0) RT(1614747287369 0) q(0 0 3 0) r(4 4) U2
x-ua-device
mobile-smartphone
x-cache-hits
2893573
servedby
NC1-D-WEB-11.DIGUSVA1.LOC
content-length
9524
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Mon, 30 Nov 2020 20:59:54 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844435 1186821129
expires
Mon, 30 Nov 2020 20:59:54 GMT
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-varnish-beresp-grace
43200.000
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 7DAB 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23flyoutNavSub&templateId=OTKE5NSJZOWA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQ3W7CMAxG3yXXRUpK_8gdE2UDJpAY66bdheC2UdO0a5ICm_buCxVswnf2OZ8t-RsxcUAURfU8l3amXtfIQy0rIBNwXFxIJfXZcpHHNSvlOdo7DqcWOgGKw2Ck79tltn16fA532zuanoBbIxo1aCTB8X6PsdYj7Mo3fQ24r8qYK6IbnpCkws1dfsr_wrpsjjuoW8kMTBaL8TyLV5vZw5IQlyiZvjFETWfBQ-baD-HNbpWG65flx-Ztiv5ZxjrBlLkoykrpIc7qlolC6dugF1oMHPWj6x-Kr8hE9vNUuUWidcRnmNAgTyiZ-DQMSECp75jV0E0LUMYph5pfzhqJKIlIkIzHURL__AK7PiFkewEAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-1-wG72S&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=0&_qh=ae7cf80941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dfcb1e08f64107d39e7020919a82d4bd6791110e3011a47211c88194f09d94c
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23flyoutNavSub&templateId=OTKE5NSJZOWA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQ3W7CMAxG3yXXRUpK_8gdE2UDJpAY66bdheC2UdO0a5ICm_buCxVswnf2OZ8t-RsxcUAURfU8l3amXtfIQy0rIBNwXFxIJfXZcpHHNSvlOdo7DqcWOgGKw2Ck79tltn16fA532zuanoBbIxo1aCTB8X6PsdYj7Mo3fQ24r8qYK6IbnpCkws1dfsr_wrpsjjuoW8kMTBaL8TyLV5vZw5IQlyiZvjFETWfBQ-baD-HNbpWG65flx-Ztiv5ZxjrBlLkoykrpIc7qlolC6dugF1oMHPWj6x-Kr8hE9vNUuUWidcRnmNAgTyiZ-DQMSECp75jV0E0LUMYph5pfzhqJKIlIkIzHURL__AK7PiFkewEAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-1-wG72S&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=0&_qh=ae7cf80941
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
3031
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08980958b900004ec7d0847000000001
wn
prod-dash-10-0-121-178
last-modified
Mon, 01 Mar 2021 16:47:00 GMT
server
cloudflare
etag
W/"25743-1614617220000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
62a044d45a684ec7-FRA
expires
Wed, 03 Mar 2021 06:54:47 GMT
angular-locale_en-us.js
buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/ Frame 7DAB 		355 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/angular-locale_en-us.js?v=12.97.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23flyoutNavSub&templateId=OTKE5NSJZOWA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQ3W7CMAxG3yXXRUpK_8gdE2UDJpAY66bdheC2UdO0a5ICm_buCxVswnf2OZ8t-RsxcUAURfU8l3amXtfIQy0rIBNwXFxIJfXZcpHHNSvlOdo7DqcWOgGKw2Ck79tltn16fA532zuanoBbIxo1aCTB8X6PsdYj7Mo3fQ24r8qYK6IbnpCkws1dfsr_wrpsjjuoW8kMTBaL8TyLV5vZw5IQlyiZvjFETWfBQ-baD-HNbpWG65flx-Ztiv5ZxjrBlLkoykrpIc7qlolC6dugF1oMHPWj6x-Kr8hE9vNUuUWidcRnmNAgTyiZ-DQMSECp75jV0E0LUMYph5pfzhqJKIlIkIzHURL__AK7PiFkewEAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-1-wG72S&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=0&_qh=ae7cf80941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164346316ca3ee6a3d7b0f85cf2c2afb022c2642a107fbac67851cee49ab820b
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23flyoutNavSub&templateId=OTKE5NSJZOWA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAFWQ3W7CMAxG3yXXRUpK_8gdE2UDJpAY66bdheC2UdO0a5ICm_buCxVswnf2OZ8t-RsxcUAURfU8l3amXtfIQy0rIBNwXFxIJfXZcpHHNSvlOdo7DqcWOgGKw2Ck79tltn16fA532zuanoBbIxo1aCTB8X6PsdYj7Mo3fQ24r8qYK6IbnpCkws1dfsr_wrpsjjuoW8kMTBaL8TyLV5vZw5IQlyiZvjFETWfBQ-baD-HNbpWG65flx-Ztiv5ZxjrBlLkoykrpIc7qlolC6dugF1oMHPWj6x-Kr8hE9vNUuUWidcRnmNAgTyiZ-DQMSECp75jV0E0LUMYph5pfzhqJKIlIkIzHURL__AK7PiFkewEAAA&experienceId=EXRJVRHGL5TR&widget=offer&tbc=%7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q&iframeId=offer-1-wG72S&url=https%3A%2F%2Fwww.dailyherald.com%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=6mFfluDnUN&contentSection=homepage&zone=Web&pageViewId=klsyucif7mahly6b&visitId=v-klsyucigz6t6uqxk&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=0&_qh=ae7cf80941
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
82241
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08980958b900004ec7fa1ab000000001
wn
prod-dash-10-0-92-13
last-modified
Mon, 01 Mar 2021 16:54:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=522559
x-optimized-by
_sam
cf-ray
62a044d45a694ec7-FRA
expires
Tue, 09 Mar 2021 06:04:06 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=aa3f81abc29c80cbc5163b5a&account=1659832549&destination=https%3A%2F%2Fwww.dailyherald.com%2F&platform_version=6.48.5&player=players.brightcove.com%2F1659832549%2FB1GVHvGLz_default&player_name=DH-2018-Playlist-Homepage&source=&time=1614747287715&event=video_impression&web_ad_info=%7B%22plugin%22%3A%22ima3%22%2C%22pluginVersion%22%3A%223.7.0%22%2C%22adTech%22%3A%22html5%22%2C%22requestMode%22%3A%22onplay%22%2C%22timeout%22%3A4000%7D&video=6234964444001&video_name=90-year-old%20Phil%20Pecoraro%20surprise%20birthday%20party%20in%20Arlington%20Heights&video_duration=95&autoplay=false&preload=metadata&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=4_0
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Wed, 03 Mar 2021 04:54:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
playlist
api.spokenlayer.net/web-player/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.spokenlayer.net/web-player/playlist?publisher=daily-herald&page=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
cb4bf1fc6237a5d6f964265c2ae2a419669635093deb8fda6eb3c0f38b2c8c37

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
via
1.1 447f0defb04b912ed949f0fdd5a6492e.cloudfront.net (CloudFront)
x-amzn-requestid
228d9b64-7d19-4dc6-a215-baad3f03c1c8
x-amzn-remapped-content-length
7321
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
etag
W/"1c99-+a04jP3d6iN/JDVzyaCu7NlRwRQ"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amzn-trace-id
Root=1-603f1698-7ac27609071bf37736fcae5b;Sampled=1
access-control-allow-headers
origin, X-Requested-With, Content-Type, Accept
x-amz-apigw-id
bmB3xGDPoAMFWPg=
content-length
7321
x-amz-cf-id
8MpGcYR4I21OKes01RjiD8rPBGjCPn5FYFhyuZZokufgKRG2GjRi3Q==
1x1.gif
www.dailyherald.com/gfx/site/ 		35 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/gfx/site/1x1.gif
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
631fa66c6d19c86649af2de535a33884b80acb0313db8b8f3ab95b3cc3cbad90

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:50 GMT
x-cdn
Imperva
age
28476
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-iinfo
14-9666995-9666894 PNNy RT(1614747287321 0) q(0 0 0 -1) r(1 1) U4
x-ua-device
pc
x-cache-hits
9745
servedby
NC1-D-WEB-14.DIGUSVA1.LOC
content-length
35
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
86400.000
last-modified
Tue, 27 Aug 2013 21:28:29 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"c7389d5f6ca3ce1:0"
vary
X-UA,User-Agent
x-varnish
1774844399 1772601605
cache-control
public, max-age=86400
x-stale
true
accept-ranges
bytes
content-type
image/gif
x-varnish-beresp-grace
43200.000
materialdesignicons.min.css
cdn.materialdesignicons.com/4.5.95/css/ Frame 7C34 		200 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
BunnyCDN-DE1-723 /
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f

Request headers

Referer
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
content-encoding
br
cdn-edgestorageid
601, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-01-03 21:59:19
cdn-pullzone
190968
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Tue, 08 Oct 2019 23:43:02 GMT
server
BunnyCDN-DE1-723
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=7776000
cdn-requestid
a7e462b1ccbed8e8b31e8f53629ef76d
cdn-requestcountrycode
PL
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
inter.css
rsms.me/inter/ Frame 7C34 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1775d456b2d072bff63c892c38b2d4ea48487302a262024b9374b0c73954ad0

Request headers

Referer
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
7b1eff118e2838cea7ceaba1a9f39e4c244dcc2b
date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
332
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
089809590400002c569834e000000001
x-served-by
cache-fra19180-FRA
last-modified
Wed, 07 Oct 2020 22:34:00 GMT
server
cloudflare
x-github-request-id
79C2:91B4:1A1CEFD:1B9E845:5FC1B535
x-timer
S1606607502.815064,VS0,VE1
etag
W/"5f7e4258-3e47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SpovXZlR7lISW4OEkWwDOdpXVxRaHKAd4B%2FtosaDQA87W3Ix1mI5a7ugLgsVHpo49g4fJDVaD3p0rvyF9iePcx5mJRxWvXsFr%2FSERcigHw%2BdCLD4"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-proxy-cache
MISS
cf-ray
62a044d4db0a2c56-FRA
x-origin-cache
HIT
expires
Wed, 03 Mar 2021 03:18:24 GMT
css2
fonts.googleapis.com/ Frame 7C34 		1 KB
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00f953d66f5d22bfbe627f3326e749b3b1d906f66c3bd02d7bb8d6e037be60e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Mar 2021 04:12:01 GMT
server
ESF
date
Wed, 03 Mar 2021 04:54:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Mar 2021 04:54:47 GMT
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame 7C34 		168 B
527 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 06:42:11 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
79956
x-guploader-uploadid
ABg5-Uy4hCo-JMBc_gm5PSCeOzA3Pi36di5TL6Tem3nK114kfTYOIygzWOY8AwbDDuIwXdNScfYsSWwm4fYNZo2KxIA
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
168
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
x-goog-generation
1605019923603319
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/json
expires
Wed, 03 Mar 2021 06:42:11 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/ed8a3a43-7491-4c71-9834-62e88b2f5559/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/ed8a3a43-7491-4c71-9834-62e88b2f5559/10s/rendition.m3u8?fastly_token=NjAzZjZlZWJfNmZhNWU1MjY2MjBjZjljZGQ0MThkNDIzYjliZjI2N2RlNmM3MTcxODM4MWI3ZmM0NzM5OWE3YzA1MzhiYzJjNA%3D%3D
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
abb27fec9470255518f9c0b1aa4c5f670a7fee5c5d13ad9ef7c0e58e0ad9fa20

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
3993
x-served-by
cache-fra19129-FRA
x-device-group
desktop-chrome
x-timer
S1614747288.803453,VS0,VE135
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 9699 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:47 GMT
cf-cache-status
HIT
age
3030
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
strict-transport-security
max-age=60; includeSubDomains
content-length
2177
cf-request-id
089809599800004ec7f32d9000000001
wn
prod-dash-10-0-128-205
last-modified
Mon, 01 Mar 2021 16:55:08 GMT
server
cloudflare
etag
W/"2177-1614617708000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
62a044d5bbc94ec7-FRA
expires
Wed, 03 Mar 2021 06:54:47 GMT
integrator.js
adservice.google.pl/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.dailyherald.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Mar 2021 04:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailyherald.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Mar 2021 04:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		518 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=838041064216985&correlator=1402932028901565&output=ldjh&impl=fifs&eid=21068529%2C44734940%2C21068110%2C21069809%2C31060322&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=30709998%2Cdailyherald.com%2Cfront&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=970x90%7C970x250%7C728x90%7C468x60%2C320x50%2C300x250%2C300x250%2C300x250%2C320x50%2C300x250%2C300x250%2C300x250%2C300x250%2C320x50%2C300x250%2C970x90%7C970x250%7C728x90&fluid=0%2Cheight%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&prev_scp=pos%3Datf%26refreshIteration%3D0%26module%3Dleaderboard1%26amznbid%3D2%26amznp%3D2%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D133340626dafcb45%26hb_bidder_rubicon%3Drubicon%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D133340626dafcb45%26hb_bidder%3Drubicon%7CrefreshIteration%3D0%26module%3Dmirage%26amznbid%3D2%26amznp%3D2%7Cpos%3Datf%26refreshIteration%3D0%26module%3Dbillboard1%26amznbid%3D2%26amznp%3D2%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D1347f9897e4d23fb%26hb_bidder_rubicon%3Drubicon%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D1347f9897e4d23fb%26hb_bidder%3Drubicon%7Cpos%3Dbtf%26refreshIteration%3D0%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbtf%26refreshIteration%3D0%26module%3Dadmsgbar1L%26amznbid%3D2%26amznp%3D2%7CrefreshIteration%3D0%26module%3Dtestimonial%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbtf%26refreshIteration%3D0%26module%3Dadmsgbar1R%26amznbid%3D2%26amznp%3D2%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D132950c69f87c079%26hb_bidder_rubicon%3Drubicon%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D132950c69f87c079%26hb_bidder%3Drubicon%7Cpos%3Dbtf%26refreshIteration%3D0%26module%3Dbillboard5%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbtf%26refreshIteration%3D0%26module%3Dbillboard6%26amznbid%3D2%26amznp%3D2%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D131a546670a38c0c%26hb_bidder_rubicon%3Drubicon%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D131a546670a38c0c%26hb_bidder%3Drubicon%7Cpos%3Dbtf%26refreshIteration%3D0%26module%3Dadmsgbar2L%26amznbid%3D2%26amznp%3D2%7CrefreshIteration%3D0%26module%3Dtestimonial%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbtf%26refreshIteration%3D0%26module%3Dadmsgbar2R%26amznbid%3D2%26amznp%3D2%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D130a1083415c680c%26hb_bidder_rubicon%3Drubicon%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D130a1083415c680c%26hb_bidder%3Drubicon%7Cpos%3Dbtf%26refreshIteration%3D0%26module%3Dleaderboard2%26amznbid%3D2%26amznp%3D2%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D129815223785b796%26hb_bidder_rubicon%3Drubicon%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D129815223785b796%26hb_bidder%3Drubicon&eri=1&cust_params=page-type%3Dindex%26content-topic%3D%26content-geography%3D%26subscriber-status%3D%26floortest%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1614747147&dt=1614747288006&dlt=1614747286136&idt=648&frm=20&biw=1600&bih=1200&oid=3&adxs=140%2C160%2C1139%2C1139%2C160%2C510%2C1140%2C1139%2C1139%2C160%2C510%2C1140%2C140&adys=155%2C2257%2C537%2C1415%2C3044%2C3044%2C3044%2C6936%2C7930%2C8867%2C8867%2C8867%2C10070&adks=1122596247%2C3200218384%2C4187053610%2C2263027506%2C3756319735%2C3679410241%2C2401106763%2C2019357114%2C1538606012%2C1145082634%2C1808105435%2C826594746%2C2144627567&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dailyherald.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x85%7C310x125%7C302x252%7C302x252%7C300x250%7C580x250%7C300x250%7C302x252%7C302x252%7C300x250%7C580x250%7C300x250%7C1320x115&msz=1320x60%7C310x0%7C300x250%7C300x250%7C300x250%7C580x0%7C300x250%7C300x250%7C300x250%7C300x250%7C580x0%7C300x250%7C1320x90&ga_vid=56080417.1614747287&ga_sid=1614747288&ga_hid=132662883&fws=0%2C0%2C0%2C0%2C0%2C4%2C0%2C0%2C0%2C0%2C4%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C580%2C0%2C0%2C0%2C0%2C580%2C0%2C0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
20470ec1f275b3405923eeae3c8a26cf1354fa5106c4c67a7219ac1878d7c3e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50215
x-xss-protection
0
google-lineitem-id
-1,4996221105,-1,-1,-1,5247098308,-1,-1,-1,-1,5247098308,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138264601358,-1,-1,-1,138297785237,-1,-1,-1,-1,138297785243,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailyherald.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/366f16df-33b6-42ec-b2ff-912f070d2b4d/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/366f16df-33b6-42ec-b2ff-912f070d2b4d/10s/rendition.m3u8?fastly_token=NjAzZjZlZWJfNTE3YjFlMGIzNzVmZTAyNDFhY2U3N2NjOTNmYzhmMTdlMjJmNWZjOTZiN2MwYjZjZGEwOTQ0MmQ5YWM1ZmI0ZQ%3D%3D
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
88aae8fedebecc1c7bc79e83d42fd8bc68be19c93d0242a5c3af22b30a1da8e9

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
3984
x-served-by
cache-fra19129-FRA
x-device-group
desktop-chrome
x-timer
S1614747288.048807,VS0,VE117
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
segment0.ts
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/ed8a3a43-7491-4c71-9834-62e88b2f5559/5x/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/ed8a3a43-7491-4c71-9834-62e88b2f5559/5x/segment0.ts?akamai_token=exp=1614769899~acl=/media/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/ed8a3a43-7491-4c71-9834-62e88b2f5559/*~hmac=301086fa9b07aeb688c0a88818f73c7404574da33ed32ef2349bad2afd4cb17f
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ BC
Resource Hash
daa5d8c3566e7bc9fae7ac03564456b47cd271cac65faca21b63299ab32e52d6

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:48 GMT
X-Powered-By
BC
Backend-IP
54.197.13.63
BC-MID
true
Connection
keep-alive
Content-Length
2421816
X-Served-By
cache-dca17780-DCA
Expires
Thu, 24 Feb 2022 20:32:51 GMT
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1614199500.508875,VS0,VE4
X-Powered-From
gantry
ETag
"02d4884f93c27e205f5fae4b31fbe6a0"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=30987483
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Cache-Hits
1
ares-unit.js
origami.secure.ownlocal.com/origami_unit/production/ Frame 7C34 		114 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
343ea3c17fa2d9c0502e019abd2f22d748dc6926105fc21c2aaded55e783b38a

Request headers

Origin
https://www.dailyherald.com
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 09:40:06 GMT
x-goog-meta-goog-reserved-file-mtime
1605019378
age
69282
x-guploader-uploadid
ABg5-UxGqbPbPs71pG2JaYEFSG1KF1LuOUdSU78ITdbbGptg2wcPngHTFaZL0A-Z4pwj1dV6wiSbfauaRiR016WLrSqIPC0PLQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
116430
accept-ranges
bytes
last-modified
Tue, 10 Nov 2020 14:52:03 GMT
server
UploadServer
etag
"1446c964725d9fed3a606a6f124276ac"
x-goog-hash
crc32c=KknYiA==, md5=FEbJZHJdn+06YGpvEkJ2rA==
x-goog-generation
1605019923664535
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
116430
x-goog-meta-surrogate-key-control
max-age=31536000
content-type
application/javascript
expires
Wed, 03 Mar 2021 09:40:06 GMT
latest.json
origami.secure.ownlocal.com/origami_configs/b025a7b8-88a5-4d3e-bb31-b2bfbf063d92/ Frame 7C34 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/b025a7b8-88a5-4d3e-bb31-b2bfbf063d92/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a93b0f13446d89ad947ec9cfd39c21ba53d4099b41aba3fd76dacd2a94e31be8

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:22:54 GMT
age
1914
x-guploader-uploadid
ABg5-UzwvAIogN2RVTHbNiKj4wQ9z-OdtfkzxvzVz4U_LiraTXJLJ431eShrrnQADgRQE13w6UywkOuuoC1U-6c0amA
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
b025a7b8-88a5-4d3e-bb31-b2bfbf063d92
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
2722
last-modified
Mon, 01 Mar 2021 11:33:29 GMT
server
UploadServer
etag
"b10906663612fb050bc5452c67bd3c4e"
x-goog-hash
crc32c=Wlyd/w==, md5=sQkGZjYS+wULxUUsZ708Tg==
x-goog-generation
1614598409531597
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2722
accept-ranges
bytes
content-type
application/json
expires
Wed, 03 Mar 2021 05:22:54 GMT
segment0.ts
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/366f16df-33b6-42ec-b2ff-912f070d2b4d/5x/ 		282 KB
283 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/366f16df-33b6-42ec-b2ff-912f070d2b4d/5x/segment0.ts?akamai_token=exp=1614769900~acl=/media/v1/hls/v4/clear/1659832549/caf47e2f-b1dd-4831-9402-f52b89f59bc4/366f16df-33b6-42ec-b2ff-912f070d2b4d/*~hmac=aef4bddb4a008bbcaa85346defeaf4cb63de73ceaa4dc51c7e9f8a25556abcf9
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ BC
Resource Hash
1cf23e54c2ce4d40f71b6cb380f40eeda7409b7b47de57beb015350762e87a42

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:48 GMT
X-Powered-By
BC
Backend-IP
107.20.108.229
BC-MID
true
Connection
keep-alive
Content-Length
289144
X-Served-By
cache-dca17747-DCA
Expires
Thu, 24 Feb 2022 20:26:43 GMT
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1614199500.736235,VS0,VE1
X-Powered-From
gantry
ETag
"f286c3c46c9fb96105fc7a0750c4a7bc"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=30987115
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Cache-Hits
1
i
d.spokenlayer.com/ 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.spokenlayer.com/i?e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5zcG9rZW5sYXllci9zZXNzaW9uL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7InRyYWNrZXIiOnsidHJhY2tlck5hbWVzcGFjZSI6IndlYi1wbGF5ZXIiLCJhcHBJZCI6ImRlZmF1bHQiLCJwbGF0Zm9ybSI6IndlYiIsInVzZXJJZCI6InRlc3RfdXNlcl9pZCIsImxhbmd1YWdlIjoiZW4ifSwiY29tbW9uIjp7fSwiZXZlbnREYXRhIjp7ImV2ZW50TmFtZSI6InN0YXJ0IiwiZGlzdHJpYnV0b3JJZCI6ImRhaWx5LWhlcmFsZCJ9fX19&tv=js-2.5.1&tna=production-player&p=web&tz=Europe%2FBerlin&lang=en-US&cs=windows-1252&res=1600x1200&cd=24&cookie=1&eid=c2c04b92-0c19-4081-b8fc-f7f192deaf05&dtm=1614747288261&vp=1600x1200&ds=1600x10678&vid=1&sid=6f43f25b-8900-43e3-882a-797db1ac3360&duid=a7dfcc795a39a140&fp=2240177259&url=https%3A%2F%2Fwww.dailyherald.com%2F
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.110.143 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
akka-http/10.1.12 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
1ed655eb-839b-4214-8ee9-d027864f06e8.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame 7C34 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/1ed655eb-839b-4214-8ee9-d027864f06e8.jpeg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
33990cb92b3d624dce10309780a3cbdd59fd915c286f8e8faf519fe9a053949d

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:22:54 GMT
age
1914
x-guploader-uploadid
ABg5-UxzpwvBqyKE8KBo8J0r1Bd6aIZBKxTdv7CCfRGsszRPCGc9NQ-o2uYNYhQDIrSYp39oBjjMck1X08FpGKPX1aE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29038
last-modified
Tue, 10 Sep 2019 13:36:56 GMT
server
UploadServer
etag
"78c45ffb76f932d6df15dd6ef1d39bb4"
x-goog-hash
crc32c=DSTLpA==, md5=eMRf+3b5MtbfFd1u8dObtA==
x-goog-generation
1568122616600242
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
29038
accept-ranges
bytes
content-type
application/octet-stream
expires
Wed, 03 Mar 2021 05:22:54 GMT
Inter-roman.latin.var.woff2
rsms.me/inter/font-files/ Frame 7C34 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.latin.var.woff2?v=3.15
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5156501c82759bb0891d4a37c4eb6bce023623d762572a946c56a17d8ae37bd8

Request headers

Origin
https://www.dailyherald.com
Referer
https://rsms.me/inter/inter.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
f90504b734d04ec1d2797af7ccd014a5af879d3c
date
Wed, 03 Mar 2021 04:54:48 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
141941
x-cache
HIT
x-cache-hits
2
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51896
cf-request-id
0898095afb0000d6e160034000000001
x-served-by
cache-fra19158-FRA
last-modified
Wed, 07 Oct 2020 22:33:55 GMT
server
cloudflare
x-github-request-id
0B6E:50A2:34408:3AC1D:6036FFC4
x-timer
S1614605348.980527,VS0,VE0
etag
"5f7e4253-cab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5tZ36zdyQ%2F2BKs7HfA8F4LT9chwL5mA8bLTh4d%2F6TtgQP4GJhkxyk9opT9rl67YCc10WkqMyJVsAJmnBemqk07yPXM1GP6a8%2BKN3FcyFbufBSkuF"}],"max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
MISS
accept-ranges
bytes
cf-ray
62a044d7fa46d6e1-FRA
x-origin-cache
HIT
expires
Thu, 25 Feb 2021 01:49:17 GMT
materialdesignicons-webfont.woff2
cdn.materialdesignicons.com/4.5.95/fonts/ Frame 7C34 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.materialdesignicons.com/4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.materialdesignicons.com
URL: https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
BunnyCDN-DE1-723 /
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a

Request headers

Origin
https://www.dailyherald.com
Referer
https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
cdn-cache
HIT
cdn-edgestorageid
632, 617, 617
cdn-cachedat
2021-01-03 21:59:24
cdn-pullzone
190968
content-length
262440
last-modified
Tue, 08 Oct 2019 23:43:01 GMT
server
BunnyCDN-DE1-723
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=7776000
cdn-requestid
6e5fb79b5b1e3e0bedaf746ec66c2b58
cdn-requestcountrycode
PL
accept-ranges
bytes
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame 7C34 		26 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1614747288288&e=pv&url=https%3A%2F%2Fwww.dailyherald.com%2F&page=AdForge%20Ad%20Unit&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=2b93f26a-9715-4870-b2ab-e3ab0486c992&dtm=1614747288286&vp=300x300&ds=300x300&vid=1&sid=6f43f25b-8900-43e3-882a-797db1ac3360&duid=a7dfcc795a39a140&fp=2240177259&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYjAyNWE3YjgtODhhNS00ZDNlLWJiMzEtYjJiZmJmMDYzZDkyIiwiYmlkIjoiODU4Y2QwZjgtMGNkMi00M2M1LWIwMGMtYmMyYTA0NzE0ZGE3IiwicGlkIjoiZDY3ODMzYjQtMmI3Zi00NjJkLTgyMDctOTg5MTI1NDIxMjE5In19XX0
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
542286dafea18af888ed94f0aef13772
function-execution-id
9yc3p97qdobc
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
e23b13d0-2058-4570-b8b4-12beaf25cf2b.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 7C34 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/e23b13d0-2058-4570-b8b4-12beaf25cf2b.jpeg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bc45eeb2eb917e30716c8261b85b812cbaf15ee66f302fa3274de5c278538ca8

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:22:54 GMT
age
1914
x-guploader-uploadid
ABg5-Uz3kc1jVNb7-it798AhulmeuX78R-hdA6biy-_OrOLxrZ2SAwDzu9axRg40aKCUIyhvEnLLPfSVskx2Q3lUSE4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41267
last-modified
Mon, 01 Mar 2021 11:30:32 GMT
server
UploadServer
etag
"0bc241018be9d6031fec907845b3bfbc"
x-goog-hash
crc32c=w0mRJQ==, md5=C8JBAYvp1gMf7JB4RbO/vA==
x-goog-generation
1614598232310041
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
41267
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 03 Mar 2021 05:22:54 GMT
e23b13d0-2058-4570-b8b4-12beaf25cf2b.jpeg
storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/ Frame 7C34 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/categories/300/e23b13d0-2058-4570-b8b4-12beaf25cf2b.jpeg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bc45eeb2eb917e30716c8261b85b812cbaf15ee66f302fa3274de5c278538ca8

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:22:54 GMT
age
1914
x-guploader-uploadid
ABg5-Uz3kc1jVNb7-it798AhulmeuX78R-hdA6biy-_OrOLxrZ2SAwDzu9axRg40aKCUIyhvEnLLPfSVskx2Q3lUSE4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41267
last-modified
Mon, 01 Mar 2021 11:30:32 GMT
server
UploadServer
etag
"0bc241018be9d6031fec907845b3bfbc"
x-goog-hash
crc32c=w0mRJQ==, md5=C8JBAYvp1gMf7JB4RbO/vA==
x-goog-generation
1614598232310041
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
41267
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 03 Mar 2021 05:22:54 GMT
RecommendArticles_RuleBased
magnetapi.klangoo.com/NewsAgencyService.svc/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://magnetapi.klangoo.com/NewsAgencyService.svc/RecommendArticles_RuleBased?calk=f53ccb18-4c0f-417e-a7a2-45802e5c430f&articleUID=_notset_&langToShowOnly=en&userID=c867e787-6bc8-4454-a833-0b006393e1cc&rulesGroupID=2&format=json&callback=__CB&token=recom_270-4&showDetails=4&maxReturnRows=5
Requested by
Host: cdn.klangoo.com
URL: https://cdn.klangoo.com/wgt/magnet.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS
162-244-66-114.dedicated.codero.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
938255de6c858694c31eac803dbe1100d1089d2064e382db6a47e9d08f24b8f4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
1743
container.html
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A3C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailyherald.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Wed, 03 Mar 2021 04:54:48 GMT
expires
Thu, 03 Mar 2022 04:54:48 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:48 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 05ED 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
61275
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 05ED 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
61275
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 05ED 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
61275
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 05ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
61275
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 05ED 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
61275
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
truncated
/ Frame 05ED 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fee1a9b024bf467a687310f2ce35add02dfd4c58a227da7350cbef55b28b8a2

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
container.html
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0449 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailyherald.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Wed, 03 Mar 2021 04:54:48 GMT
expires
Thu, 03 Mar 2022 04:54:48 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
8162358455605628050
tpc.googlesyndication.com/simgad/ Frame 05ED 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8162358455605628050?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qleyrS00HZPzag0sAltd1AuiMQ7oA
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cc0df2aa868958de0a8202d75e5f8960685354756deb7358fe28cf7508e19b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 15:02:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 02:52:07 GMT
server
sffe
age
481916
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42345
x-xss-protection
0
expires
Fri, 25 Feb 2022 15:02:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 05ED 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
29273
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 03 Mar 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 05ED 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
23863
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 03 Mar 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame 05ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqN5u1t0E22ZFhUf709EQ_ZVVMsHjPPZJyHc6-N0EOGEmq5gCG9hPwxy0JHhFewkBK4d7D
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 05ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cys4imBY_YLGSBpPa3gOa6bL4A62NksBhpu-rrJ4N3NkeEAEg5IXiH2Dp5MmF2BqgAdaKgukCyAEC4AIAqAMByAMIqgTfAU_Qierr_jk8yGS1fAcGTFw-i-Tx2w_josEZA3B8Hd5DTLgkwtnYQ4tDXvY8N96DPqpNxgeZ3cC4SfsALRIAPD8cwr89Ft-sHNJl1tNZop1OV8ef_1D-KRs3anI40qy4f7FEL_nrjEf-V1U7NOdxUiorT2fGgDtuVFjBk-PZY10o9bBVQF-sPvAqNslj0o8DSi2_ujUeaAg_6wAv3qMZMOqay7udjzZ7dTK_598dr9TDstgoqe_QkvsZKgYwFKJUoUqbJZsupOSJPmjXONNOIk34kHHBapkHeu4MSAjJIgTABN-q-vHEA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeS9f2WAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCl8gTSCAkIgOGAcBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItMjU5NjU4NDA4NDUyMTM2NA&sigh=Zs75UvFc920&tpd=AGWhJmu75Yiu5v8qzwxMxiMQqqHwE9oIWo3tHDv8a5WWKJ96sg
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame A3C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:25:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1776
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Mar 2021 04:25:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A3C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTuCLmBY_YLCSBpPa3gOa6bL4A8K-0OVgtOail-sLvN3Dv_gaEAEg5IXiH2Dp5MmF2BqgAeiH-KUDyAEGqQJ3-kH1Ska0PuACAKgDAcgDmwSqBNsBT9DL1cvkg43KjgFbEQg7czKR3wS3SoN5qPjLhWBaiqI80Wqj4xOCiPhIG33Zmzcwx6AWewcsww-_H6ZMCy-dhrfS5GNQqro26Iy2mfP22Y1Qt7jq3o2Ph5KXBVo4lrm-Bi7F9xR0WyUiYEl_zVjlYL2uuM-681XkRlF51GAEURfgKT0ts0F8Pegd3TuRo0JVtR7lrNz6ePaVZPJ01AiTfJJAT2H4ZDqDSSgTbxBDaE3jeJWiSDyHy3ydhuIsOXL7huHs1wGptvIBDRXGANnEy2FyoXj18jilvGvgwAT3h47V_gLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHgPiHWqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCtnAjSCAkIgOGAcBABGB2ACgPICwHYEw2IFAGyFxoKGAgAEhRwdWItMjU5NjU4NDA4NDUyMTM2NA&sigh=F_4ucrxYDgg&template_id=492&tpd=AGWhJmsvGVNzg9dGnUgd2sEfYUi7ZLOJwzC_MKOlUN9bpg-FKA
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/ Frame A3C4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
7415731890135056792
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Mar 2021 04:18:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame A3C4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/window_focus_fy2019.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Mar 2021 04:06:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A3C4 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame A3C4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 22:13:57 GMT
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame A3C4 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 05:48:51 GMT
server
sffe
age
339512
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Fri, 28 May 2021 06:36:16 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 0449 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:25:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1776
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Mar 2021 04:25:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0449 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdxnkmBY_YLKSBpPa3gOa6bL4A8e1_M9h2JuBiocNloLNhYgWEAEg5IXiH2Dp5MmF2BqgAdWMl9sDyAEGqQJ3NidXeuCRPuACAKgDAcgDmwSqBOABT9DOiHeVlv-HL7yD8A9yLnViULoKkOaDMwmKGnaR8l-ClsLRgZv9eC1jHuZ1VsmF0IMGMaetp52zmoUb-qeqhsJQ3c2NLs7guZeNwL1y7c_fb_4pfS3ddMU0s1Q09NR2tVzfJ9SOhgS6ULCec03CVfztWR5zKrx0wBuUYJvByH6ZrMXz9IFsSpsx4ifgVAZv2BktuoIWGIS1HTdNw7w3eT6tdPIqtXZnFzCkVbzTw-x1dLxUtCfquXudIc6GxokspIq_dPOvatATxsl08ExpGtm3Z4-um4aVWgJcD1jqdl7ABIqT4Oa7A-AEAZIFBAgEGAGSBQQIBRgEoAY3gAeT8-gkqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOjyBNIICQiA4YBwEAEYHYAKA8gLAdgTDYgUApgWAbIXGgoYCAASFHB1Yi0yNTk2NTg0MDg0NTIxMzY0&sigh=WR3OLM_ds8Q&template_id=492&tpd=AGWhJmsVihXZlA3iiFnjlNexroYWi9l8rpA050COkYtL9-qj9g
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/ Frame 0449 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
7415731890135056792
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Mar 2021 04:18:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 0449 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/window_focus_fy2019.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Mar 2021 04:06:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0449 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame 0449 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 22:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 22:13:57 GMT
l
www.google.com/ads/measurement/ Frame 0449 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQMc2vG6Lw0g04smwx9dMIaLUTMJjkFkWdr9OkhXiAcns1y9kz4e47XJeijay1NonqRsYx
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame 0449 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 05:48:51 GMT
server
sffe
age
339512
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Fri, 28 May 2021 06:36:16 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4062694258640632389/ Frame A3C4 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4062694258640632389/downsize_200k_v1?w=600&h=314
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a067e98cb9e93479ebc32cdc89bdeb4b393e9e3fbb53e26ec8be794a63ec309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 09:26:14 GMT
x-content-type-options
nosniff
age
415714
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21890
x-xss-protection
0
last-modified
Thu, 09 Jul 2020 11:06:22 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 09:26:14 GMT
truncated
/ Frame A3C4 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
downsize_200k_v1
tpc.googlesyndication.com/simgad/10625850591716322808/ Frame 0449 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10625850591716322808/downsize_200k_v1?w=400&h=209
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
466932068736cbc2cb61bfbd9133e006ed481fe533623abb787c67864c9e501a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 01:16:03 GMT
x-content-type-options
nosniff
age
445125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15258
x-xss-protection
0
last-modified
Wed, 17 Feb 2021 08:53:37 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 01:16:03 GMT
truncated
/ Frame 0449 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
si
googleads.g.doubleclick.net/pagead/drt/ Frame 05ED
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 03 Mar 2021 04:54:48 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
8162358455605628050
tpc.googlesyndication.com/simgad/ Frame 05ED 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8162358455605628050?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qleyrS00HZPzag0sAltd1AuiMQ7oA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cc0df2aa868958de0a8202d75e5f8960685354756deb7358fe28cf7508e19b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 15:02:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 02:52:07 GMT
server
sffe
age
481916
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42345
x-xss-protection
0
expires
Fri, 25 Feb 2022 15:02:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 05ED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
29273
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 03 Mar 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 05ED 		295 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
23863
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 03 Mar 2021 22:17:05 GMT
AR-210309905.jpg&updated=202103020616&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
www.dailyherald.com/storyimage/DA/20210301/NEWS/210309905/AR/0/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/DA/20210301/NEWS/210309905/AR/0/AR-210309905.jpg&updated=202103020616&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
3bfec798320a52b608bbeccd731cd9acb14ef7d0cc7a02b409769f722788c23c

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
last-modified
Mon, 01 Mar 2021 22:34:09 GMT
x-cdn
Imperva
etag
"12c18a37"
content-type
image/jpeg
x-iinfo
14-9667016-9666896 PVNy RT(1614747288367 0) q(0 0 0 -1) r(1 1)
cache-control
max-age=31449600, public, must-revalidate
content-length
14745
expires
Wed, 02 Mar 2022 04:54:48 GMT
AR-210309803.jpg&updated=202103021842&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
www.dailyherald.com/storyimage/da/20210302/news/210309803/AR/0/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/da/20210302/news/210309803/AR/0/AR-210309803.jpg&updated=202103021842&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
176f9d4004adbf25fcb862f7099b3127ac9bb800d8ab2a46da909cafd2e9c893

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:51 GMT
x-cdn
Imperva
age
7835
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9667017-9666894 PNNy RT(1614747288373 0) q(0 0 0 -1) r(1 1) U18
x-ua-device
pc
servedby
NC1-D-WEB-04.DIGUSVA1.LOC
content-length
22054
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Wed, 03 Mar 2021 00:42:13 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844476 1774308254
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
128
AR-210309853.jpg&updated=202103021609&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
www.dailyherald.com/storyimage/da/20210302/business/210309853/AR/0/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/da/20210302/business/210309853/AR/0/AR-210309853.jpg&updated=202103021609&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
eb82cab590e2d2a1ace6858eac6455b2f9c62c99c0af50710eca8a12c0339fb1

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:51 GMT
x-cdn
Imperva
age
16089
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9667018-9666867 PNNN RT(1614747288375 0) q(0 0 0 -1) r(1 1) U18
x-ua-device
pc
servedby
NC1-D-WEB-13.DIGUSVA1.LOC
content-length
16333
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Tue, 02 Mar 2021 22:09:42 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844477 1773647626
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
262
AR-210309945.jpg&updated=202103020853&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
www.dailyherald.com/storyimage/da/20210301/news/210309945/AR/0/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/da/20210301/news/210309945/AR/0/AR-210309945.jpg&updated=202103020853&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
36461aeb55077f6046f6b6d0f001eb9b1b795a93a992e6cc5565d01efe26218f

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:57:51 GMT
x-cdn
Imperva
age
41469
x-powered-by
ASP.NET
x-cache
HIT-Varnish
x-varnish-beresp-grace
43200.000
x-iinfo
14-9667019-9666887 PNNy RT(1614747288378 0) q(0 0 0 -1) r(1 1) U18
x-ua-device
mobile-smartphone
servedby
NC1-D-WEB-10.DIGUSVA1.LOC
content-length
12541
x-served-by
ip-172-19-37-29.digusva1.loc
x-varnish-beresp-ttl
31449600.000
last-modified
Mon, 01 Mar 2021 23:35:36 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-varnish
1774844479 1771484957
cache-control
s-max-age=31449600, max-age=31449600, must-revalidate, proxy-revalidate
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
936
AR-210309862.jpg&updated=202103020704&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
www.dailyherald.com/storyimage/da/20210302/news/210309862/AR/0/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailyherald.com/storyimage/da/20210302/news/210309862/AR/0/AR-210309862.jpg&updated=202103020704&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
472f1f113620f37a4e10669906afac44d24e6aa09605a9eca52289e24ad14e29

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:48 GMT
last-modified
Tue, 02 Mar 2021 05:38:00 GMT
x-cdn
Imperva
etag
"15966bf9"
content-type
image/jpeg
x-iinfo
14-9667020-9666885 PVNy RT(1614747288379 0) q(0 0 0 -1) r(1 1)
cache-control
max-age=31449600, public, must-revalidate
content-length
20149
expires
Wed, 02 Mar 2022 04:54:48 GMT
truncated
/ Frame A3C4 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa32010f7cd483a7a1850347dc402827b96d076b36421edbb67d0685d9c2b19e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0449 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e2a98bb9a55e45fc0444463217f080ab8ed7ddec21d2d0bad481a16c1461cf8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
track.ashx
magnetrack.klangoo.com/v1.1/ 		35 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magnetrack.klangoo.com/v1.1/track.ashx?e=MP_PAGE_VIEW&p=_notset_&r=&c=f53ccb18-4c0f-417e-a7a2-45802e5c430f&u=c867e787-6bc8-4454-a833-0b006393e1cc&l=https%3A%2F%2Fwww.dailyherald.com%2F&ran=1614747288914596
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS
162-244-66-114.dedicated.codero.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:49 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Length
35
track.ashx
magnetrack.klangoo.com/v1.1/ 		35 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magnetrack.klangoo.com/v1.1/track.ashx?e=WGTS_LOAD&p=_notset_&c=f53ccb18-4c0f-417e-a7a2-45802e5c430f&u=c867e787-6bc8-4454-a833-0b006393e1cc&l=https%3A%2F%2Fwww.dailyherald.com%2F&ran=1614747288915770
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS
162-244-66-114.dedicated.codero.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:49 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Length
35
csi
csi.gstatic.com/ Frame 05ED 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1614747288929&qqid=CLG-ibSqk-8CFROtdwodmrQMPw&rt=any.link.3.18.g.6.j.0.1687.15j0~any.script.3.13.1.g.0.0.3kv.3in~any.script.3.16.3.h.0.0.l28.kzq~any.script.3.15.1.i.0.0.14g.128~any.script.4.17.2.j.0.0.9xm.9vd~any.img.c.12.2.m.w.0.ws0.wo9~any.img.c.11.2.k.0.0.2a4.1xi~any.img.d.11.1.l.0.0.at.87~any.img.d.16.1j.0.0.0.0.0~any.img.d.1n.20.0.0.0.0.0~any.img.3z.8.2.6.0.0.woy.wo9~any.img.3z.8.2.6.0.0.1y8.1xi~any.img.40.8.1.6.0.0.8x.87~any.img.4v.f.5a.0.0.0.0.0&met.a4a=dcl.1~ol.128~nvs.1614747288633~ini.1614747288930
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame A3C4 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 03:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3391
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21163
x-xss-protection
0
server
cafe
etag
17443452193483161684
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Mar 2021 04:58:17 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 0449 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
URL: https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 03:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3391
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21163
x-xss-protection
0
server
cafe
etag
17443452193483161684
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Mar 2021 04:58:17 GMT
csi
csi.gstatic.com/ Frame A3C4 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~klsyue9r&ctx=2&qqid=CLC-ibSqk-8CFROtdwodmrQMPw&met.4=fb.3e~lb.82~ol.9u~idt.1u~dt.-g6&met.3=739.82~740.8o_1~555.8z~556.8z_3~734.93~740.9n~740.9o~738.9o~749.9o_5~749.9t~736.al~740.an~734.ao~740.ap~735.as_1~734.ax~113.c3_4~112.c2_5&met.1=1.klsyudxo~6.0~7.1~8.1~9.1~10.q~11.1~12.e~13.r~14.r~15.1u~16.82~17.82~18.83~19.9o~20.9o~21.9u~22.4t~23.4t&met.7=CBsQCBgBMBs44gJQAVgaYAFoDnAbeKAagAGdF4gBsi2wAQG4AQM~CBwQChgBIHwofDCDATgHaH1wgwF4qQiAAYAHiAGADLABAbgBAw~CCEQBBgBIHwofDC1ATg5~CBwQChgBIH0ofTCHATgJaH5whAF4szqAAdI5iAHnjwGwAQG4AQM~CBwQChgBIH0ofTCJATgLaH9wiAF46wyAAYoMiAGaGbABAbgBAw~CCoQChgBIH4ofjCwATgz~CBwQChgBIH4ofjCIATgKaH9whwF43TCAAfsviAG2b7ABAbgBAw~CBsQChgBIH4ofjCFATgI~CBcQAhgBIJ8BKJ8BMKcBOAhonwFwpwF4iqwBgAGCqwGIAYKrAbABAbgBAw~CCgQChgBIIADKIADMLADODBogQNwrQN4zqYBgAGrpQGIAda1A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0449 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~klsyuea0&ctx=2&qqid=CLK-ibSqk-8CFROtdwodmrQMPw&met.4=fb.21~lb.74~ol.8g~idt.a~dt.-hq&met.3=739.74~740.75~555.7l~556.7l~734.7l~740.8b~740.8b~738.8b~749.8b_4~749.8g~740.94~734.95~740.96~735.99_1~734.9d~113.as_1~112.as_2&met.1=1.klsyudz8~6.0~7.0~8.0~9.0~10.0~12.1~13.6~14.7~15.p~16.74~17.74~18.74~19.8b~20.8b~21.8g&met.7=CBsQCBgBMAc4sAJoAXAHeLcXgAGdF4gBsi2wAQG4AQM~CBwQChgBIEooSjBSOAhoS3BReJwHgAGAB4gBgAywAQG4AQM~CCEQBBgBIEooSjCDATg5~CBwQChgBIEsoSzBTOAhoTXBSeO45gAHSOYgB548BsAEBuAED~CBwQChgBIEsoSzBWOApoUHBVeKYMgAGKDIgBmhmwAQG4AQM~CCoQChgBIEwoTDB5OC0~CBwQChgBIEwoTDBWOAtoUHBWeJcwgAH7L4gBtm-wAQG4AQM~CBsQBhgBIEwoTDBfOBM~CBsQChgBIEwoTDBrOB8~CBcQAhgBIG4objB1OAdobnB1eIR4gAGad4gBmnewAQG4AQM~CCgQChgBIMkCKMkCMP4CODVoygJw-AJ4xqUBgAGrpQGIAda1A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
i.simpli.fi/ 		746 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp
Requested by
Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=33483&m=1&sifi_tuid=15402
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
883dda29af7415a81e1b9920467c3dbf7a44dff3a50137a80d09ae0de26cec6a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache, no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Wed, 03 Mar 2021 04:54:49 GMT
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
application/javascript; charset=UTF-8
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 18:13:16 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 02:03:13 GMT
server
nginx
age
38493
etag
W/"60121b61-8e23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
EwyTIsP74laDK9haaDuIEwtirkIKU7wX8ATs90jJ52D4tpfQCbqDEQ==
expires
Wed, 03 Mar 2021 18:13:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef47bec63ad5be0a77e9e4eca627354b4eb8ddd9e23926d5fcd22d29a87ca856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Mar 2021 04:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6576
x-xss-protection
0
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=dailyherald.com&p=%2F&u=CwWYVPCOK90XD6gNA-&d=dailyherald.com&g=56496&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10992&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4164&t=D3lbhVDhJkI-CkMVWfD1GJya79qCg&V=122&i=Daily%20Herald%20-%20Suburban%20Chicago%20Breaking%20News%2C%20Daily%20News&tz=-60&sn=1&sv=bwrD7O7WmGqJcysLnPUyjLmoz&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.180.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:54:49 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=3CEA30EEF8C44126A9035EA88C163A87
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=3CEA30EEF8C44126A9035EA88C163A87
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7659:1bf:d736:fba9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://simplifi.partners.tremorhub.com/sync?UISF=3CEA30EEF8C44126A9035EA88C163A87
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 02 Mar 2021 04:54:49 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=3CEA30EEF8C44126A9035EA88C163A87
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=3CEA30EEF8C44126A9035EA88C163A87
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=3CEA30EEF8C44126A9035EA88C163A87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=3CEA30EEF8C44126A9035EA88C163A87
alt-svc
clear
content-length
0
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=3CEA30EEF8C44126A9035EA88C163A87
  • https://d.agkn.com/pixel/10751/?che=1614747290&ip=194.99.105.99&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165000803714000073980
  • https://um.simpli.fi/aa_px?sk=165000803714000073980
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/aa_px?sk=165000803714000073980
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 02 Mar 2021 04:54:50 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:49 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://um.simpli.fi/aa_px?sk=165000803714000073980
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
nexage
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/nexage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 02 Mar 2021 04:54:49 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=3CEA30EEF8C44126A9035EA88C163A87
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=3CEA30EEF8C44126A9035EA88C163A87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=3CEA30EEF8C44126A9035EA88C163A87
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 02 Mar 2021 04:54:49 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 02 Mar 2021 04:54:49 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 02 Mar 2021 04:54:49 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=3CEA30EEF8C44126A9035EA88C163A87;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=3CEA30EEF8C44126A9035EA88C163A87;mimetype=img;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=1193958521273732236
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=1193958521273732236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=1193958521273732236
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=3CEA30EEF8C44126A9035EA88C163A87&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=3CEA30EEF8C44126A9035EA88C163A87&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=3CEA30EEF8C44126A9035EA88C163A87&j=0&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Wed, 03 Mar 2021 04:54:50 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=3CEA30EEF8C44126A9035EA88C163A87&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 02 Mar 2021 04:54:49 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=3CEA30EEF8C44126A9035EA88C163A87
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=3CEA30EEF8C44126A9035EA88C163A87
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.46.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 03 Mar 2021 04:54:50 GMT

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=3CEA30EEF8C44126A9035EA88C163A87
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 02 Mar 2021 04:54:49 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=3CEA30EEF8C44126A9035EA88C163A87
62 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=3CEA30EEF8C44126A9035EA88C163A87
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-41-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:50 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
5608
Content-Type
image/gif

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://stags.bluekai.com/site/29931?id=3CEA30EEF8C44126A9035EA88C163A87
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 02 Mar 2021 04:54:49 GMT
tpid=3CEA30EEF8C44126A9035EA88C163A87
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=3CEA30EEF8C44126A9035EA88C163A87
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=3CEA30EEF8C44126A9035EA88C163A87
49 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=3CEA30EEF8C44126A9035EA88C163A87
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.128.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:50 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.42
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:50 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=3CEA30EEF8C44126A9035EA88C163A87
cache-control
no-cache
x-server
10.45.3.194
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=3CEA30EEF8C44126A9035EA88C163A87
43 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=3CEA30EEF8C44126A9035EA88C163A87
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:50 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=3CEA30EEF8C44126A9035EA88C163A87
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 02 Mar 2021 04:54:49 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=3CEA30EEF8C44126A9035EA88C163A87
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=3CEA30EEF8C44126A9035EA88C163A87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://idsync.rlcdn.com/419566.gif?partner_uid=3CEA30EEF8C44126A9035EA88C163A87
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 02 Mar 2021 04:54:49 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1614747289652&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=447319212&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=447319212&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=447319212&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=447319212&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=mRY_YOfiMOuyx_APpoSd-AE&cid=CAQSKQCNIrLMEoJUvup0HDDBrhNWNGLtiBPny38566UKh5eg9A1PhB-Rb6gp&random=2012629850&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=447319212&cv=7&fst=1614747289652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=mRY_YOfiMOuyx_APpoSd-AE&cid=CAQSKQCNIrLMEoJUvup0HDDBrhNWNGLtiBPny38566UKh5eg9A1PhB-Rb6gp&random=2012629850&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=3CEA30EEF8C44126A9035EA88C163A87
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=3CEA30EEF8C44126A9035EA88C163A87&__user_check__=1&sync_id=95c9ed15-7bdc-11eb-862e-1b9fb9072206
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=3CEA30EEF8C44126A9035EA88C163A87&__user_check__=1&sync_id=95c9ed15-7bdc-11eb-862e-1b9fb9072206
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:50 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
58
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 03 Mar 2021 04:54:50 GMT
Server
nginx
Location
/partner?adv_id=7797&uid=3CEA30EEF8C44126A9035EA88C163A87&__user_check__=1&sync_id=95c9ed15-7bdc-11eb-862e-1b9fb9072206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
75
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=3CEA30EEF8C44126A9035EA88C163A87
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D3CEA30EEF8C44126A9035EA88C163A87
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D3CEA30EEF8C44126A9035EA88C163A87
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:49 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.47:80
AN-X-Request-Uuid
67308584-1e90-44ec-bc7b-359852413ce8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:49 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid
cb35e141-e966-4403-872b-31c821a40e19
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D3CEA30EEF8C44126A9035EA88C163A87
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3CEA30EEF8C44126A9035EA88C163A87&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3CEA30EEF8C44126A9035EA88C163A87&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3CEA30EEF8C44126A9035EA88C163A87&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 02 Mar 2021 04:54:49 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=3CEA30EEF8C44126A9035EA88C163A87
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=3CEA30EEF8C44126A9035EA88C163A87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=3CEA30EEF8C44126A9035EA88C163A87
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 02 Mar 2021 04:54:49 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEFTd8-NdvMpK9FaNyGNEicg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3CEA30EEF8C44126A9035EA88C163A87
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 02 Mar 2021 04:54:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9DA9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailyherald.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 22:19:56 GMT
expires
Wed, 02 Mar 2022 22:19:56 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
23693
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
7vVia4TLWbQroMY8YoXr8G4WxY60c_Bzlgv8EFekbcI.js
pagead2.googlesyndication.com/bg/ Frame 9DA9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7vVia4TLWbQroMY8YoXr8G4WxY60c_Bzlgv8EFekbcI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eef5626b84cb59b42ba0c63c6285ebf06e16c58eb473f073960bfc1057a46dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 00:09:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Feb 2021 00:45:00 GMT
server
sffe
age
362695
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5655
x-xss-protection
0
expires
Sun, 27 Feb 2022 00:09:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=838041064216985&bg=!HB-lH1zNAAXdrq8Z3TsAKQB2-Dxaq3f7iapToavpuHf1WIVnjU6R8HIS6uAkO4uU_gunFU8YtMaDAgAAAF5SAAAADGgBBwoAfOhtVfBTCiPWJq0jy1O9AXnPaMyMYitvXhZdRrB-2E_m1GX2G_OT6lu0pDJH667MPVWl56AXg_TLcCHAu9YtH2I_lg4P83MIa-WRfTuNp9gIAeyDN9l4qCXyFoJWzL2SoUI5eBoFH2Jk0y-Q0y_HvSgk2mfPxUWT01G9i_GZAdZgLI22Y6Bk4uslQtVbz9gLQUGQonfKbXzVzw8lUWZQWdgvwTh9GPifbzBWIrVz6aBCWgTE_zdnP_4DfDwiVK-imh_xpPPR38CxksoNsF8A03CpKyc9vTmk3Q41mA36wrugwuWEBl8iN38E1b04868Wfdb7hoLxaU6inZCaWD3i1hjcG_ViaSmhFNg_5CVHVxCe9vmOTPsN_IQwzhu_tBPQFe401BYbK4avOLskiELgNdRAUFk4nnhGjt3SmZ48vLMsmq0AM9AhC2udTIkJf3kHm0YUm_tSzKP_QV4PjR1pamJVKQaTujyVc2KJNgT7ui3OaUKSYSipvkHIWuBsD5TfVWejScsie1jf9DWW3qBIpeyZU4oMNLVFshIwxBslhls_-yEE6dVfwAM1T6ihIThJqTeZpfHAMPgYKFas4KkVN-rdLLxv3MwxJvWO5NXvq-JtnMY5zkDcs3VsODHThnykqZowWkkbNLGgYrFbcV8gvN-bhlcR2th0ybcFsm7n-xUnF9q3wggLt7mExrLGfDsSc_SgO_IkuYhMLWJHbLhm5f3a-eMqdZrfD8tp3Bnb8JCSu4P39Qft7eBJFvCkE9OOjgD3nQ2m1puJkZIcP2WUyLuKz-FQvA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 05ED 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5B4yZ27h8R0bjEv-2N5sNXinCHZQtCDWzuDYKu9tkg7VFej2ukxxkVIEhEoqpMzalX3jWWRqGuametnyX-wiLxnsVL7WGiHQGpNw7uCx7zJEQ2Ciuye60lPKJ6zPvJHy9c-K69jtMGyGwD9XkefWA&sai=AMfl-YRknDtSHjSQ6eAzf0GTMbOaC9Qc6lDcjdTOCL4fjS2W4sz-fdNQ0amW_TrDNorLktpWD4O1aqjSeInybG6RZWi8MryQVJ2IlaOm5L7qEMnPXMpqUDs4GzO296z6NujA&sig=Cg0ArKJSzMJo3dtjGiA8EAE&cid=CAASPeRo3oRYmBTSJkGhoI0-Ks4r0z-irckZk1K0NLVcfFkgsgyz27pvYUOYDeNAbYRh_bzlQ-1Fpw135WFPST4&id=ampim&o=1139,727&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=197&tls=1197&g=100&h=100&tt=1197&r=v&avms=ampa&adk=4187053610
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A3C4 		42 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWWGU4KovZpdD1mPOvHWEVuHjwC-dXzIh4lPYjp8TeiIQq1cdZzqUEHJyCaCEQ0nBMh-cfe9qVrKrK10-VzcJJeQ9EYd57rdCKxl80CmrNAr7jzKETzkW_NzklZA&sai=AMfl-YQSA_DNEUCq95V3Ou1VcwHDSx4GulfDqPMroKlgsDfVZk87lKp0ATQEz0IgqX8VMazvAuhgcg1NITrFrVjNyer6h5cJHHmUFmuAoUINyKK0wM15pJ_g49Fo4czfLQiJ&sig=Cg0ArKJSzAC7gFQwWZpvEAE&cid=CAASPeRodBJxcLqjg3Uej_SahdobGTm4gJSGHF8p1CRwwrIvIGYiHwOwd1uRCsg7SwxK5hx2Tz3TMfS1HEtIOOc&id=osdim&mcvt=1000&p=155,315,405,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1122596247&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1614747288591&dlt=63&rpt=317&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
id.dailyherald.com/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.dailyherald.com/?maxAge=2628000
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
https://www.dailyherald.com
access-control-allow-credentials
true
cf-ray
62a044e2cd6e4e3d-FRA
content-length
0
cf-request-id
08980961bd00004e3dbe9a4000000001
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2851 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailyherald.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=2442156384613536453; anj=dTM7k!M4.FD>6NRF']wIg2GVPjwSHf!@wnfH8KW.dG5<#Z0w_ZqAg#qqO[!CGluojEIMUBCz8/sFSXp=FT0YID7o9XrDUo.%(2K:$doS]%EOqx#txw>)i@Z]
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 03 Mar 2021 04:54:51 GMT
Age
83054
X-Served-By
cache-lga21946-LGA, cache-fra19149-FRA
X-Cache
HIT, HIT
X-Cache-Hits
4, 453091
X-Timer
S1614747291.123008,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame BC50 		1007 B
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
76d15618af330e6b9aa1612dfb95dd30a922e3e02259e4fac3dd910aa3d82599

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailyherald.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=015dfe50-2213-0669-3fc7-e25e11358850|1614747287
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=015dfe50-2213-0669-3fc7-e25e11358850|1614747287; Version=1; Expires=Thu, 03-Mar-2022 04:54:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1614747291|mOgegqnskin0vNomiygu; Version=1; Expires=Thu, 18-Mar-2021 04:54:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 03 Mar 2021 04:54:51 GMT
content-type
text/html
content-length
546
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame D546 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailyherald.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Wed, 03 Mar 2021 04:54:51 GMT
Content-Length
1151
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 756C 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailyherald.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=35711
Expires
Wed, 03 Mar 2021 14:50:02 GMT
Date
Wed, 03 Mar 2021 04:54:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D49E 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailyherald.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0HRRUZWfOgxzpoX5PW/8Q8GbCrTlkuDKR3OktVOrDQv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhoXWpYKNcI6r0JKS3dwHNbrrxlA==; ses2=183704^1; vis2=183704^1; ses55=; vis55=183704^1; vis15=183704^1; ses15=183704^1; khaos=KLSYUDBV-F-HP0R; audit=1|0o8zzNO5o4ZNQx63CLR2lpqpp78UDnSwvyryja3B07yWGwBD2fVGCMCHN+QgT06v7D8F5msWGCTggJ3pD4CYm1kz83Zow5Aj0A+VO7RH1E0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Mar 2021 04:54:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame FB14 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.dailyherald.com
URL: https://www.dailyherald.com/js/prebid/prebid.js?ver=20201203.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.82.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
48b519ffbec507aa01cca49a166fbfa4ea9defe00b26082968294cd900e6933e

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailyherald.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=17034653569816793385
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.dailyherald.com/

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQm5zBs_8uCgoIkQIQm5zBs_8uCgoI4gEQm5zBs_8uCgoIkgIQm5zBs_8uCgoI5gEQm5zBs_8uCgoIhwIQm5zBs_8uCgkIOhCbnMGz_y4KCQgLEJucwbP_LgoJCF8Qm5zBs_8uCgkIHxCbnMGz_y4=; Max-Age=7776000; Expires=Tue, 01 Jun 2021 04:54:51 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=17034653569816793385; Max-Age=7776000; Expires=Tue, 01 Jun 2021 04:54:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=sovrn&uid=dd2e0cd44ec50674a75876fd
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=sovrn&uid=dd2e0cd44ec50674a75876fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Wed, 03 Mar 2021 04:54:51 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=sovrn&uid=dd2e0cd44ec50674a75876fd
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=pubmatic&uid=05BDD6D7-67C7-4CDA-8AC5-D5A7B241E6E4
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=pubmatic&uid=05BDD6D7-67C7-4CDA-8AC5-D5A7B241E6E4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Location
https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=pubmatic&uid=05BDD6D7-67C7-4CDA-8AC5-D5A7B241E6E4
Date
Wed, 03 Mar 2021 04:54:49 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
460
Content-Type
text/html; charset=iso-8859-1
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=appnexus&uid=2442156384613536453
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=appnexus&uid=2442156384613536453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid
61756f02-afa3-4482-b558-395dd7956f78
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=appnexus&uid=2442156384613536453
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D3235a745-b32c-4ed2-917c-6f65bc82088a%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1
  • https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=index_rtb&uid=YD8Wmyivirx17yRZPeHHhAAA%261170
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=index_rtb&uid=YD8Wmyivirx17yRZPeHHhAAA%261170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=3235a745-b32c-4ed2-917c-6f65bc82088a&D=&bidder=index_rtb&uid=YD8Wmyivirx17yRZPeHHhAAA%261170
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Wed, 03 Mar 2021 04:54:51 GMT
4636a74d-1b38-abd7-54c6-3c438a4576e4
pr-bh.ybp.yahoo.com/sync/openx/ Frame BC50 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4636a74d-1b38-abd7-54c6-3c438a4576e4?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BC50
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iQBkl0kO1Lhjx95
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iQBkl0kO1Lhjx95
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:50 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iQBkl0kO1Lhjx95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BC50
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=5d6a3158-2572-4fb2-ba2e-7b1a880f09e9&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=632f92ba-83e7-4d2d-bddc-3bcd0fef5c97
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=632f92ba-83e7-4d2d-bddc-3bcd0fef5c97
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=632f92ba-83e7-4d2d-bddc-3bcd0fef5c97
date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame BC50
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGQUJrN0FmaTBBQUJENmJKb2F1Zw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFABk7Afi0AABD6bJoaug&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFABk7Afi0AABD6bJoaug&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFABk7Afi0AABD6bJoaug&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFABk7Afi0AABD6bJoaug&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1018407256517183077
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAFABk7Afi0AABD6bJoaug
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAFABk7Afi0AABD6bJoaug
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:52 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAFABk7Afi0AABD6bJoaug
Date
Wed, 03 Mar 2021 04:54:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame BC50
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e052603f-169a-4000-a3c7-c906ef4d8e46
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e052603f-169a-4000-a3c7-c906ef4d8e46
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 03 Mar 2021 04:54:54 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e052603f-169a-4000-a3c7-c906ef4d8e46
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Mar 2021 04:54:53 GMT
sd
us-u.openx.net/w/1.0/ Frame BC50
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bs-vfmnJpXp1zqh8OcuxLWjJ-n51z6woPJuTyaK5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bs-vfmnJpXp1zqh8OcuxLWjJ-n51z6woPJuTyaK5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bs-vfmnJpXp1zqh8OcuxLWjJ-n51z6woPJuTyaK5
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BC50
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6778854354827970440
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6778854354827970440
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6778854354827970440
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame BC50 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d2f1c109-8b94-399e-6511-2ab67512bbad&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.128.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BC50 		170 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmU5ZTEyYzMtNDJlMy02NzNhLTcwZjEtNzAwZmJmZjA3NWNk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BC50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJV0taXQkp3KoZyRtR7EMo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJV0taXQkp3KoZyRtR7EMo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2ec5b83d-59a1-4497-a996-eba4cb9cd1c4&gdpr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJV0taXQkp3KoZyRtR7EMo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2851 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid
69feb7de-0098-457f-aa0e-720ff08d7801
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame CB94 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3262aa639f66f51995b3a3ad251d51314cf960fe2e449d7cdd7e30a9536a2d82

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/um/ixmatch.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YD8Wmyivirx17yRZPeHHhAAA; CMPS=1155
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://js-sec.indexww.com/um/ixmatch.html

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|191|10|81|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1569
Expires
Wed, 03 Mar 2021 04:54:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Connection
keep-alive
Set-Cookie
CMID=YD8Wmyivirx17yRZPeHHhAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Mar 2022 04:54:51 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 01 Jun 2021 04:54:51 GMT CMPRO=1170;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 01 Jun 2021 04:54:51 GMT CMST=YD8Wm2A-FpsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 04 Mar 2021 04:54:51 GMT CMRUM3=0a603f169b27600&bf603f169b05a0&51603f169b05a0&05603f169b05a0&e6603f169b27600&f1603f169b05a00&2d603f169b05a0&27603f169b0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Mar 2022 04:54:51 GMT
usync.js
eus.rubiconproject.com/ Frame D49E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c2190bad56ab8a5460639bdb15f0639451d8feec9ddfbff2c6a7b5bf8fb27d95

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42869
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9307
Expires
Wed, 03 Mar 2021 16:49:20 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 756C 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31736821&p=158314&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
971c6118d42a46e5d67117288c31e7f93e4f7270076b31db93592085bce3f024

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:51 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame FB14 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.128.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame FB14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELyecrtbiOf_YckJKT0867k&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELyecrtbiOf_YckJKT0867k&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.82.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELyecrtbiOf_YckJKT0867k&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FB14
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcwMzQ2NTM1Njk4MTY3OTMzODU%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcwMzQ2NTM1Njk4MTY3OTMzODU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTcwMzQ2NTM1Njk4MTY3OTMzODU%3D
date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame FB14 		42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=17034653569816793385&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:50 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 03FA41C0A60A4DF3B36BC80E31DAB1DE Ref B: FRAEDGE1519 Ref C: 2021-03-03T04:54:51Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame FB14
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/17034653569816793385?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-5dSuOqR1lwOyYCcEs.UD5s8.ew3nqPJ5m8bsJOgawA--&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-5dSuOqR1lwOyYCcEs.UD5s8.ew3nqPJ5m8bsJOgawA--&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.82.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 03 Mar 2021 04:54:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-5dSuOqR1lwOyYCcEs.UD5s8.ew3nqPJ5m8bsJOgawA--&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame FB14
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2442156384613536453&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2442156384613536453&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.82.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.120:80
AN-X-Request-Uuid
f580c8f8-50e3-4eed-a423-759b0545d527
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2442156384613536453&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame FB14
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=17034653569816793385
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=17034653569816793385&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=17034653569816793385&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=17034653569816793385&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame FB14
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.82.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame FB14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=17034653569816793385
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame FB14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=17034653569816793385
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/sync?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
casale
match.adsrvr.org/track/cmf/ Frame CB94 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&gdpr=1&cm_user_id=YD8Wmyivirx17yRZPeHHhAAA&cm_dsp_id=39
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.128.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame CB94
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YD8Wmyivirx17yRZPeHHhAAABJIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YD8Wmyivirx17yRZPeHHhAAABJIAAAIB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YD8Wmyivirx17yRZPeHHhAAABJIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YD8Wmyivirx17yRZPeHHhAAABJIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CB94
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YD8Wmyivirx17yRZPeHHhAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHr3h15_ijCTHsRGGXNkLM&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHr3h15_ijCTHsRGGXNkLM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 03 Mar 2021 04:54:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPHr3h15_ijCTHsRGGXNkLM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CB94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YD8Wmyivirx17yRZPeHHhAAABJIAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEF9HeuvJcsofnUmjIeD_i9Y&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEF9HeuvJcsofnUmjIeD_i9Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 03 Mar 2021 04:54:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEF9HeuvJcsofnUmjIeD_i9Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame CB94 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
last-modified
Wed, 03 Mar 2021 04:54:51 GMT
server
nginx/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Wed, 03 Mar 2021 04:54:52 GMT
crum
dsum-sec.casalemedia.com/ Frame CB94
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=563318501989
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=563318501989
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 03 Mar 2021 04:54:52 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=563318501989
rum
dsum-sec.casalemedia.com/ Frame CB94
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=eNDDt3_WybNj0cS1L9Td5H7Wlrdj0MDhKoR_lPJu
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=eNDDt3_WybNj0cS1L9Td5H7Wlrdj0MDhKoR_lPJu
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 03 Mar 2021 04:54:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=eNDDt3_WybNj0cS1L9Td5H7Wlrdj0MDhKoR_lPJu
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix
ad4m.at/ad/sim/ Frame CB94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame CB94 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YD8Wmyivirx17yRZPeHHhAAA%261170
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailyherald.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:51 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=741
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 03 Mar 2021 05:07:12 GMT
pixel
cm.g.doubleclick.net/ Frame D49E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xTWVVEQlYtRi1IUDBS
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xTWVVEQlYtRi1IUDBS
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xTWVVEQlYtRi1IUDBS
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D49E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YD8WnAAAAEla9lLS
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YD8WnAAAAEla9lLS&_test=YD8WnAAAAEla9lLS
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YD8WnAAAAEla9lLS&_test=YD8WnAAAAEla9lLS
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614747293.745486,VS0,VE0
x-served-by
cache-hhn4020-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YD8WnAAAAEla9lLS&_test=YD8WnAAAAEla9lLS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
ads.yahoo.com/cms/ Frame D49E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLSYUDBV-F-HP0R&sigv=1&esig=2~592de03f47edfaf86bf9319d1990fb0e8ea447e4
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLSYUDBV-F-HP0R&sigv=1&esig=2~592de03f47edfaf86bf9319d1990fb0e8ea447e4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KLSYUDBV-F-HP0R&sigv=1&esig=2~592de03f47edfaf86bf9319d1990fb0e8ea447e4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame D49E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.128.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame D49E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGERjUQk4Uxa6-zCeHk9xLQ&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGERjUQk4Uxa6-zCeHk9xLQ&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGERjUQk4Uxa6-zCeHk9xLQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D49E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/UJoz57WQn9SDMkk9zNOoGw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4278442616825050790
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4278442616825050790
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Wed, 03 Mar 2021 04:54:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4278442616825050790
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D49E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e052603f-169a-4000-a3c7-c906ef4d8e46
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e052603f-169a-4000-a3c7-c906ef4d8e46
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Wed, 03 Mar 2021 04:54:54 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e052603f-169a-4000-a3c7-c906ef4d8e46
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Mar 2021 04:54:53 GMT
709414.gif
id.rlcdn.com/ Frame D49E 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
alt-svc
clear
content-length
0
pubmatic
d5p.de17a.com/getuid/ Frame 9A15 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31736821&p=158314&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.184 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 8E0F 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31736821&p=158314&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 03 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1230
date
Wed, 03 Mar 2021 04:54:51 GMT
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 756C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N9Izv5sUQ_iWqmeWc0Wrzg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=157617
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 05 Mar 2021 00:41:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 756C 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=37D233BF-9B14-43F8-96AA-67967345ABCE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62a044eb9a60d6c1-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08980967460000d6c1ff1e8000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 756C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=37D233BF-9B14-43F8-96AA-67967345ABCE&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=37D233BF-9B14-43F8-96AA-67967345ABCE&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=37D233BF-9B14-43F8-96AA-67967345ABCE&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:50 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:50 GMT
frontend-id
15
location
/pubmatic/1/info2?sType=sync&sExtCookieId=37D233BF-9B14-43F8-96AA-67967345ABCE&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=37D233BF-9B14-43F8-96AA-67967345ABCE&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=37D233BF-9B14-43F8-96AA-67967345ABCE&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=37D233BF-9B14-43F8-96AA-67967345ABCE&addseg=21
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=37D233BF-9B14-43F8-96AA-67967345ABCE&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:55 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 03 Mar 2021 04:54:52 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=37D233BF-9B14-43F8-96AA-67967345ABCE&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzdEMjMzQkYtOUIxNC00M0Y4LTk2QUEtNjc5NjczNDVBQkNF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 04:54:51 GMT
X-lat
lhrpug006:0:381
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJUuKKNNyvdg4kTi4U678MQ&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJUuKKNNyvdg4kTi4U678MQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:50 GMT
X-lat
Pug23032:0:312
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJUuKKNNyvdg4kTi4U678MQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 756C 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 04:54:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 02 Mar 2021 04:54:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4220f990-e1df-4a52-837f-49b29eb8b63a
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4220f990-e1df-4a52-837f-49b29eb8b63a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
X-lat
Pug23022:0:338
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4220f990-e1df-4a52-837f-49b29eb8b63a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6778854354827970440
42 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6778854354827970440
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
X-lat
Pug23026:0:287
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:54:51 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6778854354827970440
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e052603f-169a-4000-a3c7-c906ef4d8e46&gdpr=0&gdpr_consent=
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e052603f-169a-4000-a3c7-c906ef4d8e46&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:49 GMT
X-lat
Pug23049:0:353
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 03 Mar 2021 04:54:54 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e052603f-169a-4000-a3c7-c906ef4d8e46&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Mar 2021 04:54:53 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2442156384613536453&gdpr=0&gdpr_consent=
42 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2442156384613536453&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:49 GMT
X-lat
Pug23036:0:229
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:51 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid
d7ede242-5fdb-4858-8154-7969e7057c2f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2442156384613536453&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37D233BF-9B14-43F8-96AA-67967345ABCE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0VAYUQt1l2L7OodSgoiEwIRn3hYMk2E-&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0VAYUQt1l2L7OodSgoiEwIRn3hYMk2E-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 03 Mar 2021 12:54:46 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Wed, 03 Mar 2021 04:54:52 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0VAYUQt1l2L7OodSgoiEwIRn3hYMk2E-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
async_usersync
ib.adnxs.com/ Frame 2851 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Mar 2021 04:54:52 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid
e86a9fe0-bc82-40de-ba43-c305e9e723b7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=dailyherald.com&p=%2F&u=CwWYVPCOK90XD6gNA-&d=dailyherald.com&g=56496&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=10992&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=4164&t=D3lbhVDhJkI-CkMVWfD1GJya79qCg&V=122&tz=-60&sn=2&sv=bwrD7O7WmGqJcysLnPUyjLmoz&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.180.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.dailyherald.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Mar 2021 04:55:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
krk.kargo.com
URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22eb00973c-e454-427d-b0c9-a69b623da634%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1614747287374%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22173222677cf2e3d%22%3A%22_lO6ArzuweK%22%2C%2218661b4951cb03a%22%3A%22_lO6ArzuweK%22%2C%2219cda757333ca63%22%3A%22_lO6ArzuweK%22%2C%22208fcdd048e3378%22%3A%22_lO6ArzuweK%22%2C%2221b18d8fe7ce531%22%3A%22_lO6ArzuweK%22%2C%2222dab5ebc9eb56d%22%3A%22_lO6ArzuweK%22%2C%2223fc5ce412b824e%22%3A%22_lO6ArzuweK%22%2C%22243c437c951b3fc%22%3A%22_lO6ArzuweK%22%7D%2C%22bidSizes%22%3A%7B%22173222677cf2e3d%22%3A%5B%5B300%2C250%5D%5D%2C%2218661b4951cb03a%22%3A%5B%5B300%2C250%5D%5D%2C%2219cda757333ca63%22%3A%5B%5B300%2C250%5D%5D%2C%22208fcdd048e3378%22%3A%5B%5B300%2C250%5D%5D%2C%2221b18d8fe7ce531%22%3A%5B%5B300%2C250%5D%5D%2C%2222dab5ebc9eb56d%22%3A%5B%5B300%2C250%5D%5D%2C%2223fc5ce412b824e%22%3A%5B%5B300%2C250%5D%5D%2C%22243c437c951b3fc%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-11-generic%22%2C%22transactionId%22%3A%2243746571-3196-487b-8f9b-b5440c9298bf%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22173222677cf2e3d%22%2C%22bidderRequestId%22%3A%2216fcdcc88a063b2%22%2C%22auctionId%22%3A%22f7e138c6-c065-4f1f-86c5-971b7495f2b2%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-9-generic%22%2C%22transactionId%22%3A%2257f74cfb-d05e-4de3-9fb9-5bdf038a8d75%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2218661b4951cb03a%22%2C%22bidderRequestId%22%3A%2216fcdcc88a063b2%22%2C%22auctionId%22%3A%22f7e138c6-c065-4f1f-86c5-971b7495f2b2%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-8-billboard6Ad%22%2C%22transactionId%22%3A%2203c4aa86-7485-4d5a-98b0-c00c2db43f8e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2219cda757333ca63%22%2C%22bidderRequestId%22%3A%2216fcdcc88a063b2%22%2C%22auctionId%22%3A%22f7e138c6-c065-4f1f-86c5-971b7495f2b2%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-7-billboard5Ad%22%2C%22transactionId%22%3A%2207a9a9bd-e469-4efe-8cf8-ace8c0b6baa4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22208fcdd048e3378%22%2C%22bidderRequestId%22%3A%2216fcdcc88a063b2%22%2C%22auctionId%22%3A%22f7e138c6-c065-4f1f-86c5-971b7495f2b2%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-6-generic%22%2C%22transactionId%22%3A%22820be312-9c28-4ae1-af4d-b245ca07ca74%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2221b18d8fe7ce531%22%2C%22bidderRequestId%22%3A%2216fcdcc88a063b2%22%2C%22auctionId%22%3A%22f7e138c6-c065-4f1f-86c5-971b7495f2b2%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-4-generic%22%2C%22transactionId%22%3A%22964fe741-e862-46a0-a31b-5d99b48c8a7a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2222dab5ebc9eb56d%22%2C%22bidderRequestId%22%3A%2216fcdcc88a063b2%22%2C%22auctionId%22%3A%22f7e138c6-c065-4f1f-86c5-971b7495f2b2%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-3-generic%22%2C%22transactionId%22%3A%22649d6ac4-82af-4097-98fe-5e368fdbc7c4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2223fc5ce412b824e%22%2C%22bidderRequestId%22%3A%2216fcdcc88a063b2%22%2C%22auctionId%22%3A%22f7e138c6-c065-4f1f-86c5-971b7495f2b2%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lO6ArzuweK%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22div-gpt-ad-2-billboard1Ad%22%2C%22transactionId%22%3A%22868ddeec-edd4-4058-ab4e-2f24b579eabf%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22243c437c951b3fc%22%2C%22bidderRequestId%22%3A%2216fcdcc88a063b2%22%2C%22auctionId%22%3A%22f7e138c6-c065-4f1f-86c5-971b7495f2b2%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.dailyherald.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| setNptTechAdblockerCookie object| script object| googletag object| apstag function| $ function| jQuery object| dhGlobalObj object| PushlySDK function| pushly object| t_data object| tpTracker object| gaCookieMatch undefined| clientId object| tp object| dataLayer function| DoSomething function| ntvSubscribe function| ntvLoad function| BlockAdBlock object| blockAdBlock object| ggeac object| google_js_reporting_queue number| _swclk_ number| _swsts_ boolean| apstagLOADED object| google_tag_manager undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| google_tag_data string| GoogleAnalyticsObject function| ga function| pbjsChunk object| pbjs object| _pbjsGlobals object| gaplugins number| pnInitPerformance function| ___tp object| localCookieStorage object| sessionCookieStorage string| __tpVersion object| jQuery1124041055548402464925 object| SWG object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| cX function| cxCCE_callQueueExecute object| cxTest function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage function| HowlerGlobal object| Howler function| Howl function| Sound object| GlobalSnowplowNamespace function| spSnowplowTracker function| SpokenLayerPlayer object| WebPlayer object| SpokenLayer boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs function| videojsFlash object| videojsFlashlsSourceHandler object| httpStreaming function| videojsPerSourceBehaviors function| videojsContextmenu function| videojsContextmenuUi function| videojsBcAnalytics function| videojsErrors function| videojsBcCatalog object| videojsDock function| videojsSocial function| videojsQualityMenu function| videojsBcPlaylistUi function| videojsOverlay function| videojsSchema function| bc function| WebVTT object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar object| vttjs object| queryly object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_96579 object| sifi_att_42656 object| _sf_async_config object| jQuery111105094603365875094 object| Snowplow number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| _magnetQ function| _mpsh object| _visibleAt object| elCheck function| __isScrolledIntoView undefined| recomWidget undefined| widgetCookie function| __addEventHandler function| __getElementPosition function| __showWidget function| __setCookie function| __getCookie function| _magnetOnDrawDone object| PianoESPConfig object| bcPlayers object| BCLS object| dhArticlePage function| Waypoint object| cXNative object| closure_lm_547201 function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| _magnetEQ object| _magnetEO function| __magnetLaunch object| _magnetapi object| ToReturn function| md5 function| __CBR function| __CB object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| _sf_endpt object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| GoogleGcLKhOms object| google_image_requests

21 Cookies

Domain/Path Name / Value
.dailyherald.com/ Name: __gads
Value: ID=8781e8d8df8ec909-22449bb8a9ba00ec:T=1614747288:S=ALNI_MZrSmsey-On5oqEE1GZzHoWjZPTww
.dailyherald.com/ Name: _ma_uid
Value: c867e787-6bc8-4454-a833-0b006393e1cc|1617339288567
.dailyherald.com/ Name: cX_S
Value: klsyud6n8ca3vnku
.dailyherald.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-klsyucigz6t6uqxk%22%2C%22domain%22%3A%22.dailyherald.com%22%2C%22time%22%3A1614747287498%7D
.dailyherald.com/ Name: xbc
Value: %7Bjzx%7DL51s42gg-_rstZBLofaPc1roY2tyU58kQD8wmZM2ycOR9n15_kKfY3c4-UMmJyVmaBKyfRSf18qav_OGmtsdeXmCHbDrKULhl5XtgHMN_XlhHF8tBTJgxrwZ0y8NLPWUUmKkkxOes6R2uthMPKnbJ0l_TALxj1-Ji1HaGaHzBetK7x3SglXJMmyNasCZYY-dDkCn2scIrmWxpdERICb_HQfZ44utopGruFkfotpL0qe_U-Jaz3xWXrOIU2yCoLMpRGotY6YykHBeq6uALD1dbhizUF_m0mn8_tTWX5XqxmCHcqnAP2HW0gdhK2l19mWowtu5ho-2V3owK1nD9Ozub_FlKkdulk7m9-z39ylQCeBOXBjY63UEvygNFRcEqR6AiNY24SIIbSA3O1aaj7l7MKyvJQaKxFR03T_h8aL2HtiVgb-tszu6pAzIVrAsu2LyD4WIuX3N1puB89P8xWocxjCzIiuHfpnhJmyMuBVj_5lSzW7hjgPi7lHJvLU8jod44jelqL-5AMiP4skN8CDUBA
.dailyherald.com/ Name: __pat
Value: -21600000
.dailyherald.com/ Name: __tbc
Value: %7Bjzx%7D76khujnMAJ2_2sYHbJfJL0KUZ4OyUoK-vojxXrO9e4lowCJI2WJcY0U0lrPKT3LlagKG4UxxWYIBpHyb8GiS2Q
.dailyherald.com/ Name: _dc_gtm_UA-39205744-27
Value: 1
.dailyherald.com/ Name: _ga
Value: GA1.2.56080417.1614747287
.dailyherald.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.dailyherald.com/ Name: _gid
Value: GA1.2.891035429.1614747287
www.dailyherald.com/ Name: __adblocker
Value: false
.dailyherald.com/ Name: nlbi_929947
Value: HzBzLiaYaSNfiLhquhlZUwAAAAALprocvjemHBeVcwy5VkRR
www.dailyherald.com/ Name: _sp_ses.eb9e
Value: *
.dailyherald.com/ Name: incap_ses_687_929947
Value: 7H4jIpZxrGwG3NZeJLeICZUWP2AAAAAAugiO6E3/dXUCiHcBUwwgVA==
www.dailyherald.com/ Name: ntvSession
Value: {}
www.dailyherald.com/ Name: _sp_id.eb9e
Value: a7dfcc795a39a140.1614747287.1.1614747288.1614747287.6f43f25b-8900-43e3-882a-797db1ac3360
www.dailyherald.com/ Name: __pnahc
Value: 0
www.dailyherald.com/ Name: PBCSSESSIONID
Value: 273785182460525
.dailyherald.com/ Name: visid_incap_929947
Value: UWF9zm5oQHqKg4rjurmd5pUWP2AAAAAAQUIPAAAAAAAtS9znSfLMcSJWhe4Mrmn6
www.dailyherald.com/ Name: PBCSPERMUSERID
Value: 273785182460525

30 Console Messages

Source Level URL
Text
console-api warning URL: https://players.brightcove.net/1659832549/B1GVHvGLz_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://players.brightcove.net/1659832549/B1GVHvGLz_default/index.min.js(Line 1)
Message:
VIDEOJS: WARN: the `debugContribAds` option is deprecated; use `debug` instead
console-api error URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2)
Message:
[object Object]
console-api error URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2)
Message:
[object Object]
console-api error URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2)
Message:
[object Object]
console-api debug URL: https://webplayer.spokenlayer.net/0.1/webplayer.js(Line 1)
Message:
_trackStructEvent [object Object]
console-api warning URL: https://buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/angular-locale_en-us.js?v=12.97.0(Line 1)
Message:
Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://buy.tinypass.com/_sam/widget/dist/template/js/template.bundle,/libs/angular-1.2.22/i18n/angular-locale_en-us.js?v=12.97.0(Line 1)
Message:
Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api debug URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
session start
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetARTICLEUID: _notset_
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetPAGETYPE: main
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetLanguage: en
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetUrl: https://www.dailyherald.com/
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetDatePublished: null
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetDateModified: null
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetArticleIndex: 1
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
_ma_uid cookie set to: 'c867e787-6bc8-4454-a833-0b006393e1cc'
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetFollowSub:
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetUSERID: c867e787-6bc8-4454-a833-0b006393e1cc
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
__magnetIdS: 1
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
Recommendation API call: https://magnetapi.klangoo.com/NewsAgencyService.svc/RecommendArticles_RuleBased?calk=f53ccb18-4c0f-417e-a7a2-45802e5c430f&articleUID=_notset_&langToShowOnly=en&userID=c867e787-6bc8-4454-a833-0b006393e1cc&rulesGroupID=2&format=json&callback=__CB&token=recom_270-4&showDetails=4&maxReturnRows=5
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.dailyherald.com/
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
API for Recommendation returns:
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
{"method":"RecommendArticles_RuleBased","status":"OK","processTime":"0.01 seconds","token":"recom_270-4","relDocCount":5,"relatedDocuments":[{"docID":342948,"articleUID":"/article/20210301/news/210309905","score":0.35,"rank":"R","insertDate":"02 Mar 2021 11:16:00 Z","title":"Constable: Duchossois has fond memories, hope for what's next at Arlington Park","url":"https://www.dailyherald.com/news/20210301/constable-duchossois-has-fond-memories-hope-for-whats-next-at-arlington-park-","source":"article","snippet":"Constable: Duchossois has fond memories, hope for what's next at Arlington Park\nHorses work out on the track at Arlington Park after fire destroyed the facility ...","lang":"en","images":[{"url":"https://www.dailyherald.com/storyimage/DA/20210301/NEWS/210309905/AR/0/AR-210309905.jpg&updated=202103020616&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder","type":"Top","width":0,"height":0}],"recomAlgo":19},{"docID":343149,"articleUID":"/article/20210302/news/210309803","score":0.35,"rank":"R","insertDate":"02 Mar 2021 23:42:00 Z","title":"83,000 J&J shots to come to Illinois this week; seniors can sign up for United Center shots","url":"https://www.dailyherald.com/news/20210302/83000-jampj-shots-to-come-to-illinois-this-week-seniors-can-sign-up-for-united-center-shots","source":"article","snippet":"Illinois is expected to receive 83,000 doses of Johnson & Johnson's new COVID-19 vaccine by Wednesday, the Illinois Department of Public Health reported.","lang":"en","images":[{"url":"https://www.dailyherald.com/storyimage/da/20210302/news/210309803/AR/0/AR-210309803.jpg&updated=202103021842&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder","type":"Top","width":0,"height":0}],"recomAlgo":19},{"docID":343078,"articleUID":"/article/20210302/business/210309853","score":0.35,"rank":"R","insertDate":"02 Mar 2021 21:09:00 Z","title":"Biden vows enough vaccine for all U.S. adults by end of May","url":"https://www.dailyherald.com/business/20210302/biden-vows-enough-vaccine-for-all-us-adults-by-end-of-may","source":"article","snippet":"President Joe Biden said Tuesday that the U.S. expects to take delivery of enough coronavirus vaccines for all adult Americans by the end of May, two months ...","lang":"en","images":[{"url":"https://www.dailyherald.com/storyimage/da/20210302/business/210309853/AR/0/AR-210309853.jpg&updated=202103021609&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder","type":"Top","width":0,"height":0}],"recomAlgo":19},{"docID":342877,"articleUID":"/article/20210301/news/210309945","score":0.35,"rank":"R","insertDate":"02 Mar 2021 13:53:00 Z","title":"'It's certainly not our first choice': Suburban residents make hourslong treks for vaccinations","url":"https://www.dailyherald.com/news/20210301/its-certainly-not-our-first-choice-suburban-residents-make-hourslong-treks-for-vaccinations","source":"article","snippet":"Illinois Department of Public Health officials announced Monday that another 50,897 doses of COVID-19 vaccines were administered throughout the state. Almost ...","lang":"en","images":[{"url":"https://www.dailyherald.com/storyimage/da/20210301/news/210309945/AR/0/AR-210309945.jpg&updated=202103020853&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder","type":"Top","width":0,"height":0}],"recomAlgo":19},{"docID":343049,"articleUID":"/article/20210302/news/210309862","score":0.35,"rank":"R","insertDate":"02 Mar 2021 12:04:00 Z","title":"Arlington Heights allows for restaurants, offices, apartments, more at International Plaza","url":"https://www.dailyherald.com/news/20210302/arlington-heights-allows-for-restaurants-offices-apartments-more-at-international-plaza","source":"article","snippet":"Arlington Heights trustees Monday made changes to long dormant redevelopment plans that could pave the way to senior housing, among a variety of other uses, at ...","lang":"en","images":[{"url":"https://www.dailyherald.com/storyimage/da/20210302/news/210309862/AR/0/AR-210309862.jpg&updated=202103020704&imageversion=HorizontalOne&exactfit=crop&exactW=380&noborder","type":"Top","width":0,"height":0}],"recomAlgo":19}],"articleUID":"_notset_","algoVariant":"VAR_2"}
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
Begin drawing widget "recom_270-4" type: recom
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
Drawing end for Recommendation. Duration: 9 ms.
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
Magnet: PAGE_VIEW event fired
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
Magnet: WGTS_LOAD event fired
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
AdSlot viewable div-gpt-ad-2-billboard1Ad and refresh enabled in 30000ms
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2)
Message:
AdSlot viewable div-gpt-ad-0-leaderboard1Ad and refresh enabled in 30000ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

212c5ea910fed10a6f710392b74004c8.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs.com
ad4m.at
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.pl
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.secondstreetapp.com
api.spokenlayer.net
ascendeum-d.openx.net
aud.pubmatic.com
b1sync.zemanta.com
bcbolt446c5271-a.akamaihd.net
bcp.crwdcntrl.net
bh.contextweb.com
buy.tinypass.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.ampproject.org
cdn.cxense.com
cdn.jsdelivr.net
cdn.klangoo.com
cdn.materialdesignicons.com
cdn.p-n.io
cdn.polyfill.io
cdn.tinypass.com
cdnjs.cloudflare.com
ce.lijit.com
cf-images.us-east-1.prod.boltdns.net
cm.g.doubleclick.net
csi.gstatic.com
d.agkn.com
d.spokenlayer.com
d1fc8wv8zag5ca.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
eb2.3lift.com
edge.api.brightcove.com
embed.secondstreetapp.com
eu-u.openx.net
eus.rubiconproject.com
experience.tinypass.com
f1.media.brightcove.com
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.simpli.fi
ib.adnxs.com
id.dailyherald.com
id.rlcdn.com
id.tinypass.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
krk.kargo.com
loadm.exelator.com
magnetapi.klangoo.com
magnetrack.klangoo.com
manifest.prod.boltdns.net
match.adsrvr.org
match.prod.bidr.io
metrics.brightcove.com
mwzeom.zeotap.com
origami.secure.ownlocal.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
players.brightcove.net
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
r.scoota.co
rsms.me
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.ntv.io
s0.2mdn.net
scomcluster.cxense.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simplifi.partners.tremorhub.com
snowplow.ownlocal.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.chartbeat.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.bfmio.com
sync.intentiq.com
sync.mathtag.com
sync.search.spotxchange.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-central1-kube-ownlocal.cloudfunctions.net
us-u.openx.net
visitor.fiftyt.com
vjs.zencdn.net
webplayer.spokenlayer.net
www.dailyherald.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
www.queryly.com
x.bidswitch.net
krk.kargo.com
100.24.180.21
104.108.41.56
104.108.50.124
107.154.76.234
116.202.80.167
13.224.192.34
13.224.193.146
13.224.198.208
13.32.24.101
136.144.59.88
142.250.185.194
142.250.186.34
143.204.209.21
151.101.114.27
151.101.114.49
151.101.13.108
154.59.122.79
162.244.66.114
169.50.137.179
169.50.137.190
172.217.16.130
178.250.0.163
18.156.0.31
18.159.182.76
18.185.82.201
18.194.69.213
18.198.69.109
184.31.84.150
185.29.133.199
185.33.221.14
185.59.220.198
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.86.137.131
185.94.180.125
198.148.27.139
199.19.89.14
199.19.89.19
2.16.186.8
2.18.233.180
2.18.234.122
2.18.234.163
2.18.234.21
2001:4860:4802:36::36
213.155.156.184
213.19.162.41
216.52.2.19
216.52.2.39
2600:1901:0:8eee::
2600:1f18:612b:4264:7659:1bf:d736:fba9
2600:9000:20eb:8400:18:1fcd:34e:d2a1
2606:4700:10::6816:1957
2606:4700:3036::ac43:9e2a
2606:4700:3039::6815:c004
2606:4700::6810:125e
2606:4700::6810:7baf
2606:4700::6811:b7b1
2606:4700::6811:b9b1
2606:4700:e2::ac40:8a06
2607:f8b0:4007:816::2003
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:801::2006
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a00:1450:4001:827::2010
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c1b::9c
2a02:26f0:6c00:2bd::268b
2a04:4e42:1b::621
2a04:4e42:3::539
2a04:4e42:3::729
3.122.144.78
3.229.46.71
34.120.207.148
34.96.77.232
34.98.64.218
35.201.96.126
35.227.248.159
35.241.40.233
35.244.184.131
35.244.232.184
37.157.6.241
52.215.8.160
52.28.108.245
52.28.42.15
52.52.67.9
54.164.110.143
63.32.128.23
63.33.75.105
64.202.112.191
65.9.187.115
65.9.187.20
65.9.23.176
69.173.144.139
69.173.144.165
69.195.148.66
72.21.206.140
77.243.60.138
99.80.128.92
000ba16ca65492c48e564e33cf170757d7a04200b10659afba33f1d366a6e832
00f953d66f5d22bfbe627f3326e749b3b1d906f66c3bd02d7bb8d6e037be60e6
02587cf2ced190dfd755b87db7a2d8ee68900ca3c608ec99199a7c148c392788
02804b436deb08bfbfacec0114f59e05b0c0f037e1a448b626170cf64a8241b0
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07cf3ec13161cf9bf040c87478633412d55a6fee971f4519961d87acb731aa37
0803024b2b9566d695b052541e3b41dd393643353cc0589e9717957ddac4f3cc
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b819274a4bd02819de9a9e6abdaad2c082e2317a44fbc765c9d3cc25e10a3ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfd0eef0544e7dfdc9892e5b4e7965cfda11f3ec67c58a0673f3852fa495ec3
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0dfcb1e08f64107d39e7020919a82d4bd6791110e3011a47211c88194f09d94c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859
132023c0087d569886faab022f1d1825357cb9bb81673fd311c5400c82db2e67
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
164346316ca3ee6a3d7b0f85cf2c2afb022c2642a107fbac67851cee49ab820b
17657fb91d6f0899eddf887c6846adeb6841157f5f562fe169b8b26abee02c01
176f9d4004adbf25fcb862f7099b3127ac9bb800d8ab2a46da909cafd2e9c893
185149e76413a7f9c685220834b1393784eb6ca6385c5eaf6a0c178a1372cf2c
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1a56cbe8d675baaaf04f892f237e3d7a87a3bd45d57aabd2d455a5930dc08447
1afb3730318ab0f5929b55c0eb190985ae221005eee5cfd8ae1a41bbe19f1402
1cf23e54c2ce4d40f71b6cb380f40eeda7409b7b47de57beb015350762e87a42
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
20470ec1f275b3405923eeae3c8a26cf1354fa5106c4c67a7219ac1878d7c3e2
23b96b186348e77e3280790f3a3b406eb257331bc69e8f423ea59ae7a03339c2
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
25e233fa39337f2f91afed3cd5bd09be0d45ffcb7ff9b71b407b3c6bd3b2b2de
269cee479c19afd99299503b0db9b9b73564cbb3d4701a15ce9a385330b19c81
270176c759641300aa06016b1cc8bb6efaa82db6b89c4e84d22ebb4896e736e9
28281670a1950d2ee1caa13e27cf344ad889e8e9c364078ec953f8597bc5e8a7
2ae29aa4a761613c1551a5a13f94232f09b357f501272661ef71110d19b31202
2e36ecccc423dae67e5c4d66a0137a6882e2704aa308b6ca31376610121a6e47
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
30c7146c07c237202ba684dfb80cb6dce88713c03980620707c0732dad072318
3262aa639f66f51995b3a3ad251d51314cf960fe2e449d7cdd7e30a9536a2d82
32dac8a5cfdc613c51af6cb35580e7bb18c886bfc3263be636c5ab698d90b9cb
33990cb92b3d624dce10309780a3cbdd59fd915c286f8e8faf519fe9a053949d
341521dec6faf29712d9139d1b7eddaca56091ef77475bbd1d6917662472eb02
343ea3c17fa2d9c0502e019abd2f22d748dc6926105fc21c2aaded55e783b38a
3538091bdf7fcc15c569a87e5af8174a1169bdf58deb72e05a11b9b966984f58
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36461aeb55077f6046f6b6d0f001eb9b1b795a93a992e6cc5565d01efe26218f
39bc1bb25b65ff4ca558e37c6775588510b456f557fb7e07fc73530ee5a7a5c7
39d626523fb31577b052d6bee922d2feea93278a01941167c79aea3858dc777f
3a8f906dc787432c5a726a7e1a0aeaaab8798a67acc4c5a99b85c79eba3101d1
3b81306b85bc014295651cf3338436f9c46dc7a4fa331dce3b6571799506f9e5
3bfec798320a52b608bbeccd731cd9acb14ef7d0cc7a02b409769f722788c23c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4102f7873b802d35b762dcaa11531b5bbb9f28a32c43609dfdeb8928a92f0da1
41f5345360c88d8b0ef5ed62ad98ec345d6986cacb46491ffe53463b9a16b10c
4200f444f4ccee83aecf34740b8fdc486bd6f297bc3bc579c38c78b4c0a6a828
438c96e0ddb4cf64bc3a1a0571ba1e53834540df8548ea58ef7da6e3fd6b355b
44edeb4aa15486f33d33a4e15afa9ca077cbc88b16e58aebc6bf99c9d5268e51
45db672e7cf689ddd1e6a60ea2dc5ce32c2f6fa4513e18c8bb9d7b3b0e1f88cf
466932068736cbc2cb61bfbd9133e006ed481fe533623abb787c67864c9e501a
4723f0132121c0ace958f3cdddb877604149310f99be16b16f358b934adcab80
472f1f113620f37a4e10669906afac44d24e6aa09605a9eca52289e24ad14e29
47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e
48402587fd6eaa3cd13f0612c942bf8b2208052305887b2a4bddbbeac77216d2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b519ffbec507aa01cca49a166fbfa4ea9defe00b26082968294cd900e6933e
493d8961b2fad1e099523dd7662847ade16afef1b91d50de9c577833ce044e36
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
497c23fc32147281ff2a722c8488a273597457be2594fa2e8f1d87df0ab238d2
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b963640b17f152a31adfc689bd6c7ce1c77fc8b3c6bf68ab13051c8761a6851
4c50acf54e17870e9a5ebe944f589ecc5e1d947426519c6a969ae9db93040c88
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb2be02fda536a919f6941f769da4ee33b1ccc298c1820a2dbae45f495a7030
51497b2aeabfad615d9e84c2f68b6bf7a8273258c77770d92ce35253fa5a84a5
5156501c82759bb0891d4a37c4eb6bce023623d762572a946c56a17d8ae37bd8
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
585b7c8d677cf9dc7ba144a9716e600e66fcd0d06edca44c371ba07636d1a2e3
5cd2256b39a0be30eb7ff226c43b4a4db3b4f3f46e2e9b3afefa41435b861a79
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
631fa66c6d19c86649af2de535a33884b80acb0313db8b8f3ab95b3cc3cbad90
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
6434333245f005814e7e5fbca477782bbd1e9b14e91ceba5a45e69b84fc3ec88
64e8f8573f370fb02f752f670f9d6953f38dde485393a98bf71293f0116c884a
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6aaa77cf213b9296a13ae8206ec41bf565ca100678b7f002baf07bad74c42be3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
6e8f9a92bd3c9790f9ae26406f35158f0df740d92d60502e87d8088ef0c6d9ef
6ecec59b25967f1bdaa608b17605aec20f75a0f75ca9caaf178fa13f0d0cc3c9
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7350a08cef5a1ca2017f8cafc8e48e385cd3f5e07cb8790cc95dd02cb830853f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
76d15618af330e6b9aa1612dfb95dd30a922e3e02259e4fac3dd910aa3d82599
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79de9477102e44c89cd5e91133c6e0ba23228de337ab51cc2ac15cfe38dc4b5b
79f8fccf0a68fc6c99f854db28a44f1893ad95e8a84c93e844cd8fba28586a8b
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7cc0df2aa868958de0a8202d75e5f8960685354756deb7358fe28cf7508e19b3
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fee1a9b024bf467a687310f2ce35add02dfd4c58a227da7350cbef55b28b8a2
81045982f43fd08dd1153365fa2f319d51ae9575f0b831ad9a0e8801c5d7f92d
8137ccdda58173a1dfcd36b12230d6c9ce8c849d385d405691e320491bfc98f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83835f07531a2fa62871c7a60465b56be21f400f657904a9552bf0c94e485f60
83d913a9caeb4e9c0c4cf72c647cdb249929e5c21dc956fb5b80e97de72974e2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
883dda29af7415a81e1b9920467c3dbf7a44dff3a50137a80d09ae0de26cec6a
88aae8fedebecc1c7bc79e83d42fd8bc68be19c93d0242a5c3af22b30a1da8e9
89fca5acb8b49a14110351a8275933eb49b543b76d485e7002635f35aab1c1a3
8a067e98cb9e93479ebc32cdc89bdeb4b393e9e3fbb53e26ec8be794a63ec309
8a2ba3189943eec12387c5ab51207c1a145dd42b46099c4c5755c34ede4f0b2b
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
8b2d74a0f84fa9d68f746d3adb92a4cb69e025d5b4db2cf402dd33a6b3c75921
8b2eaa263e3dce3b3488c0f3372c0f496c50d5883b0c97b815e435cc3b3c0477
8c449c2859c7ea6a8396e4c66011c4f37981a283a2cc540038ff59b032d317d4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d71d6818636c36da57b8fc3ff638b0ae1b8689ea452d46cec86dcc9fb2e1dbc
8e2a98bb9a55e45fc0444463217f080ab8ed7ddec21d2d0bad481a16c1461cf8
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01
938255de6c858694c31eac803dbe1100d1089d2064e382db6a47e9d08f24b8f4
971c6118d42a46e5d67117288c31e7f93e4f7270076b31db93592085bce3f024
9721c190b94c40a366cba56131dceca307ea460c0a75df330fa2d4df6ef6a35c
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9927ca08ec88adca944e9d114421e0ead89fdadd227a5bf379c0ea207824a84a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b18e7bfca8064c887385c5cf57bdbcb6f7d263d0fb9cb320d94bc1f82a62a7c
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9eb5cb26a1730c20ee1a11202c2a06c6cc7ff4312c9c9ee8dd805ded1edbf673
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1538e3b9cb885329d7ec37ef73e34053f4b55174a738028bd62a83e25d48c9d
a20c152c22c67c4d7c8b135742a5ee401c9af423c0b3f42a5f52cb351a52400c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8ca621cacc45c81ff1e96dd1e106e156ff31c06671b619f0a6ee84756696390
a93b0f13446d89ad947ec9cfd39c21ba53d4099b41aba3fd76dacd2a94e31be8
a966f8a6fd5fe53136f5c150f8923abda56267402f354d5bd3d03af28465585f
aa32010f7cd483a7a1850347dc402827b96d076b36421edbb67d0685d9c2b19e
aa46b7915d5f18d4447382ba36e52d592bd056eb2b95c956319d99eb583805d6
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
aa8a9f6681a75f5ced3a3395aed4f77364044093bb6cdc9db0796b9793b401a1
aae50a05451ced85fdf5edb26b1ecdee057d5974bb6e5769c715ce41e874f7d4
ab28ca87d8d015e8ce96cd6067af666564eb6990e9e5d529f764938ffd806eed
aba7b24a2d4a2c1f228353dc57404ff5acd290e301db90f6f6e36094723dd9a0
abb27fec9470255518f9c0b1aa4c5f670a7fee5c5d13ad9ef7c0e58e0ad9fa20
acc2607fc31615441696a8ea5ac6b9adf2518c25918bb04b6b791a4b2565ecf7
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1775d456b2d072bff63c892c38b2d4ea48487302a262024b9374b0c73954ad0
b3e8b1ebbc30e01166c957b4b8668cbdbcda8718f4fe05f87d1e0b0f30d3cea7
b95e4126bb3dfdc24dd8c8c626860866fca381d93a1c7e16c55b522ed32867eb
ba8501db326a5fcb204078e2d2aea61be7d04b19d05a6c8811227977b87c2cea
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc45eeb2eb917e30716c8261b85b812cbaf15ee66f302fa3274de5c278538ca8
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bf05433199ab6b67a6a672b8db7e503530879b88caca01a1b962829e036a446c
c103367d54c30e98d6b186615393a000bb9f1a9687e8206a83ad41266a2c3fdd
c2190bad56ab8a5460639bdb15f0639451d8feec9ddfbff2c6a7b5bf8fb27d95
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26892c3a43ac2bd5c6cb1772f30aca1b7bf01d7e80e3b03cf8e4ff3a7ca8d8c
c38c25c07bab6ed7b15cc489003e2d4f6c1c287ca083304f802781853b3e5aa6
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c6d8f7a0584aef0b79dc1004ca57d5a106e0373726a54ccb4f4ccba88a48b9e0
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c95624b4ab1cde29519d12306d2d1701862ee47c00ddb432c69465b7f508567d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb4bf1fc6237a5d6f964265c2ae2a419669635093deb8fda6eb3c0f38b2c8c37
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d36e356aeca3af4a8e0e9c4edf74272dd07e2dcda0b59c3eaf964935ecd76ff4
d42d4ddb5bd8656cc580b7040f84e42c466503936deb9a7467be8579c8ff5503
d49f39adb9c9f3f56e8ea5fccd4ed17c42efa9c4cb7d5742c22c92314ae3a886
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d6bc8083c4836e2e91f0047c1c2fef53d647a3bfed2967e2beb86abbf04862ef
d6c39afecfcbf5e0234b3e24fa1c659e3b6b6c27809ccde75c4518e8c6d1c34a
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da7f2d9845d6b9076863d49e59e675b490d864d584b5d3d6dc3b54d728de5c9d
daa5d8c3566e7bc9fae7ac03564456b47cd271cac65faca21b63299ab32e52d6
dbcdb615a4e040504a673d8d4c95f59a0d7358a6bf2ac30ec25dce8b993fad2d
dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2
dd320a52548c2bf657125117279260bbe57e24dd637a291e8395ba66191bcec4
e038aae8b93b75a9c3e6c1d88597cb321bd73592bee2a99f2b7f1bc6670c6fac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5beaec7a94d57feadbdc3dc8da8df0f590c5e004f7575931da1b3e14f82e1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e7e0f3aece51bcac342b4224dd89fbd1f781ab88aa7f3a0a6116def727a97de0
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
eb82cab590e2d2a1ace6858eac6455b2f9c62c99c0af50710eca8a12c0339fb1
eb982b31ad55093dfacb6ee94d1ee19dee7b561c43cb3fde08ce861d351b4ead
ed6249a2d2174575902beb1035eb0669e7050956ef6bba3cd53006e40b4aa42e
ee250a7246a577f9a185d73f03403c113de717ad7a37e4418739eb18f8fbbbbf
eef5626b84cb59b42ba0c63c6285ebf06e16c58eb473f073960bfc1057a46dc2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef47bec63ad5be0a77e9e4eca627354b4eb8ddd9e23926d5fcd22d29a87ca856
efc773e545bb28feab4c3d6c1be4623d469c9b94284929383676d1649072593e
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f4dd8d97792e5c2cec51804078a387d948faf27462553908a80b79b0334e1863
f512eb9e46ca8e2dcbbfcbd2cb9e7a36925c12045c613c471c4714ab0b56a012
f59557dcce07ba2b2e7ada11093c04399f580c1d1d435cc26b761517a7a89080
f7144a2e7656a803483e894eae252e1195a35b57393bae3ccdc2d578e607ba86
f80d25388f03cd0dee4c8fb81c3a704151ac0cf55f9b1c137b1fc62808c2bbe5
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
fada062c8a25d4057f5db61fe68fb75c5714e921e7f19aab306fef12c9c875ab
fd9c5eb69df779ede0d59aae6b06f92167ef7198295bc4248b17c8235de32d4a
ffaa50a452b5d63f6de2c644dddaad0a0d7b10d3bce941d4d95df2302d0e95d3