www.heraldonline.com Open in urlscan Pro
23.52.224.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Effective URL:
https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Submission: On December 12 via api (December 12th 2023, 5:27:17 pm UTC) from AU — Scanned from AU

Summary HTTP 172 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 63 IPs in 3 countries across 42 domains to perform 172 HTTP transactions. The main IP is 23.52.224.26, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www.heraldonline.com. The Cisco Umbrella rank of the primary domain is 216259.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 1st 2023. Valid for: a year.

This is the only time www.heraldonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
28	23.52.224.26 23.52.224.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.71.74 142.250.71.74	15169 (GOOGLE) (GOOGLE)
1	54.231.193.201 54.231.193.201	16509 (AMAZON-02) (AMAZON-02)
2	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
8	54.186.140.101 54.186.140.101	16509 (AMAZON-02) (AMAZON-02)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	35.82.226.172 35.82.226.172	16509 (AMAZON-02) (AMAZON-02)
8	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	104.74.36.170 104.74.36.170	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	18.67.111.98 18.67.111.98	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
2	13.35.147.9 13.35.147.9	16509 (AMAZON-02) (AMAZON-02)
1	52.39.142.139 52.39.142.139	16509 (AMAZON-02) (AMAZON-02)
1	54.82.17.205 54.82.17.205	14618 (AMAZON-AES) (AMAZON-AES)
1	54.198.156.105 54.198.156.105	14618 (AMAZON-AES) (AMAZON-AES)
3	18.244.214.70 18.244.214.70	16509 (AMAZON-02) (AMAZON-02)
2 6	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.67.111.71 18.67.111.71	16509 (AMAZON-02) (AMAZON-02)
4	54.197.68.230 54.197.68.230	14618 (AMAZON-AES) (AMAZON-AES)
2	18.67.93.116 18.67.93.116	16509 (AMAZON-02) (AMAZON-02)
1 2	54.253.168.253 54.253.168.253	16509 (AMAZON-02) (AMAZON-02)
2	103.229.10.211 103.229.10.211	16509 (AMAZON-02) (AMAZON-02)
2	142.250.204.8 142.250.204.8	15169 (GOOGLE) (GOOGLE)
1	18.67.97.57 18.67.97.57	16509 (AMAZON-02) (AMAZON-02)
1	44.242.33.86 44.242.33.86	16509 (AMAZON-02) (AMAZON-02)
1 2	54.86.156.123 54.86.156.123	14618 (AMAZON-AES) (AMAZON-AES)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	13.215.134.10 13.215.134.10	16509 (AMAZON-02) (AMAZON-02)
2 3	54.153.211.209 54.153.211.209	16509 (AMAZON-02) (AMAZON-02)
1	18.67.111.60 18.67.111.60	16509 (AMAZON-02) (AMAZON-02)
1	54.84.121.54 54.84.121.54	14618 (AMAZON-AES) (AMAZON-AES)
1	13.251.194.25 13.251.194.25	16509 (AMAZON-02) (AMAZON-02)
1	142.250.204.14 142.250.204.14	15169 (GOOGLE) (GOOGLE)
1	13.224.181.10 13.224.181.10	16509 (AMAZON-02) (AMAZON-02)
3	3.33.255.181 3.33.255.181	16509 (AMAZON-02) (AMAZON-02)
3	54.208.70.34 54.208.70.34	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	34.200.116.119 34.200.116.119	14618 (AMAZON-AES) (AMAZON-AES)
1	18.67.111.4 18.67.111.4	16509 (AMAZON-02) (AMAZON-02)
1	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	44.205.176.247 44.205.176.247	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.76.98 142.250.76.98	15169 (GOOGLE) (GOOGLE)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.181.72 13.224.181.72	16509 (AMAZON-02) (AMAZON-02)
3	18.67.113.158 18.67.113.158	16509 (AMAZON-02) (AMAZON-02)
1	18.67.93.103 18.67.93.103	16509 (AMAZON-02) (AMAZON-02)
2	99.84.238.146 99.84.238.146	16509 (AMAZON-02) (AMAZON-02)
1	74.118.186.106 74.118.186.106	() ()
1	13.227.21.162 13.227.21.162	() ()
1	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.241.113 3.33.241.113	() ()
1	182.161.73.145 182.161.73.145	() ()
1	3.210.154.160 3.210.154.160	() ()
1	18.67.111.14 18.67.111.14	16509 (AMAZON-02) (AMAZON-02)
1	18.67.114.43 18.67.114.43	() ()
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.22.53.86 104.22.53.86	() ()
1	13.33.89.72 13.33.89.72	() ()
1	151.101.193.229 151.101.193.229	() ()
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.155.204.188 18.155.204.188	() ()
1	16.182.66.73 16.182.66.73	() ()
4	35.244.159.8 35.244.159.8	() ()
1 1	211.120.53.201 211.120.53.201	() ()
2 2	13.224.181.100 13.224.181.100	() ()
1 2	142.250.204.2 142.250.204.2	() ()
172	63

1 166.108.36.245 (United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

heraldonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 23.52.224.26 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-224-26.deploy.static.akamaitechnologies.com

www.heraldonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.71.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.193.201 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mcclatchy-next-apps-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.186.140.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-140-101.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.82.226.172 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-226-172.us-west-2.compute.amazonaws.com

profile-api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.74.36.170 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-36-170.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.111.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-98.syd62.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.147.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-9.syd1.r.cloudfront.net

tags.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.142.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-142-139.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.17.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-17-205.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.198.156.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-156-105.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.214.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-70.sfo53.r.cloudfront.net

cdn-prod.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.77.79 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.111.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-71.syd62.r.cloudfront.net

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.197.68.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-68-230.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.93.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-116.syd62.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.253.168.253 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-253-168-253.ap-southeast-2.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.97.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-97-57.syd62.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.242.33.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-33-86.us-west-2.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.156.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-156-123.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.215.134.10 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-134-10.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.153.211.209 (Sydney, Australia) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.111.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-60.syd62.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.121.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-121-54.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.251.194.25 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-194-25.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.181.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-10.syd1.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.255.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: aedf1f689f9b4287e.awsglobalaccelerator.com

app.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.208.70.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-70-34.compute-1.amazonaws.com

api.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.116.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-116-119.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.111.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-4.syd62.r.cloudfront.net

sli.heraldonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.176.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-176-247.compute-1.amazonaws.com

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.181.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-72.syd1.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.113.158 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-113-158.syd62.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-103.syd62.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.238.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-238-146.sfo5.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.118.186.106 (None, )

ASN- ()

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.21.162 (None, )

ASN- ()

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.241.113 (None, )

ASN- ()

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.145 (None, )

ASN- ()

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.154.160 (None, )

ASN- ()

bidder.newspassid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.111.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-14.syd62.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.114.43 (None, )

ASN- ()

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN- ()

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.89.72 (None, )

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.204.188 (None, )

ASN- ()

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.66.73 (None, )

ASN- ()

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (None, )

ASN- ()

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.120.53.201 (None, ) 1 redirects

ASN- ()

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.181.100 (None, ) 2 redirects

ASN- ()

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.2 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	heraldonline.com 1 redirects heraldonline.com — Cisco Umbrella Rank: 210816 www.heraldonline.com — Cisco Umbrella Rank: 216259 sli.heraldonline.com — Cisco Umbrella Rank: 770639	470 KB
26	amplitude.com api2.amplitude.com — Cisco Umbrella Rank: 1294 profile-api.amplitude.com — Cisco Umbrella Rank: 50121 api.lab.amplitude.com — Cisco Umbrella Rank: 4086	5 KB
7	ml314.com 2 redirects vi.ml314.com — Cisco Umbrella Rank: 7233 ml314.com — Cisco Umbrella Rank: 1824	12 KB
6	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net us-u.openx.net jp-u.openx.net	2 KB
6	securiti.ai cdn-prod.securiti.ai — Cisco Umbrella Rank: 13413 app.securiti.ai — Cisco Umbrella Rank: 16863	135 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com	75 KB
5	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2268 b-code.liadm.com — Cisco Umbrella Rank: 2977 rp.liadm.com — Cisco Umbrella Rank: 1632 i.liadm.com — Cisco Umbrella Rank: 517 i6.liadm.com — Cisco Umbrella Rank: 2358	17 KB
5	fullcontact.com tags.fullcontact.com — Cisco Umbrella Rank: 20920 api.fullcontact.com — Cisco Umbrella Rank: 20833	20 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016 launchpad.privacymanager.io — Cisco Umbrella Rank: 2702 geo.privacymanager.io — Cisco Umbrella Rank: 2070	29 KB
4	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net	165 KB
4	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799 tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	13 KB
4	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 331 direct.adsrvr.org	1 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2618	9 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	2 KB
3	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 11626 www.i.matheranalytics.com — Cisco Umbrella Rank: 11414	43 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com	1 KB
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	26 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567	119 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550 bidder.criteo.com	562 B
2	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3954	462 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3052 p1.parsely.com — Cisco Umbrella Rank: 2300	24 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	150 KB
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 18949 pixel.quantserve.com — Cisco Umbrella Rank: 1011	9 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com — Cisco Umbrella Rank: 2550	1 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 9948	141 KB
2	gstatic.com fonts.gstatic.com	81 KB
2	amazonaws.com mcclatchy-next-apps-prod.s3.amazonaws.com — Cisco Umbrella Rank: 64701 ams-pageview-public.s3.amazonaws.com	1 KB
1	socdm.com 1 redirects tg.socdm.com	854 B
1	jsdelivr.net cdn.jsdelivr.net	897 B
1	uidapi.com cdn.prod.uidapi.com	3 KB
1	id5-sync.com cdn.id5-sync.com id5-sync.com Failed	34 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	newspassid.com bidder.newspassid.com	781 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 484	555 B
1	unrulymedia.com targeting.unrulymedia.com
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1296	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	876 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3712	164 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
172	42

	Domain	Requested by
28	www.heraldonline.com	www.heraldonline.com
10	profile-api.amplitude.com	www.heraldonline.com
8	api.lab.amplitude.com	www.heraldonline.com
8	api2.amplitude.com	www.heraldonline.com
6	ml314.com	2 redirects www.heraldonline.com ml314.com
4	tags.srv.stackadapt.com	www.heraldonline.com tags.srv.stackadapt.com
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	api.fullcontact.com	tags.fullcontact.com
3	app.securiti.ai	cdn-prod.securiti.ai
3	ps.eyeota.net	2 redirects
3	match.adsrvr.org	3 redirects
3	cdn-prod.securiti.ai	www.heraldonline.com cdn-prod.securiti.ai
3	sb.scorecardresearch.com	1 redirects www.heraldonline.com
2	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	oajs.openx.net	1 redirects
2	geo.privacymanager.io	launchpad.privacymanager.io
2	cdn.confiant-integrations.net	htlbid.com cdn.confiant-integrations.net
2	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net
2	sdk.iad-05.braze.com	www.heraldonline.com
2	sync.crwdcntrl.net	2 redirects
2	dpm.demdex.net	1 redirects
2	www.googletagmanager.com	www.heraldonline.com www.googletagmanager.com
2	secure-us.imrworldwide.com	1 redirects
2	htlbid.com	www.heraldonline.com
2	tags.fullcontact.com	www.heraldonline.com tags.fullcontact.com
2	js.matheranalytics.com	1 redirects www.heraldonline.com
2	fonts.gstatic.com	fonts.googleapis.com
1	tg.socdm.com	1 redirects
1	us-u.openx.net	google-bidout-d.openx.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ams-pageview-public.s3.amazonaws.com
1	d15kdpgjg3unno.cloudfront.net	htlbid.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	bidder.newspassid.com	htlbid.com
1	bidder.criteo.com	htlbid.com
1	direct.adsrvr.org	htlbid.com
1	htlb.casalemedia.com	htlbid.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	targeting.unrulymedia.com	htlbid.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	launchpad-wrapper.privacymanager.io	htlbid.com
1	i6.liadm.com	i.liadm.com
1	dis.criteo.com	i.liadm.com
1	sli.heraldonline.com
1	i.liadm.com	b-code.liadm.com
1	pixel.quantserve.com
1	rules.quantcount.com	edge.quantserve.com
1	www.google-analytics.com	www.googletagmanager.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	rp.liadm.com	b-code.liadm.com
1	tags.crwdcntrl.net	tags.fullcontact.com
1	p1.parsely.com
1	cdn.parsely.com	www.heraldonline.com
1	edge.quantserve.com	www.heraldonline.com
1	b-code.liadm.com	www.heraldonline.com
1	www.i.matheranalytics.com	www.heraldonline.com
1	idx.liadm.com	tags.fullcontact.com
1	jadserve.postrelease.com	s.ntv.io
1	s.ntv.io	www.heraldonline.com
1	vi.ml314.com	www.heraldonline.com
1	mcclatchy-next-apps-prod.s3.amazonaws.com	www.heraldonline.com
1	fonts.googleapis.com	www.heraldonline.com
1	heraldonline.com	1 redirects
0	id5-sync.com Failed	cdn.id5-sync.com
172	71

This site contains links to these domains. Also see Links.

Domain
www.mcclatchy.com
account.heraldonline.com
subscribe.heraldonline.com
www.legacy.com
jobs.heraldonline.com
heraldonline.newspapers.com
k12nie.com
go.mcclatchy.com
t.news.heraldonline.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
heraldonline.obituaries.com
placeclassifieds.mcclatchy.com
classifieds.mcclatchy.com
business.mcclatchy.com
hiring.mcclatchy.com
www.winwithmcclatchy.com
heraldonline.com
myaccount.heraldonline.com
privacy-central.securiti.ai

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
vi.ml314.com GTS CA 1D4	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-12-30`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.fullcontact.com Amazon RSA 2048 M02	`2023-12-06` - `2025-01-02`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
app.securiti.ai Amazon RSA 2048 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2023-09-09` - `2024-10-07`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
api.fullcontact.com Amazon RSA 2048 M03	`2023-10-12` - `2024-11-09`	a year	crt.sh
*.iad-05.braze.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-27` - `2024-08-27`	a year	crt.sh
sli.heraldonline.com Amazon RSA 2048 M02	`2023-06-04` - `2024-07-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
bidder.newspassid.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Frame ID: 79BA02053EE0EB193F26D88D9487C730
Requests: 105 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/b035841f-a919-4a91-bee0-93f3588980c6
Frame ID: BB08219B11D46AAC29A3BBA5C64C4BC3
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/e4bf6809-8135-4c3d-b692-a1e535be0f7d
Frame ID: E1D618BE87D672DB5E06CD8D655D0CB3
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/c8d5b3c1-a015-4bfe-9266-cc15635444ab
Frame ID: 820EBE822FF7B31C02571A3CF49F720D
Requests: 8 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/cfcaef9c-bf60-40df-9568-eeea2d754b0d
Frame ID: CF343EE5B2EAE3691E417DFD2D97738E
Requests: 7 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/6b0ffc1b-f32d-4064-95dc-c746378a2ba0
Frame ID: 59A7A825A91CD62B8B30C4B4ABB50D5D
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/bc7b8af6-f201-4e84-9c59-ce74150ae9bd
Frame ID: B8E1BF4153FAFFF2C4DF99B2278FFD68
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/a7190162-263b-4b67-83f4-b8b5fcb10f2b
Frame ID: 6E546338E971F6D01FD8B5EC476CC41D
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/32a57663-6169-42b0-b514-314a7ecf1794
Frame ID: 2AE5792A831FED877BD4B6BA20894894
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/7de42792-69f4-4b3e-89c0-f68460d7876c
Frame ID: 4CA0E74CDC8C9312BA8FCB79F837EDD7
Requests: 4 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01ef?duid=5fb552a76ef3--01hhfh2yw0akdzav93etvenqex&euns=0&s=&version=v2.11.2&
Frame ID: C9A5A817D80C234CA0C40F879077F5B4
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 74037A0CA70E062C2F5781F8E7809108
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 | Rock Hill HeraldClose navigation panel

Page URL History Show full URLs

http://heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html HTTP 301
https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

172
Requests

74 %
HTTPS

0 %
IPv6

42
Domains

71
Subdomains

63
IPs

3
Countries

1783 kB
Transfer

5834 kB
Size

29
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mcclatchy.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/auth0
Title: LOG IN

Search URL Search Domain Scan URL

URL: https://subscribe.heraldonline.com/beinformed
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/heraldonline/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://jobs.heraldonline.com/
Title: Jobs / Recruiting

Search URL Search Domain Scan URL

URL: https://heraldonline.newspapers.com/?xid=3096
Title: Archives

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/my-account
Title: Account Management

Search URL Search Domain Scan URL

URL: https://k12nie.com/?p=nie.heraldonline.com
Title: NIE

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-rock-hill/p/1
Title: Contact McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://t.news.heraldonline.com/webApp/mccSignupPage?siteName=heraldonline
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/therockhillherald
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/RHHerald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rhherald_preps/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/rockhillheraldonline
Title: YouTube

Search URL Search Domain Scan URL

URL: https://heraldonline.obituaries.com/
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/rockhill/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/rockhill/#navlink=subnav
Title: Browse Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/rockhill/
Title: Search Legal Notices

Search URL Search Domain Scan URL

URL: https://business.mcclatchy.com/rockhill
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://hiring.mcclatchy.com/recruitmentproducts
Title: Staffing Solutions

Search URL Search Domain Scan URL

URL: https://www.winwithmcclatchy.com/political-advocacy
Title: Political | Advocacy Advertising

Search URL Search Domain Scan URL

URL: https://heraldonline.com/mobile
Title: Rock Hill Herald App

Search URL Search Domain Scan URL

URL: http://t.news.heraldonline.com/webApp/mccSignupPage?siteName=heraldonline
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://myaccount.heraldonline.com/rhl_rh/home
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-herald/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy-central.securiti.ai/#/dsr-universal/0a979fab-900d-4113-aab0-e2bf786400ac
Title: Your Privacy Choices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html HTTP 301
https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://js.matheranalytics.com/s/ma12095/74930704/all/ml.js?cb=1642 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

Request Chain 60

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702402030337&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&c8=404%20%7C%20Rock%20Hill%20Herald&c9=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702402030337&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&c8=404%20%7C%20Rock%20Hill%20Herald&c9=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html

Request Chain 89

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1702402030894 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1702402030894&ja=1

Request Chain 105

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640584906208706560&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640584906208706560&redir=

Request Chain 106

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=e69ba750-9c5f-4bdf-a950-70b39bc43fc0&gdpr=0&gdpr_consent=

Request Chain 107

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640584906208706560 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640584906208706560 HTTP 302
https://ml314.com/csync.ashx?fp=c16f3e3db34e55a1a1a39631d80e2fdb&eid=50146&person_id=3640584906208706560

Request Chain 108

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2TC8PZmLzWDXo9AnfgtYppzf5ZsO1h5WJBcVFCCXAuc0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=2TC8PZmLzWDXo9AnfgtYppzf5ZsO1h5WJBcVFCCXAuc0&person_id=3640584906208706560&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 161

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp&cc=1

Request Chain 166

https://match.adsrvr.org/track/cmf/openx?oxid=076ba7c5-b095-795b-fed0-363778e2f46b&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e69ba750-9c5f-4bdf-a950-70b39bc43fc0&ttd_puid=076ba7c5-b095-795b-fed0-363778e2f46b&gdpr=0&gdpr_consent=

Request Chain 167

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXiX9cCo5sAAAOAZN9EAAAAA

Request Chain 168

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfB6H77jd7Txks8AED41tQmefM8AAAGMXxGWXg

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmIwNDc0MGYtNzllMi0yN2ZmLWViMzAtNmM4ZWIyMDAzYTBi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmIwNDc0MGYtNzllMi0yN2ZmLWViMzAtNmM4ZWIyMDAzYTBi&google_tc=

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVUotZeacxe-KdA2XWojwQ&google_cver=1

172 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request new-drummer-adds-chops-to-mack.html Show response
www.heraldonline.com/2011/07/08/3204275/
Redirect Chain

http://heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

26 KB
28 KB

2149ms
802ms

Document
text/html

23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0daa8d82b251242677bab38547bbe7f7695e9e156b9e730dc95877564ab7cec8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 26792
content-type: text/html;charset=utf-8
date: Tue, 12 Dec 2023 17:27:09 GMT
etag: "68a8-pa9ceLKI2YDTPbMFW3WUOQseHUk"
expires: Tue, 12 Dec 2023 17:27:09 GMT
last-modified: Tue, 12 Dec 2023 17:27:09 GMT
mi-api: WPS
mi-cache-age: 0
pragma: no-cache
server: MI
server-timing: ak_p; desc="1702402028525_400244756_79746195_77931_8622_1_5_255";dur=1
surrogate-control: varnish=ESI/2.1
x-cachebust
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-robots-tag: noindex, nofollow
x-varnish: 933936808, 993234178

Redirect headers

Connection: Keep-Alive
Content-Length: 291
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 12 Dec 2023 17:27:07 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Server: Apache

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 200ms
101ms Stylesheet
text/css 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

ESF /

Resource Hash

54e65529c34a13adf1ba88aa5d10514dc5a67cc72ca5a9328eaf3465b788fe91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 17:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 17:27:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 17:27:09 GMT

GET
H2 200 mi-styles.c047c6c8c78b55f5813d.css
www.heraldonline.com/wps/build/webpack/css/ 221 KB
47 KB 13ms
12ms Stylesheet
text/css 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/webpack/css/mi-styles.c047c6c8c78b55f5813d.css
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7ebdb47af4c57fa699fd3228a955ad6be1e7be6e797efc13264b66056110c0a4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:09 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 172
x-cachebust
server-timing: ak_p; desc="1702402029357_400244756_79746337_36_9630_3_0_255";dur=1
content-length: 47460
last-modified: Thu, 16 Nov 2023 06:52:12 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"375fa-18bd6e6cd60"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 821259972, 1049266376 1035707928
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=96770
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 272 B
665 B 653ms
221ms Stylesheet
text/css 54.231.193.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.193.201 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 17:27:10 GMT
Last-Modified: Wed, 10 May 2023 23:40:01 GMT
Server: AmazonS3
x-amz-request-id: 8KZTP5Q5KKJ1GXD1
ETag: "2d39810a5e64f8448f15544f86081077"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 272
x-amz-id-2: TfCcc/Fp62kQDTEWDcHweNpsQGqGD2jc5LMsUoS/IBd3wtfTp6z+i0qtfgE6loDF8KZwG+GTcvg=

GET
H2 200 jquery-3.4.1.min.js Show response
www.heraldonline.com/wps/source/scripts/libs/ 86 KB
30 KB 11ms
10ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/scripts/libs/jquery-3.4.1.min.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:09 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 374201
x-cachebust
server-timing: ak_p; desc="1702402029372_400244756_79746338_21_7182_2_0_219";dur=1
content-length: 30715
last-modified: Mon, 04 Dec 2023 15:38:39 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"15850-18c357b4018"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 225780976, 531566855 525833930
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=407278
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 heraldonlinecore.js Show response
www.heraldonline.com/obosizny-l/ 117 KB
35 KB 277ms
276ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 713dec5f6e40bd3afba833e8fc51276e4b71c91a32a64f2031d55acb2acb7562

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:09 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 223
x-cachebust
server-timing: ak_p; desc="1702402029372_400244756_79746339_26740_7139_1_0_219";dur=1
content-length: 35840
last-modified: Tue, 12 Dec 2023 07:47:03 GMT
server: MI
etag: W/"1d3a9-60c4b419aabc0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 227869750, 756941326 730238552
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mastheadPage.bundle-77bca67755478054d76c.js Show response
www.heraldonline.com/wps/build/webpack/ 92 KB
33 KB 13ms
13ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/webpack/mastheadPage.bundle-77bca67755478054d76c.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a7e5fc6e0513dea13e2e9d682d001735ea6a8967411732ac36777fb65b92f99c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:09 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2990
x-cachebust
server-timing: ak_p; desc="1702402029821_400244756_79746403_32_10660_3_0_219";dur=1
content-length: 32923
last-modified: Mon, 04 Dec 2023 15:53:05 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"16fc7-18c358876e8"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 506603144, 213160266 203366786
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555144
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK a29c2366-f587-4d5d-b2a8-06be5d831b0c Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/a29c2366-f587-4d5d-b2a8-06be5d831b0c
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce1291cf2a019af2aa4032a413eaead39ebaef0554c33e32ee8950ccad95b042

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 6e1c4319-7503-4cc8-8c47-4f38845325c1 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/6e1c4319-7503-4cc8-8c47-4f38845325c1
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a16f46c68f52e3bd2ee463c9cc573e83141e3e2d6e20c94521ecabd2523e52db

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 vendorBundle.d64483d0d0ff7e8fba39.js Show response
www.heraldonline.com/obosizny-l/ 87 KB
31 KB 22ms
22ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/vendorBundle.d64483d0d0ff7e8fba39.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 338fdf68201af5c6ba0f68b48af883ec110ce43c51aeb3a044ae94594ef2d610

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6844
x-cachebust
server-timing: ak_p; desc="1702402030046_400244756_79746423_988_9785_2_0_219";dur=1
content-length: 31209
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"15ca9-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 188715799, 762380377 732398005
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577351
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK b1b44861-ca96-47ee-85ed-a650b8762f50 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/b1b44861-ca96-47ee-85ed-a650b8762f50
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8353d0f195ddb6deb536c1e0ab5e4943d5a8a6e6be42cfac5d0891ba3b9a919d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK a91a9ef1-ca37-47d0-b180-7a392f4dbb51 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/a91a9ef1-ca37-47d0-b180-7a392f4dbb51
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62af5ab25b8eb96c75028db30a02c33b24b0e808cdb123e72e71969300689a8d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 87972876-acb2-441c-b175-3e71bdf2ab3d Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/87972876-acb2-441c-b175-3e71bdf2ab3d
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e58a5375befb866d72a1a45c40a83d0396d5cb8e9a9c7fa8bb3190618d7eb06

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 danelei.336fd3ad77c4b34d4f13.js Show response
www.heraldonline.com/obosizny-l/ 15 KB
5 KB 20ms
19ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/danelei.336fd3ad77c4b34d4f13.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/a29c2366-f587-4d5d-b2a8-06be5d831b0c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f6dd50133ddf38755973676f5f279bef2c7dc4521ec6f54742c06f97ddce0f32

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6558
x-cachebust
server-timing: ak_p; desc="1702402030057_400244756_79746426_114_9107_2_0_146";dur=1
content-length: 4189
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"3aa6-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 864520702 852984443
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577272
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 escenic.4a15e7da5bce16407422.js Show response
www.heraldonline.com/obosizny-l/ 174 KB
46 KB 26ms
25ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/escenic.4a15e7da5bce16407422.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/6e1c4319-7503-4cc8-8c47-4f38845325c1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0cc92ca69274a35e7ffb230d1e4e84e460811a04edb62bf303c3c74404053d92

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6609
x-cachebust
server-timing: ak_p; desc="1702402030072_400244756_79746427_714_8121_2_0_146";dur=1
content-length: 46467
last-modified: Tue, 12 Dec 2023 07:47:03 GMT
server: MI
etag: W/"2b68e-60c4b419aabc0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 227016798, 748880576 728465855
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577326
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 netdale.6e4c5fbbafe12d36d61c.js Show response
www.heraldonline.com/obosizny-l/ 104 KB
30 KB 25ms
25ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/netdale.6e4c5fbbafe12d36d61c.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/b1b44861-ca96-47ee-85ed-a650b8762f50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1e6bedfa014033834f33143d051b44e6c40e73c9b9f90d94484744297d7dd8c3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6844
x-cachebust
server-timing: ak_p; desc="1702402030081_400244756_79746428_1020_6585_2_0_146";dur=1
content-length: 30245
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"19f76-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 752387115 729514631
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577306
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 nextCustom.63b975213cece9daa84a.js Show response
www.heraldonline.com/obosizny-l/ 21 KB
8 KB 10ms
9ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/nextCustom.63b975213cece9daa84a.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/a91a9ef1-ca37-47d0-b180-7a392f4dbb51
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5d461dbcdf6c751eb21d83ca13f9f8b2a10c352f46d926732dd3fccb2d665df9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6843
x-cachebust
server-timing: ak_p; desc="1702402030104_400244756_79746432_66_7037_2_0_146";dur=1
content-length: 7307
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"52e1-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 876250344 847315690
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577319
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 woldoni.f3c4c53b5248f177286f.js Show response
www.heraldonline.com/obosizny-l/ 19 KB
6 KB 10ms
10ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/woldoni.f3c4c53b5248f177286f.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/87972876-acb2-441c-b175-3e71bdf2ab3d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3dd4fd4a281e5e24d3d66095d403b71713790caed7796e781b6da5cd400bc6cc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6843
x-cachebust
server-timing: ak_p; desc="1702402030104_400244756_79746433_66_7031_2_0_146";dur=1
content-length: 5432
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"4c4f-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 223937003, 758022775 686821593
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577242
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK a167d978-4cf4-4539-9555-dd0e716a286d Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/a167d978-4cf4-4539-9555-dd0e716a286d
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa7b9511e1ce89c10dbc8c188d8d0b80989136d05aeaba0ba9c6b42581452ba

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 modal-v3.0.2.js Show response
www.heraldonline.com/obosizny-l/js/ 7 KB
2 KB 19ms
18ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/js/modal-v3.0.2.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 318142
x-cachebust
server-timing: ak_p; desc="1702402030088_400244756_79746430_258_7525_2_0_219";dur=1
content-length: 2103
last-modified: Thu, 07 Dec 2023 19:30:47 GMT
server: MI
etag: W/"1b3d-60bf08124e7c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 541065937, 244713000 278037553
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577272
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 naeliya.32ff17c8f7ae9a53cc87.js Show response
www.heraldonline.com/obosizny-l/ 8 KB
3 KB 11ms
11ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/naeliya.32ff17c8f7ae9a53cc87.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/a167d978-4cf4-4539-9555-dd0e716a286d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e4cb1d71fb72f4874948c77241d999b11b77082bc44d53870775b5a39fa15122

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6843
x-cachebust
server-timing: ak_p; desc="1702402030104_400244756_79746434_60_7058_2_0_146";dur=1
content-length: 2587
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"1fdc-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 876218682 831751443
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577216
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 logo.svg
www.heraldonline.com/wps/build/images/heraldonline/ 3 KB
2 KB 10ms
9ms Image
image/svg+xml 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/wps/build/images/heraldonline/logo.svg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f23a7571bc801ca854bc9f3adf6e654f07a2fca29e25c501e845b986784d9137

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 96382
x-cachebust
server-timing: ak_p; desc="1702402030142_400244756_79746438_65_7288_5_0_146";dur=1
content-length: 1316
last-modified: Thu, 16 Nov 2023 06:52:05 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"c09-18bd6e6b208"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 890017320, 99682611 666471801
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=182157
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v35/ 39 KB
39 KB 402ms
2ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldonline.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:35:48 GMT
x-content-type-options: nosniff
age: 507082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39552
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 20:09:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 20:35:48 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 391ms
4ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldonline.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 12:14:34 GMT
x-content-type-options: nosniff
age: 364356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 12:14:34 GMT

GET
H2 200 favicon-32.png
www.heraldonline.com/wps/build/images/heraldonline/ 251 B
708 B 9ms
9ms Image
image/png 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/wps/build/images/heraldonline/favicon-32.png
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b37450191a725333bfc7bbbccc90c46f16100c799741a849f650fa7a0e55c4b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 50567
x-cachebust
server-timing: ak_p; desc="1702402030172_400244756_79746449_22_7061_6_0_146";dur=1
content-length: 251
last-modified: Mon, 04 Dec 2023 15:53:02 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"fb-18c35886b30"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 216647419, 420839704 301795418
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=96645
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
BLOB 200
OK a9726ad3-1ce7-4532-b310-9bf447c61081 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/a9726ad3-1ce7-4532-b310-9bf447c61081
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f9feaee1d6f833d39388a99335d5e5d8e36e013e7e398b9ced9dbaf5360d9e3

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 3512aff2-d482-444b-8aaa-b8b7bda59c23 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/3512aff2-d482-444b-8aaa-b8b7bda59c23
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75b83272e469e0f6134ee26e67723d3be1423236eb1627d6964c757cd48e50b1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK a3838fb1-39b9-493f-aa2b-5671dcf2e7b4 Show response
https://www.heraldonline.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/a3838fb1-39b9-493f-aa2b-5671dcf2e7b4
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 448d910fa07291bfcdd8ede58f50fc2770f68948c68e4d1ad5eb068620679ead

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 157ms
156ms Fetch
application/json 54.186.140.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/escenic.4a15e7da5bce16407422.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.140.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-140-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

c98a1f143c0f88b6b92f12ba4d1532d07cad0d265e5d435c3fc78401e9c0154d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-657897ee-5072b2f411221efa60a29fe1
content-length: 94

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 461ms
152ms Preflight 54.186.140.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.140.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-140-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=15768000

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 34ms
17ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=88280&tk=Sd8Lhw2fKivbawYXOa0sKaCgKxoI2fc6Kjw9Z4GOBSB2s3d&fp=

Requested by

Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/a9726ad3-1ce7-4532-b310-9bf447c61081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Tue, 12 Dec 2023 17:27:10 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 domkut.85a4f5da73bce7333819.js Show response
www.heraldonline.com/obosizny-l/ 7 KB
3 KB 13ms
9ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/domkut.85a4f5da73bce7333819.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/3512aff2-d482-444b-8aaa-b8b7bda59c23
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a6723c3e2b19aef28cb5c38c0844bda4c2eeb657b1503cd122968a4fec28baf4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6795
x-cachebust
server-timing: ak_p; desc="1702402030249_400244756_79746456_59_7260_5_0_146";dur=1
content-length: 2576
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"1cf0-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 245007782 223707960
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577350
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 sponsored.3deb1c34f3c43d5e6b9d.js Show response
www.heraldonline.com/obosizny-l/ 4 KB
2 KB 13ms
10ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/sponsored.3deb1c34f3c43d5e6b9d.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/a3838fb1-39b9-493f-aa2b-5671dcf2e7b4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7c560fbe3d1a83a71dbf248984b5a84b172b1d764e1068f29ac68bb9a34664ab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6842
x-cachebust
server-timing: ak_p; desc="1702402030249_400244756_79746457_58_7248_5_0_146";dur=1
content-length: 1658
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"11f1-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 249169501 213617963
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577278
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 453ms
150ms Preflight 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&comp_id=apflrqef

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Tue, 12 Dec 2023 17:27:10 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-657897ee-4c6c1e4a5835e8334881d4cf
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 453ms
149ms Preflight 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Tue, 12 Dec 2023 17:27:10 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-657897ee-2887b82024d3ff1a528ed495
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 452ms
149ms Preflight 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Tue, 12 Dec 2023 17:27:10 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-657897ee-0ec23159673b07101b6383f9
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 453ms
150ms Preflight 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Tue, 12 Dec 2023 17:27:10 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-657897ee-6bc1772e54e6830c7de10c80
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 454ms
152ms Preflight 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Tue, 12 Dec 2023 17:27:10 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-657897ee-726dbffc109b68756d8f3b7f
x-content-type-options: nosniff

GET
H2 400 userprofile Show response
profile-api.amplitude.com/v1/ 331 B
599 B 173ms
171ms Fetch
application/json 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&comp_id=apflrqef

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

7f141d70303734c5e6b43ffec0495526573a43f69842a92b346476f35b0fd6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-657897ee-4d7f36ce7b2dfd836990523c
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
content-length: 331

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
437 B 164ms
162ms Fetch
application/json 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

d891e339690b4d92ebf38c3448896babdd45cda3dda34a98730570632a8fb2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-657897ee-77ee428a0f3f18105863fb96
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
437 B 164ms
161ms Fetch
application/json 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

d891e339690b4d92ebf38c3448896babdd45cda3dda34a98730570632a8fb2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-657897ee-44fb5573682cf91642e29fa1
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
437 B 161ms
160ms Fetch
application/json 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

d891e339690b4d92ebf38c3448896babdd45cda3dda34a98730570632a8fb2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-657897ee-145cfc1c3cdd565734621867
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
437 B 164ms
164ms Fetch
application/json 35.82.226.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.226.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-226-172.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

d891e339690b4d92ebf38c3448896babdd45cda3dda34a98730570632a8fb2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-657897ee-73d22d506efed3705e3339e7
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 49ms
13ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 2531
cache-control: no-store
content-length: 0
date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65788e0b-69ecdc055445e3895b4e095d
x-cache: HIT
x-cache-hits: 36
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1702402030.291907,VS0,VE0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 228 B
341 B 239ms
239ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/woldoni.f3c4c53b5248f177286f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e73c544e2b2e9d3c4b8b1abd373b9a6b80e0c13f0cd4afe3deb9b75eac0aa54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
X-Amp-Exp-Flag-Keys: WyJzb3BoaS1ncm91cC0zIl0=
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MGQxZTMwOC05Y2U0LTQxOGUtYmJlYS0zZTdjNzJkYzJlNDQiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsInZpc2l0X251bWJlciI6MSwiZGV2aWNlX3Btb2RlIjoiMSIsImRldmljZV9vcmllbnRhdGlvbiI6InVuc3VwcG9ydGVkIiwiZGV2aWNlX3NjcmVlbl9zaXplIjoiMTYwMHgxMjAwIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzYiLCJmbGFnX2tleSI6InNvcGhpLWdyb3VwLTMiLCJkYXRlIjoiMjAyMy0xMi0xMyJ9fQ==

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 193
x-served-by: cache-bne12527-BNE
x-timer: S1702402030.307188,VS0,VE225
x-amzn-trace-id: Root=1-657897ee-28403d0a152a6c7d520381c0
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
BLOB 200
OK 34a6e361-d808-4c84-aae6-ffef4a68ba5a Show response
https://www.heraldonline.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/34a6e361-d808-4c84-aae6-ffef4a68ba5a
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 022b18dc9d02df13dccfcffcf8ceac006ea09f9ab54bfb48c1fba9dd143c5531

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 8b02b791-b9ed-49f7-9600-9c55449c888b Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/8b02b791-b9ed-49f7-9600-9c55449c888b
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbb9b9f9d2fbf1c72a42cfe12f328a32132577cc03700361dc4373d26812b237

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 651c2f5f-d2bb-4396-8257-2b4d04f07339 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/651c2f5f-d2bb-4396-8257-2b4d04f07339
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9675fb1a9f8fb479477f9261f05709910ca84e7fefd70fffab56ce757cd2b51a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 04d4ae43-a1e6-443e-827e-1c1b15dedfca Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/04d4ae43-a1e6-443e-827e-1c1b15dedfca
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 238179c06067283a19c75493d6a1568f09ab3417959b16acf62054e83dc722f7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 performance.8010faee95080e84157b.js Show response
www.heraldonline.com/obosizny-l/ 14 KB
5 KB 17ms
16ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/performance.8010faee95080e84157b.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/34a6e361-d808-4c84-aae6-ffef4a68ba5a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0863c61c5ac41ff4c1831406f02e4eff3959feaad5eb4c4db3e5c9cafd15b740

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6796
x-cachebust
server-timing: ak_p; desc="1702402030267_400244756_79746458_763_6944_4_0_146";dur=1
content-length: 4708
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"387c-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 247791907 225772041
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577279
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.b5f80c2797408b6c48a2.js Show response
www.heraldonline.com/obosizny-l/ 33 KB
12 KB 17ms
16ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/8b02b791-b9ed-49f7-9600-9c55449c888b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7be43759eea575dd1fc19230323af6adbf37ade4569f155164f2b87eff05a5a6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6839
x-cachebust
server-timing: ak_p; desc="1702402030274_400244756_79746461_75_6844_4_0_146";dur=1
content-length: 11580
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"85b2-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 716408058, 242976446 215483945
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577366
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 miFooter.0f6241372314066dcd07.js Show response
www.heraldonline.com/obosizny-l/ 12 KB
4 KB 198ms
197ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/miFooter.0f6241372314066dcd07.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/651c2f5f-d2bb-4396-8257-2b4d04f07339
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c3f375a063a147bd14344bbcff2c42d7a2d49a8114a00ca7376b4a9fa4df09d5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6839
x-cachebust
server-timing: ak_p; desc="1702402030274_400244756_79746462_18278_6803_2_0_146";dur=1
content-length: 4061
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"31f7-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 748946618 730071257
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577270
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 620 KB
164 KB 38ms
14ms Script
application/x-javascript 104.74.36.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/04d4ae43-a1e6-443e-827e-1c1b15dedfca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.74.36.170 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-74-36-170.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c1f45712fc1017c00e04f809fbaf6cd1e4b0bb68072159b1f122099ec32e8a77

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 17:27:10 GMT
Content-Encoding: gzip
x-amz-request-id: 5V86GPRQ2EQNRDKN
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: GcZ/qlUX81cbebMZKxeZzbaP6OPUR5cXMdZyXlU7IEbSgV6wkblaev9Ve0di0mQ9/Blen9OAXw4=
Last-Modified: Tue, 12 Dec 2023 00:33:19 GMT
Server: AmazonS3
ETag: "b39602292d2e25beb594ba48d0d6e46a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
BLOB 200
OK c8f14b98-b235-4526-bc3f-6b79d0907478 Show response
https://www.heraldonline.com/ 380 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/c8f14b98-b235-4526-bc3f-6b79d0907478
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f606960a8939a804fd05fbd3f0b0d53512413dd9e1feb44beef6e7f0a38c5e5

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 380
Content-Type: [object object]

GET
H2 200 pdp.gif
www.heraldonline.com/obosizny-l/ 42 B
451 B 276ms
276ms Image
image/gif 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/obosizny-l/pdp.gif?k=eyJpZCI6Im1pX3RpX3JoaF82MGQxZTMwOC05Y2U0LTQxOGUtYmJlYS0zZTdjNzJkYzJlNDRfMTcwMjQwMjAzMDIzOF8xNzAyNDAyMDMwMjA3IiwiZG9tSW50ZXJhY3RpdmUiOjQ3MzgsInJlcXVlc3RTdGFydCI6MzAzNX0=
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 28010
x-cachebust
server-timing: ak_p; desc="1702402030290_400244756_79746465_26565_8531_2_0_146";dur=1
content-length: 42
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: "2a-60c4b413f1e40"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 910000676 759201887
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86400
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
BLOB 200
OK b035841f-a919-4a91-bee0-93f3588980c6 Show response
https://www.heraldonline.com/ Frame BB08 466 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/b035841f-a919-4a91-bee0-93f3588980c6
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 466
Content-Type: text/javascript

GET
BLOB 200
OK e4bf6809-8135-4c3d-b692-a1e535be0f7d Show response
https://www.heraldonline.com/ Frame E1D6 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/e4bf6809-8135-4c3d-b692-a1e535be0f7d
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d36b97832b3c94a65881f0b9f2bbcb4d2c8750f406c5094158d714e0f85d55b9

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 555
Content-Type: text/javascript

GET
BLOB 200
OK c8d5b3c1-a015-4bfe-9266-cc15635444ab Show response
https://www.heraldonline.com/ Frame 820E 590 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/c8d5b3c1-a015-4bfe-9266-cc15635444ab
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 590
Content-Type: text/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame BB08 4 KB
2 KB 11ms
3ms Script
application/javascript 18.67.111.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/b035841f-a919-4a91-bee0-93f3588980c6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-98.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:39:33 GMT
content-encoding: gzip
via: 1.1 899497b8fe71995dd517601bf8d5f77a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2
age: 82058
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lGudqZWaGa-xkV9JHM7qkipd2Ky98NP6g8KZI3LkA-NC20kksVhMzQ==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/11/ Frame E1D6
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930704/all/ml.js?cb=1642
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

148 KB
43 KB

5ms
4ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:41:33 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 17 Nov 2023 15:14:59 GMT
server: nginx
age: 78337
etag: "7c7b83c1a7aee9d99fa9f7b5fa2e2f6c"
vary: Accept-Encoding
x-cache: HIT Fri, 17 Nov 2023 15:29:12 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43804

Redirect headers

date: Tue, 12 Dec 2023 17:27:10 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-served-by: 1-gc-uswest1-t41p1031

GET
H/1.1 200
OK fullcontact.js Show response
tags.fullcontact.com/anon/ Frame 820E 36 KB
13 KB 125ms
2ms Script
application/javascript 13.35.147.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fullcontact.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/c8d5b3c1-a015-4bfe-9266-cc15635444ab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-9.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0aea5f120a20b1ea5420d77bbafc9b25243efbe5ccc44d8402d3f1c83afd5d97

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 00:53:59 GMT
Content-Encoding: gzip
Via: 1.1 d0c0855de58a470001e3701ff4871f82.cloudfront.net (CloudFront)
Last-Modified: Thu, 09 Nov 2023 23:42:42 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SYD1-C1
Age: 59591
x-amz-server-side-encryption: AES256
ETag: W/"9f9d28537ce83140b8842b560cfd887c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: ZrJaKFMICwjaTm3eyvZ1Fb1KMKTHIGsrHdBEUQuwgsBr2M3k4sgYZQ==

GET
H2

204

b2
sb.scorecardresearch.com/ Frame BB08
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702402030337&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drumm...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702402030337&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drum...

0
227 B

140ms
140ms

Image
text/plain

18.67.111.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702402030337&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&c8=404%20%7C%20Rock%20Hill%20Herald&c9=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Server: 18.67.111.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-98.syd62.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
via: 1.1 899497b8fe71995dd517601bf8d5f77a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SYD62-P2
x-amz-cf-id: CdN5NLjkg2e-Fvu_cytDUKHlqkPvJ0xOSdPlQ8Tf-ZPzozqjFR9tyw==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 12 Dec 2023 17:27:10 GMT
via: 1.1 899497b8fe71995dd517601bf8d5f77a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SYD62-P2
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702402030337&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&c8=404%20%7C%20Rock%20Hill%20Herald&c9=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html
content-length: 0
x-amz-cf-id: tuA9UUk4Lg0SIfJfjNJOUu1lFnl595V70m5gNPO48J_oJ8-poJJdfA==

GET
H2 200 t Show response
jadserve.postrelease.com/ 583 B
876 B 460ms
152ms Script
text/javascript 52.39.142.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.142.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-142-139.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f3aab042e219aedb99bfd80766f2c9797109f38fc9c1b6d11b366369ca7debd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 354
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK fc-li.js Show response
tags.fullcontact.com/anon/ Frame 820E 17 KB
7 KB 2ms
2ms Script
application/javascript 13.35.147.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fc-li.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-9.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1798f00809f57a10e52dd47948ceabfb7a5d6166ee026f06c885ec67076d4ee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 04:35:54 GMT
Content-Encoding: gzip
Via: 1.1 d0c0855de58a470001e3701ff4871f82.cloudfront.net (CloudFront)
Last-Modified: Thu, 09 Nov 2023 23:42:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SYD1-C1
Age: 46277
x-amz-server-side-encryption: AES256
ETag: W/"d8ccf84ad80ea623b93d63e307d96a7e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: AghA1L9x4aEcE2UaFUVoeIM-FCJTulcCunYpGyov_m6Lspxowq7gDw==

GET
H2 204 any Show response
idx.liadm.com/idex/unknown/ Frame 820E 0
375 B 582ms
193ms XHR
text/plain 54.82.17.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/any?duid=5fb552a76ef3--01hhfh2yw0akdzav93etvenqex

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.17.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-17-205.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 0
access-control-allow-origin: https://www.heraldonline.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: e3f1b1ad4266e90f
expires: Tue, 12 Dec 2023 18:27:10 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
136 B 209ms
209ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/woldoni.f3c4c53b5248f177286f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MGQxZTMwOC05Y2U0LTQxOGUtYmJlYS0zZTdjNzJkYzJlNDQiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsInZpc2l0X251bWJlciI6MSwiZGV2aWNlX3Btb2RlIjoiMSIsImRldmljZV9vcmllbnRhdGlvbiI6InVuc3VwcG9ydGVkIiwiZGV2aWNlX3NjcmVlbl9zaXplIjoiMTYwMHgxMjAwIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzYiLCJmbGFnX2tleSI6InVzYWdlIiwiZGF0ZSI6IjIwMjMtMTItMTMifX0=

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 42
x-served-by: cache-bne12527-BNE
x-timer: S1702402030.489856,VS0,VE196
x-amzn-trace-id: Root=1-657897ee-101a9da57a454247279fb280
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 13ms
13ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 2531
cache-control: no-store
content-length: 0
date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65788e0b-69ecdc055445e3895b4e095d
x-cache: HIT
x-cache-hits: 37
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1702402030.476180,VS0,VE0

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 158ms
157ms Fetch
application/json 54.186.140.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/escenic.4a15e7da5bce16407422.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.140.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-140-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

6476e58a4c7d9ff8db9644253184c9c562608d6c736f8dd536766b8431074892

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-657897ee-78329d7b48b4d42b47e538e8
content-length: 94

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 161ms
152ms Preflight 54.186.140.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.140.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-140-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame E1D6 43 B
245 B 854ms
208ms Image
image/gif 54.198.156.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&ptype=other&pubname=The%20Herald&sec=404&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=all&tid=7f88bcb5-61c6-48fe-ae73-544de3e92c3d&pid=9254b2c3-d556-4320-a7b8-fa20a68835aa&dtm=1702402030746&qnm=_matherq&visible=1&tabid=42ca07f4-8491-45f7-8f91-87d5e1581215&refr=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&vrefr=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&vp=0x0&ds=0x0&tofa=1702402031&vid=1&lvidt=1702402031&duid=3c74b617-93f1-4aa5-84ca-997b314920c2&fp=1459282124&cid=ma12095&mrk=74930704&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwMjQwMjAyNTQ5NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMi43bWIiLCJoZWFwVCI6IjE3LjFtYiIsImZzdFBhaW50IjoiNDY2NyIsImZldGNoUyI6IjE2ODgiLCJkb21haW5TIjoiMzAyOSIsImRvbWFpbkUiOiIzMDI5IiwiY29ublMiOiIzMDI5IiwiY29ubkUiOiIzMDM1Iiwic3NsUyI6IjMwMzAiLCJyZXF1UyI6IjMwMzUiLCJyZXNwUyI6IjM4MzgiLCJyZXNwRSI6IjQzMjUiLCJkb21Mb2FkIjoiMzg0MSIsImRvbUludGVyIjoiNDczOCIsImRvbUxvYWRTIjoiNDczOCIsImRvbUxvYWRFIjoiNDc0MSJ9fQ
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-156-105.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 12 Dec 2023 17:27:11 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
BLOB 200
OK 1b9d8a6c-872e-4cb9-bd07-17291d03e064 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/1b9d8a6c-872e-4cb9-bd07-17291d03e064
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cef520e87f175cf9975e154c4fb8a57588da364ceebc7a5bc9367cf77e1c7837

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 7f27e696-600a-4d75-88e0-ff46e27d2075 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/7f27e696-600a-4d75-88e0-ff46e27d2075
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 320e2129ea93a85bfcb9c295c9eb7194a47c67f57297b7162cd25b9e6b492cc1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 cookie-consent.css
cdn-prod.securiti.ai/consent/ 45 KB
8 KB 801ms
161ms Stylesheet
text/css 18.244.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent.css

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/danelei.336fd3ad77c4b34d4f13.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.214.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-214-70.sfo53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6eebacb4467fcf863339daac6eb21e851dabb9ee73cd7c038e5cd7f5e9e375dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: mjoXmATxr_7msE.3o5daxeoPFyEQaPei
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Tue, 12 Dec 2023 16:47:35 GMT
via: 1.1 546f1a6cf093f647d0add0b2e5d6ccf4.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P4
x-amz-server-side-encryption: AES256
age: 2376
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 05 Dec 2023 04:01:24 GMT
server: AmazonS3
etag: W/"36b0f5e23b1b5d81ff8822d2c317bc2d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-amz-cf-id: b4OA5DzFQMLlo7caMJhCz9TCNyGHu1X0i0FzHfkak-pDCuoegLlNdw==

GET
H2 200 cookie-consent-sdk.js Show response
cdn-prod.securiti.ai/consent/ 342 KB
74 KB 826ms
186ms Script
text/javascript 18.244.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/danelei.336fd3ad77c4b34d4f13.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.214.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-214-70.sfo53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

56ba66ae09f81233fc0266d0f1752d3f82a866263c7a764755fa2230c8690207

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 1kNnS36PVEb3U5Q6Ic_N9iWrP85OOJcs
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Tue, 12 Dec 2023 16:57:11 GMT
via: 1.1 546f1a6cf093f647d0add0b2e5d6ccf4.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P4
x-amz-server-side-encryption: AES256
age: 1801
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 05 Dec 2023 04:01:20 GMT
server: AmazonS3
etag: W/"07df42af6f2cbc0b53ad415ce030e2bf"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: qAKTDI6DB3ye_vOjhBGV9e5VnK3N3Ctj1MqYeYJyEAmG9F3MqMiKSw==

GET
BLOB 200
OK cbbcb62d-e570-4b4b-8586-f8eeacf11869 Show response
https://www.heraldonline.com/ 352 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/cbbcb62d-e570-4b4b-8586-f8eeacf11869
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16641e198d58b0c43813964dabb6b8812174ddd1e55c949c7aea9a9437a85c27

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 352
Content-Type: [object object]

GET
BLOB 200
OK cfcaef9c-bf60-40df-9568-eeea2d754b0d Show response
https://www.heraldonline.com/ Frame CF34 596 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/cfcaef9c-bf60-40df-9568-eeea2d754b0d
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b761595301fa26ec4432de9381a708a5adc5828747d678bc1c49418749c58be7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 596
Content-Type: text/javascript

GET
BLOB 200
OK 6b0ffc1b-f32d-4064-95dc-c746378a2ba0 Show response
https://www.heraldonline.com/ Frame 59A7 385 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/6b0ffc1b-f32d-4064-95dc-c746378a2ba0
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9984c8c2db6be88394af7aaea6a3e815012cc4b6a3579bdb76919a3bd0ec0f3

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 385
Content-Type: text/javascript

GET
BLOB 200
OK bc7b8af6-f201-4e84-9c59-ce74150ae9bd Show response
https://www.heraldonline.com/ Frame B8E1 724 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/bc7b8af6-f201-4e84-9c59-ce74150ae9bd
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 724
Content-Type: text/javascript

GET
BLOB 200
OK a7190162-263b-4b67-83f4-b8b5fcb10f2b Show response
https://www.heraldonline.com/ Frame 6E54 510 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/a7190162-263b-4b67-83f4-b8b5fcb10f2b
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 510
Content-Type: text/javascript

GET
BLOB 200
OK 32a57663-6169-42b0-b514-314a7ecf1794 Show response
https://www.heraldonline.com/ Frame 2AE5 464 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/32a57663-6169-42b0-b514-314a7ecf1794
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 147a18f3a2fbe9c12fc39f4306937fd3ffb54e152a59bd1060ec4cfa2febad31

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 464
Content-Type: text/javascript

GET
BLOB 200
OK 7de42792-69f4-4b3e-89c0-f68460d7876c Show response
https://www.heraldonline.com/ Frame 4CA0 893 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/7de42792-69f4-4b3e-89c0-f68460d7876c
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa99de6d76b0339e7722df6cac60707d2dcc3cb33fc41e5d8788d78be7429683

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 893
Content-Type: text/javascript

GET
H2 200 pageLoad.67a75277cf2caf566009.js Show response
www.heraldonline.com/obosizny-l/ 132 KB
42 KB 18ms
16ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/pageLoad.67a75277cf2caf566009.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/1b9d8a6c-872e-4cb9-bd07-17291d03e064
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f52ff0863c005ee866912807e87887282b324892db804b1145cf062f3425b77a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 13640
x-cachebust
server-timing: ak_p; desc="1702402030885_400244756_79746540_765_6987_1_0_146";dur=1
content-length: 42719
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"21192-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 250678414 211455153
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=584102
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 hanealneh.3cef17415a2c57b29609.js Show response
www.heraldonline.com/obosizny-l/ 217 KB
61 KB 777ms
775ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/hanealneh.3cef17415a2c57b29609.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/7f27e696-600a-4d75-88e0-ff46e27d2075
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 583f202784d59e3cc69a3792597ba76badce873397471352ae01aca339740637

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 34060
x-cachebust
server-timing: ak_p; desc="1702402030893_400244756_79746541_75996_6047_4_0_146";dur=1
content-length: 62034
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"36226-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 369461780 226526296
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604774
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.heraldonline.com/obosizny-l/ 42 B
460 B 274ms
272ms Image
image/gif 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/obosizny-l/pdp.gif?k=eyJpZCI6Im1pX3RpX3JoaF82MGQxZTMwOC05Y2U0LTQxOGUtYmJlYS0zZTdjNzJkYzJlNDRfMTcwMjQwMjAzMDU0Ml8xNzAyNDAyMDMwMjA3IiwibG9hZEV2ZW50U3RhcnQiOjUzMzR9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 28081
x-cachebust
server-timing: ak_p; desc="1702402030892_400244756_79746542_25718_6811_5_0_146";dur=1
content-length: 42
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: "2a-60c4b413f1e40"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 591103880, 1013121656 864683407
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86400
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tag.aspx Show response
ml314.com/ Frame CF34 31 KB
10 KB 125ms
3ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1311
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/cfcaef9c-bf60-40df-9568-eeea2d754b0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:09:56 GMT
via: 1.1 google
content-encoding: br
age: 1035
x-guploader-uploadid: ABPtcPoiFjekd4QNEHA1Q_Jwdq3Jcpeor8SobUESm3cP2U8wRkcStGjohGr8xw9W-RLVMXRWDrF-v_6FFIXmS84Pf2qaR_nCQ_D1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10209
last-modified: Fri, 12 May 2023 18:40:12 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1683916812364920
x-goog-hash: crc32c=mZ+Z9w==, md5=kd+C792N6TsjSfrrJlopCg==
content-type: application/javascript
cache-id: SYD-85eb07e
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: bytes

GET
H2 200 a-01ef Show response
b-code.liadm.com/ Frame 59A7 47 KB
15 KB 316ms
3ms Script
application/javascript 18.67.111.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01ef
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/6b0ffc1b-f32d-4064-95dc-c746378a2ba0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-71.syd62.r.cloudfront.net
Software: /
Resource Hash: 7422a85a653f74d6aca8bdbdfd81886dba02cc32a08587d3be883d8e67ee6923

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:16:55 GMT
content-encoding: gzip
via: 1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 22216
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: ilurX2rskUad19Uqfl9V6N-kH-u3slTWTHUaVxbGwv-lvby7XFTezQ==

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ Frame B8E1 18 KB
7 KB 630ms
210ms Script
text/javascript 54.197.68.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/bc7b8af6-f201-4e84-9c59-ce74150ae9bd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.68.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-68-230.compute-1.amazonaws.com
Software: /
Resource Hash: e8c774f42783bb8da914e19bf6948525c9c2b1265236b7dc7533f04428c886be

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 17:27:11 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 htlbid.css
htlbid.com/v3/heraldonline.com/ 3 KB
675 B 426ms
228ms Stylesheet
text/css 18.67.93.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/heraldonline.com/htlbid.css
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/netdale.6e4c5fbbafe12d36d61c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-116.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:12 GMT
content-encoding: br
via: 1.1 4279a60193243ca3cf62feedc7fe581e.cloudfront.net (CloudFront)
last-modified: Thu, 30 Nov 2023 14:35:24 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256
etag: W/"6079441ba3e393b1ed99fc06f4fd2fea"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: qjzXQRH35Ze-XpOmVteXxTKIO47xsEiePreJwMPCAjids4-ZM2JEoQ==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/heraldonline.com/ 526 KB
140 KB 4734ms
4537ms Script
application/javascript 18.67.93.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/netdale.6e4c5fbbafe12d36d61c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-116.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5d0343dcc66a7e49d2d672b4c4a9e751f91c8be8260f112b2707a2f9c1c18ef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:12 GMT
content-encoding: br
via: 1.1 4279a60193243ca3cf62feedc7fe581e.cloudfront.net (CloudFront)
last-modified: Thu, 30 Nov 2023 14:35:24 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
etag: W/"d7a7845d8726c81b440f97bb06c1210b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: nO7fIcrUXsCwiiLFu8ukGMHbK01Z2hUJqneNOq1nueTLFMQIrJJ8-w==

GET
BLOB 200
OK a08b723b-0011-4f06-bc8c-258963f5a14f Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/a08b723b-0011-4f06-bc8c-258963f5a14f
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 752f9ae0f49762a02dd5007e2fdba28577f443db48515c38089f6e764257db04

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/ Frame 6E54
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1702402030894
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1702402030894&ja=1

44 B
424 B

3ms
3ms

Image
image/gif

54.253.168.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1702402030894&ja=1
Protocol: H2
Server: 54.253.168.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-168-253.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:10 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:10 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1702402030894&ja=1
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 29 B
192 B 208ms
208ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/woldoni.f3c4c53b5248f177286f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
X-Amp-Exp-Flag-Keys: WyJ6b25lLWNvbnRlbnQiXQ==
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MGQxZTMwOC05Y2U0LTQxOGUtYmJlYS0zZTdjNzJkYzJlNDQiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2Iiwic29waGlfdGVzdHMiOlt7InRlc3RJZCI6InB3OmFydGljbGU6dGVzdDVfYWJjIiwidGVzdEdyb3VwIjoidmFyaWFudCJ9XSwiZmxhZ19rZXkiOiJ6b25lLWNvbnRlbnQiLCJkYXRlIjoiMjAyMy0xMi0xMyJ9fQ==

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 49
x-served-by: cache-bne12527-BNE
x-timer: S1702402031.916679,VS0,VE195
x-amzn-trace-id: Root=1-657897ef-43d277a968a4e05f41a22121
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 13ms
13ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 2531
cache-control: no-store
content-length: 0
date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65788e0b-69ecdc055445e3895b4e095d
x-cache: HIT
x-cache-hits: 38
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1702402031.902594,VS0,VE0

GET
BLOB 200
OK e2479df2-9fd6-4fa7-804e-fa14e7f692de Show response
https://www.heraldonline.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/e2479df2-9fd6-4fa7-804e-fa14e7f692de
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83a95fc7585a29759eaa3e36230c44fc205b8057b8f1830ed1cf932489fcc894

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 436 B
440 B 216ms
215ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/woldoni.f3c4c53b5248f177286f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5456ae17e8a7d0418a01fbb4ff0b0e15178009479861742a9874beea46ba1f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MGQxZTMwOC05Y2U0LTQxOGUtYmJlYS0zZTdjNzJkYzJlNDQiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2Iiwic29waGlfdGVzdHMiOlt7InRlc3RJZCI6InB3OmFydGljbGU6dGVzdDVfYWJjIiwidGVzdEdyb3VwIjoidmFyaWFudCJ9XSwiZGF0ZSI6IjIwMjMtMTItMTMifX0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 294
x-served-by: cache-bne12527-BNE
x-timer: S1702402031.920557,VS0,VE203
x-amzn-trace-id: Root=1-657897ef-0850f0fc0de3fba941eb125a
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 13ms
11ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 2531
cache-control: no-store
content-length: 0
date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65788e0b-69ecdc055445e3895b4e095d
x-cache: HIT
x-cache-hits: 39
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1702402031.906941,VS0,VE0

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame 2AE5 21 KB
9 KB 827ms
174ms Script
application/javascript 103.229.10.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/32a57663-6169-42b0-b514-314a7ecf1794
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 19 Dec 2023 17:27:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4CA0 186 KB
68 KB 515ms
117ms Script
application/javascript 142.250.204.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48284889-1

Requested by

Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/7de42792-69f4-4b3e-89c0-f68460d7876c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3f2282cd50f32942deea9adb34fd29ab026c03f9de8558d7ad55a622f556dbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68986
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Dec 2023 17:27:11 GMT

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 155ms
155ms Preflight 54.186.140.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.140.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-140-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Tue, 12 Dec 2023 17:27:10 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 158ms
158ms Fetch
application/json 54.186.140.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/escenic.4a15e7da5bce16407422.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.140.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-140-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

2d6bb8fc8403b733dcdb4e554accb225fbe83d4e707418f73a8e41fd5fdd4cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-657897ef-267305bd377d78717fc31453
content-length: 94

GET
H2 200 tehi.5a6291988cfffcb75d00.js Show response
www.heraldonline.com/obosizny-l/ 6 KB
3 KB 17ms
16ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/tehi.5a6291988cfffcb75d00.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/a08b723b-0011-4f06-bc8c-258963f5a14f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 524735aefc06518dbb80ef21a645965e9e31909609ceec0e45ecf0e827eb6cf1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 13599
x-cachebust
server-timing: ak_p; desc="1702402030906_400244756_79746546_757_7184_1_0_146";dur=1
content-length: 2138
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"16d7-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 266766569 225444525
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=584102
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 parsely.d44a65dd20ef6f583be1.js Show response
www.heraldonline.com/obosizny-l/ 5 KB
2 KB 18ms
18ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/parsely.d44a65dd20ef6f583be1.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/e2479df2-9fd6-4fa7-804e-fa14e7f692de
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 168e4013f995095102fdb7f573944774c6f17be5365427a5e7d8106272fbaaff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:10 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6842
x-cachebust
server-timing: ak_p; desc="1702402030913_400244756_79746549_96_6917_1_0_146";dur=1
content-length: 1764
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"12a4-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 604340699 563185344
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577299
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 6f8a85bd-4c38-4e00-a378-e173547dc267 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/6f8a85bd-4c38-4e00-a378-e173547dc267
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2deba40487a51cfd4bdcb4f2ba909b66ed848e73682ebe48b6cd3499b7114ed2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 p.js Show response
cdn.parsely.com/keys/heraldonline.com/ 66 KB
23 KB 18ms
4ms Script
application/javascript 18.67.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/heraldonline.com/p.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/6f8a85bd-4c38-4e00-a378-e173547dc267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-97-57.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 7e6f46b7bac7345de8666b80d10084702f163727054cec5707958b21c03eecb2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: public
date: Mon, 11 Dec 2023 19:49:49 GMT
content-encoding: gzip
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 18:59:58 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 77841
etag: W/"620d49ae-1070c"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: Z_5QKRYypbAnydy7vbzmDKfMcDiQLvGGcoBxeObo7amFhg04Tt7z4Q==
expires: Tue, 12 Dec 2023 19:49:49 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 604ms
150ms Image
image/gif 44.242.33.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1702402030961&plid=72689095&idsite=heraldonline.com&url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&sref=&sts=1702402030956&slts=0&title=404+%7C+Rock+Hill+Herald&date=Wed+Dec+13+2023+01%3A27%3A10+GMT%2B0800+(Australian+Western+Standard+Time)&action=pageview&pvid=67496860&u=pid%3De4ba65ecaeaf65b7b9fdbc502211a8ad
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.33.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-33-86.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 17:27:11 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 12-Dec-2023 17:27:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame CF34 535 B
1 KB 28ms
27ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88280&ct=js&pi=&fp=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&pv=1702402031016_f0idcc32s&bl=en-us&cb=6967460&return=&ht=&d=&dc=&si=1702402031016_f0idcc32s&cid=mi_ti_rhh_60d1e308-9ce4-418e-bbea-3e7c72dc2e44_1702402030542_1702402030207&s=1600x1200&rp=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&v=2.5.3.51
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: df63876ad6379f2977e7abdd1302bc6b3f97ad7808ccdcdcafed334af92edff8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:11 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame CF34
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640584906208706560&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640584906208706560&redir=

42 B
716 B

195ms
195ms

Image
image/gif

54.86.156.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640584906208706560&redir=

Protocol

Server

54.86.156.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-156-123.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-09dbedb17.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Tue, 12 Dec 2023 17:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: aN+tVPtTTF0=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-085f0cb8d.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Tue, 12 Dec 2023 17:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Hj2CeswdRl4=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640584906208706560&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

utsync.ashx
ml314.com/ Frame CF34
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=e69ba750-9c5f-4bdf-a950-70b39bc43fc0&gdpr=0&gdpr_consent=

43 B
330 B

39ms
39ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=e69ba750-9c5f-4bdf-a950-70b39bc43fc0&gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:11 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0,Wed, 13 Dec 2023 17:27:11 GMT

Redirect headers

location: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=e69ba750-9c5f-4bdf-a950-70b39bc43fc0&gdpr=0&gdpr_consent=
date: Tue, 12 Dec 2023 17:27:11 GMT
server: Kestrel
content-length: 241

GET
H3

200

csync.ashx
ml314.com/ Frame CF34
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640584906208706560
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640584906208706560
https://ml314.com/csync.ashx?fp=c16f3e3db34e55a1a1a39631d80e2fdb&eid=50146&person_id=3640584906208706560

43 B
56 B

30ms
30ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=c16f3e3db34e55a1a1a39631d80e2fdb&eid=50146&person_id=3640584906208706560
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Wed, 13 Dec 2023 17:27:11 GMT
date: Tue, 12 Dec 2023 17:27:11 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=c16f3e3db34e55a1a1a39631d80e2fdb&eid=50146&person_id=3640584906208706560
cache-control: no-cache
x-server: 10.42.9.1
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame CF34
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2TC8PZmLzWDXo9AnfgtYppzf5ZsO1h5WJBcVFCCXAuc0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=2TC8PZmLzWDXo9AnfgtYppzf5ZsO1h5WJBcVFCCXAuc0&person_id=3640584906208706560&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

5ms
5ms

Image
image/gif

54.153.211.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Protocol: HTTP/1.1
Server: 54.153.211.209 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 12 Dec 2023 17:27:11 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date: Tue, 12 Dec 2023 17:27:11 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
x-cloud-trace-context: 6ba110e29c5d34bdea1a45766366bceb
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Wed, 13 Dec 2023 17:27:11 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16115/ Frame 820E 39 KB
12 KB 63ms
2ms Script
text/javascript 18.67.111.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16115/sync.min.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-60.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d17e9fe9a43c70a5f0f9116f55f5bcef2c9131d08a5a22bf35542ff193605b4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:19:46 GMT
content-encoding: gzip
via: 1.1 7bbccbab99aa927533c5da8ccfb22e02.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:48:15 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2
age: 83246
x-amz-server-side-encryption: AES256
etag: W/"d693fca6c67d287a6887ed6b09fc4574"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 52qIyU31fUBl6BU1MhRJTCNcZbJm0S95s4eQnDiTBMQvKrGodbKpIw==

GET
BLOB 200
OK b5ab0236-f469-4419-91c3-cb7216d8bc0b Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/b5ab0236-f469-4419-91c3-cb7216d8bc0b
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30996b95b3e744a2122ad1a003d33bd79e95b0a139653cf036a0f0c53959aa27

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 157ms
156ms Fetch
application/json 54.186.140.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/escenic.4a15e7da5bce16407422.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.140.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-140-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

0432fd7eded99738858707d696559170f6838bed35bb639b1a9aaa6173b62ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-657897ef-58da74f97d086fa946989009
content-length: 94

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 153ms
152ms Preflight 54.186.140.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.140.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-140-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Tue, 12 Dec 2023 17:27:11 GMT
strict-transport-security: max-age=15768000

GET
H2 200 iterate.789d90388a33182d4206.js Show response
www.heraldonline.com/obosizny-l/ 2 KB
1 KB 10ms
10ms Script
application/javascript 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/iterate.789d90388a33182d4206.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/b5ab0236-f469-4419-91c3-cb7216d8bc0b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e3b905a0878274b4486ce276be79c4409305e83ae0a836e444b6c5a17d37f686

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6841
x-cachebust
server-timing: ak_p; desc="1702402031136_400244756_79746579_50_7556_6_0_146";dur=1
content-length: 1057
last-modified: Tue, 12 Dec 2023 07:46:57 GMT
server: MI
etag: W/"6d1-60c4b413f1e40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 758022789 726991720
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=577292
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 j Show response
rp.liadm.com/ Frame 59A7 49 B
373 B 1168ms
210ms XHR
application/json 54.84.121.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?dtstmp=1702402031337&aid=a-01ef&se=e30&duid=5fb552a76ef3--01hhfh2yw0akdzav93etvenqex&tna=v2.11.2&pu=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&wpn=lc-bundle&c=PHRpdGxlPmxjcHg8L3RpdGxlPg
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01ef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.121.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-121-54.compute-1.amazonaws.com
Software: /
Resource Hash: 4dcc62412f680047c746e6a01da8df55975d718dc3b1e892404ea8703960442a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:12 GMT
x-pixel-event-id: c1898898-7346-48bf-b247-d8f79d345cdf
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.heraldonline.com
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 49

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 820E 156 B
538 B 592ms
186ms XHR
application/json 13.251.194.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16115/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.194.25 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-194-25.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6b8bf8ded904c595022cb4d828ba37914dc0912fd89940f5a74819325d6c647d

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache
x-server: 10.42.18.123
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 sa.css
tags.srv.stackadapt.com/ Frame B8E1 65 B
203 B 208ms
207ms Stylesheet
text/css 54.197.68.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.68.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-68-230.compute-1.amazonaws.com
Software: /
Resource Hash: e274750420dcb24fdf142f28233abce8e75a37b5e1799bc2d3592e270b480a84

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 17:27:11 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ Frame B8E1 0
2 KB 623ms
208ms Fetch
image/jpeg 54.197.68.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.68.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-68-230.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 17:27:12 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4CA0 236 KB
82 KB 134ms
133ms Script
application/javascript 142.250.204.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D839QB0JXN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48284889-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ee696bcd360cf214c0e7dba6e852fc9cbd1aa737df2a37c620103018c9b12130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 17:27:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 4CA0 52 KB
21 KB 401ms
2ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48284889-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 17:16:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 633
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Dec 2023 19:16:38 GMT

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame 2AE5 1 KB
1 KB 343ms
2ms Script
application/javascript 13.224.181.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.181.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-181-10.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 16:34:56 GMT
content-encoding: gzip
via: 1.1 59c28089b3545e4c431888bcebce405c.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C2
age: 3554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:15:13 GMT
server: AmazonS3
etag: W/"52f4ba3839d01c1dbb310f6ef96bde89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: ePXqYkS3a1u5ikKErWVXDSd6ebb5U0Mzp5U9oiRfJFtoUj9MRLPBuA==

GET
H2 200 en.json Show response
cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/58f030b0-87c4-4179-90a5-ddff721a27f2/ 182 KB
50 KB 769ms
169ms XHR
application/json 18.244.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/58f030b0-87c4-4179-90a5-ddff721a27f2/en.json

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.214.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-214-70.sfo53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

809a37bd42adff1c5c0e4f42d93c88fd205c1a341c90de56276797b47c7ffaa6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: bqhJWLj.Xo4RoVaJr.nV1zfWl6IqIGHx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Tue, 12 Dec 2023 13:53:33 GMT
via: 1.1 f974c40327cd46f5ebab9861d3047aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P4
x-amz-server-side-encryption: AES256
age: 12944
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 21 Jul 2023 18:46:23 GMT
server: AmazonS3
etag: W/"ecf2842bd381e66ad85cc1f105e4566c"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY
cache-control: public,max-age=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 9BA8osxwZWTD1rOIMLWYSfX5-sbfZ0_afdu4toQ4yUg2KcK4p0Z68Q==

GET
H2 200 location Show response
app.securiti.ai/core/v1/utils/geo/ 861 B
1 KB 426ms
142ms XHR
application/json 3.33.255.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/core/v1/utils/geo/location

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.255.181 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aedf1f689f9b4287e.awsglobalaccelerator.com

Software

Resource Hash

61147ade1da9b49ebbc02138d3e14ec13762c12aa9f3a837e55e7ebe01bdd5fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:12 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
content-length: 861
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content webtag.rtp
api.fullcontact.com/v3/ Frame 820E 0
0 879ms
221ms Fetch 54.208.70.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.rtp?webtagKey=qfQjd8yL44YJ9qx0nsFWouHROW5oUoaj

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.70.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-70-34.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Date: Tue, 12 Dec 2023 17:27:12 GMT
X-Content-Type-Options: nosniff
X-Rate-Limit-Limit: 300
X-Rate-Limit-Remaining: 300
X-FullContact-RateDelay: 0
Connection: keep-alive
X-XSS-Protection: 1
X-FC-RID: da80de30-65af-4faf-83df-d2bce3b40a2c
Referrer-Policy: same-origin
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin, Origin
X-Frame-Options: sameorigin
Access-Control-Allow-Origin: https://www.heraldonline.com
X-Rate-Limit-Reset: 60
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex,nofollow

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ Frame B8E1 141 B
339 B 214ms
214ms XHR
text/plain 54.197.68.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw,%20hXFHelqg_0qGLqDaoIkgLQ,%20GHZN9LleKWz0uNsDtvQTcQ&is_js=true&landing_url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&t=sapx&tip=7v1kiXZ-X1AjioqwfPjMYl07xOyGa_h_aNQFJvCHyLM&host=https%3A%2F%2Fwww.heraldonline.com&sa-user-id-v3=s%253AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EHwYBCDvr-KrBjABOgQtwj9GQgQokEXK.f6qyDptaBFA2vrCTkSw2ni9frpmfvf3wsB2%252BnHWUExU&sa-user-id-v2=s%253AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao&sa-user-id=s%253A0-4f924675-93a1-596c-7da8-efeb2dbc1690.8S6NTx51zXfmrng2kA7Gz1FHLMWcmx3RD44TlEbytLo
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.68.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-68-230.compute-1.amazonaws.com
Software: /
Resource Hash: 9767a15f0fe9626f2b1c6a03d34c87768bc3866488f231624cdecf8f2d9323b2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.heraldonline.com
date: Tue, 12 Dec 2023 17:27:12 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 141
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 pixel;r=919441741;labels=RHH;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html;ref=https%3A%2F%2Fwww.heraldonline.com%2F...
pixel.quantserve.com/ Frame 2AE5 35 B
371 B 192ms
176ms Image
image/gif 103.229.10.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=919441741;labels=RHH;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html;ref=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html;uht=2;fpan=1;fpa=P0-1922740154-1702402031764;pbc=;ns=1;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;d=heraldonline.com;dst=0;et=1702402032112;tzo=-480;ogl=;ses=91c8ea83-f746-4363-a12f-060ab00a529c;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 404 webpush_desktop_.svg Show response
www.heraldonline.com/obosizny-l/messaging/ 26 KB
27 KB 297ms
297ms XHR
text/html 23.52.224.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/obosizny-l/messaging/webpush_desktop_.svg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/heraldonlinecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.224.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-224-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0daa8d82b251242677bab38547bbe7f7695e9e156b9e730dc95877564ab7cec8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1702402032436_400244756_79746780_27223_7414_1_0_219";dur=1
content-length: 26792
mi-api: WPS
last-modified: Tue, 12 Dec 2023 17:27:12 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "68a8-pa9ceLKI2YDTPbMFW3WUOQseHUk"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html;charset=utf-8
x-varnish: 944670464, 914916117
access-control-allow-origin: *
access-control-allow-credentials: false
x-robots-tag: noindex, nofollow
access-control-allow-headers: *

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 308 B
462 B 986ms
986ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/obosizny-l/hanealneh.3cef17415a2c57b29609.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

12eec45f0b78884f3d84ce262d2a8abb1048c8c3ba163977db286268cb46400a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 30b0c496-3d79-4a2d-9171-8ac43e5917bc
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/json
Referer: https://www.heraldonline.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 12 Dec 2023 17:27:13 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: f8149520-47f0-45e7-bf95-b3075dbd196d
x-served-by: cache-bne12528-BNE
x-runtime: 0.036495
etag: W/"12eec45f0b78884f3d84ce262d2a8abb"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 396ms
247ms Preflight 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Tue, 12 Dec 2023 17:27:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-bne12528-BNE

GET
H/1.1 200
OK a-01ef Show response
i.liadm.com/s/c/ Frame C9A5 583 B
864 B 1282ms
213ms Document
text/html 34.200.116.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01ef?duid=5fb552a76ef3--01hhfh2yw0akdzav93etvenqex&euns=0&s=&version=v2.11.2&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.200.116.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-116-119.compute-1.amazonaws.com

Software

Resource Hash

ead6e2801dc33d6f9fd61e347cdcc076fca551033d18d008be9eb717f10da7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 413
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Dec 2023 17:27:13 GMT
Request-Time: 4
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 baker
sli.heraldonline.com/ Frame 59A7 0
309 B 1105ms
3ms Image
image/gif 18.67.111.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.heraldonline.com/baker?dtstmp=1702402032510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-4.syd62.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:13 GMT
via: 1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SYD62-P2
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 0
x-amz-cf-id: h86BjzYxaY4hgmG074xBC1Gav5hDL3sB4yEdKKBeomjoA1fVdiRXNg==

OPTIONS
H2 200 singleupload
app.securiti.ai/privaci/v1/consent/cookie/ Frame 0
0 141ms
141ms Preflight 3.33.255.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.255.181 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aedf1f689f9b4287e.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-auth-token
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID,x-api-secret,x-tident,x-api-key
access-control-allow-origin: https://www.heraldonline.com
access-control-request-method: POST
content-length: 0
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date: Tue, 12 Dec 2023 17:27:12 GMT
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 singleupload Show response
app.securiti.ai/privaci/v1/consent/cookie/ 67 B
405 B 166ms
165ms XHR
application/json 3.33.255.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.255.181 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aedf1f689f9b4287e.awsglobalaccelerator.com

Software

Resource Hash

f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
X-Auth-Token: 1f80a5d5-be36-4f81-82b0-03e0ae01b509
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 12 Dec 2023 17:27:13 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
content-length: 67
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK webtag.resolve
api.fullcontact.com/v3/ Frame 0
0 296ms
296ms Preflight
text/plain 54.208.70.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=qfQjd8yL44YJ9qx0nsFWouHROW5oUoaj

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.70.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-70-34.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, PUT, PATCH, POST, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: https://www.heraldonline.com
Access-Control-Max-Age: 3600
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Content-Type: text/plain
Date: Tue, 12 Dec 2023 17:27:13 GMT
Referrer-Policy: same-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-FullContact-RateDelay: 84
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1

POST
H/1.1 204
No Content webtag.resolve
api.fullcontact.com/v3/ Frame 820E 0
0 213ms
213ms Fetch 54.208.70.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=qfQjd8yL44YJ9qx0nsFWouHROW5oUoaj

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.70.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-70-34.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Date: Tue, 12 Dec 2023 17:27:13 GMT
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Vary: Origin, Origin
X-Frame-Options: sameorigin
Access-Control-Allow-Origin: https://www.heraldonline.com
Access-Control-Allow-Credentials: true
X-FullContact-RateDelay: 0
Connection: keep-alive
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C9A5 43 B
363 B 738ms
180ms Image
image/gif 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ef?duid=5fb552a76ef3--01hhfh2yw0akdzav93etvenqex&euns=0&s=&version=v2.11.2&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:13 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 283561
expires: Tue, 12 Dec 2023 00:00:00 GMT

GET
H/1.1 204
No Content a-01ef
i6.liadm.com/s/c/ Frame C9A5 0
169 B 1072ms
193ms Image
text/plain 44.205.176.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/c/a-01ef?duid=5fb552a76ef3--01hhfh2yw0akdzav93etvenqex&version=v2.11.2&s=&euns=0

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ef?duid=5fb552a76ef3--01hhfh2yw0akdzav93etvenqex&euns=0&s=&version=v2.11.2&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.205.176.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-176-247.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 17:27:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Request-Time: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 641ms
145ms Script
text/javascript 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

92994d6813041797a378ea4a85c09628aecdaf57a9918c3e6d8e95b8009b6386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29315
x-xss-protection: 0
server: cafe
etag: 760 / 19703 / m202312060101 / config-hash: 11945328006728168793
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 17:27:16 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 157 KB
35 KB 583ms
269ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bd11f89a6f79c3862936ff226aefc450c0799a9b8a1a42604d940c89137cd2f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:16 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Dec 2023 14:03:14 GMT
server: cloudflare
x-amz-request-id: QHJ2F1WVH3AN756R
etag: W/"87b7aebb76dfaa29984a6bf4bdfd1c05"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 8347ad55399ea93b-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RY7wdBXBoJnIYlP9qf/wX0DSfE2i9oQ+atKG8fkrhUNohIy6Vu7Uy219LmOmHCqV9d3Mb+LuC4eh9xRAXD/WlA==

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/ 7 KB
2 KB 15ms
2ms Script
text/javascript 13.224.181.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.181.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-181-72.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 551af58c2ce33c58ebc151a61b8d1d28e54ab9ce177d4fac749f0ebc50054cb9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: twZfULaLCuSu6sSf4IfyYxlioNp6VjIQ
content-encoding: gzip
via: 1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 10:50:04 GMT
x-amz-cf-pop: SYD1-C2
age: 23833
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 07 Aug 2023 19:00:29 GMT
server: AmazonS3
etag: W/"61173248aacab39adcbf53d6edf6a13d"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: y7QoqjVs_AUrz0hFGxWslTsJmECX8qd09ZqpwPnO-wTNYZXRzJmCGA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 36ms
2ms Script
application/javascript 18.67.113.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.113.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-113-158.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 16:30:21 GMT
content-encoding: gzip
via: 1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront), 1.1 dc7f2062b70b5b710c1b09d21b43f900.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 20:35:29 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2, SYD62-P2
age: 3415
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 0ZPhpgKAMcTi3lk3kFIgCM9rY3CtqQLq1I5RLVepEikZzMeueBFzbw==

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 126 KB
26 KB 37ms
3ms Script
application/x-javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding: br
via: 1.1 212ddd6c8eb82cf3007eedad5f05dca8.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 17:01:34 GMT
last-modified: Tue, 12 Dec 2023 13:01:22 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 1541
x-amz-server-side-encryption: AES256
etag: W/"6f5acc886b373331d622309f643f2f89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: EOuUfRzUpHAGkviPBg1JP9hh2yecpB7WNjrBJY6V-dwEKPsXlw4E3g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 15ms
7ms XHR
application/javascript 18.67.113.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.113.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-113-158.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 d3f1182213e75f053a9e7404f079d540.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 17:27:15 GMT
x-amz-cf-pop: SYD62-P2
age: 74289
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: QT1_9I8Br3hk34ip-52l4MAe6GI7loD-65vLH_8PmhZ3-MLvZ4odhg==

GET
H2 200 / Show response
geo.privacymanager.io/ 31 B
609 B 148ms
147ms Fetch
application/json 99.84.238.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.238.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-238-146.sfo5.r.cloudfront.net
Software: /
Resource Hash: 9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

Accept: application/json
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 23:30:34 GMT
via: 1.1 2333ff89d050af60fec5e92934f95fec.cloudfront.net (CloudFront), 1.1 969054bdb3a3ab0ab0c42213e2a06ed8.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P6, SFO5-C3
age: 64602
x-amzn-requestid: 206d4c3d-2386-4c61-a23b-d1851090b938
x-amzn-trace-id: Root=1-65779b9a-02f6698525c556fb60703026;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: PzVAHFSUjoEEpcQ=
content-length: 31
x-amz-cf-id: C4LyojMxrFlMowxewi8YMs3ARJN7L19HlB0BZVwfBaNbl3qAN99FVA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 616ms
288ms Preflight
application/json 99.84.238.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.238.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-238-146.sfo5.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 12 Dec 2023 17:27:16 GMT
via: 1.1 ef53285dd5b91a1ddb0051c6c7e101a0.cloudfront.net (CloudFront), 1.1 969054bdb3a3ab0ab0c42213e2a06ed8.cloudfront.net (CloudFront)
x-amz-apigw-id: P1yuNEVRDoEEn0A=
x-amz-cf-id: iiWGzvF2-XJ4RMsr76zY1KTT8s6tRLPihY4bs4y-ykJOM4U5HIQnaA==
x-amz-cf-pop: SFO53-P6 SFO5-C3
x-amzn-requestid: b79bcef2-6853-4d2b-9d41-f75d982eaeb0
x-cache: Miss from cloudfront

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 17ms
16ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: MDNMCE0B55QAQ3K2
age: 1736236
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8347ad56fa46a93b-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: BHo/Kq9m8K2a91xbAa1RMRWzZ3htf+lNHprquMI48c4m/aO4UvZcO2HGeQ5tAKbADss7lc2GxpE=

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 3ms
2ms Script
text/javascript 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17695
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Dec 2024 12:32:21 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 678ms
182ms Preflight
text/plain 74.118.186.106

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.106 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Tue, 12 Dec 2023 17:27:17 GMT

GET
H2 403 new-drummer-adds-chops-to-mack.html.js Show response
dyv1bugovvq1g.cloudfront.net/11/www.heraldonline.com/2011/07/08/3204275/ 255 B
670 B 1078ms
457ms Fetch
application/xml 13.227.21.162

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.21.162 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b775fd5779d1b77292f5b4bdbb2501b3a307c086d05750950b1ca87e4ef217f0

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 12 Dec 2023 17:27:16 GMT
via: 1.1 88734c1b1a8053ae83daf0f85731c788.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SFO20-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: https://www.heraldonline.com
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-credentials: true
x-amz-cf-id: l_AbKdvqLHaxyyXT01fq3Fx0z8OsDwaUH7WKZFNPYgY9yECPuv9e-Q==

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
555 B 119ms
109ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=906097
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afce3de85b85d9f49e730197505de7a8299cc2d06399563b0199a24c281e50bb

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSlHkCLBnGlumoYEmlfNREYQ1z73AuYW%2FcWpxV0RwalszGYppWR3QtsZzRH%2BFSyTEruXiwQ1EoRcF%2BDHg3mqdjrKXmVeGCVzVCjDJYKLS%2F9%2FJwQztjNuAhZeQTQDqx7mY6tpMruY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8347ad57fd8da87c-SYD
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST unruly_prebid
targeting.unrulymedia.com/ 0
0

POST
H/1.1 200
OK mcclatchy Show response
direct.adsrvr.org/bid/bidder/ 0
404 B 295ms
99ms Fetch
application/json 3.33.241.113

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/mcclatchy
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.241.113 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 12 Dec 2023 17:27:16 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.heraldonline.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
199 B 978ms
301ms Fetch 182.161.73.145

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=12379295421&lsavail=1

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.heraldonline.com
date: Tue, 12 Dec 2023 17:27:16 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 auction Show response
bidder.newspassid.com/openrtb2/ 144 B
781 B 895ms
405ms Fetch
application/json 3.210.154.160

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/openrtb2/auction
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.154.160 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8069ed26ebc67dc07664edf4ac44535e9d4c1aaf6088430c779f801a09167fea

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:17 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 144
expires: 0

GET
H2 200 10f892c4-b76d-4f37-b1fd-0ae5d74780b5 Show response
config.aps.amazon-adsystem.com/configs/ 746 B
1022 B 13ms
3ms Script
application/javascript 18.67.111.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/10f892c4-b76d-4f37-b1fd-0ae5d74780b5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-14.syd62.r.cloudfront.net
Software: CloudFront /
Resource Hash: a4a5389b360ea70e4abf48ea0e0b7d25d7a6076f0c149bbd33f25711412e5c84

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 16:58:31 GMT
via: 1.1 902b6168cd46b8e2de576dabe4e7f0f8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SYD62-P2
age: 1725
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 746
x-amz-cf-id: b4mhZZRrX0rVeDip5h5qeqdPi0RxMKejkY5EfH54smJx_xSwjKHrtQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 334 B
688 B 209ms
208ms XHR
application/json 18.67.113.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heraldonline.com&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.113.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-113-158.syd62.r.cloudfront.net
Software: Server /
Resource Hash: 865cf4e6d16e7b9b50acc5825874547ca8154c6b973470dc78b55801ea49ac3a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:15 GMT
via: 1.1 dc7f2062b70b5b710c1b09d21b43f900.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SYD62-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 334
x-amz-cf-id: snfNCPJjV3lubGsI0oQQBHTKOT9wbieNUzjncjl4pcmsAhkvm_mAGQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
362 B 350ms
341ms XHR
text/javascript 18.67.114.43

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&pid=L2lgPSpgK6rPx&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7675%2FRHL.site_heraldonline%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.114.43 -, , ASN (),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:16 GMT
via: 1.1 3468af8a053b0ff241626aed87444af8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SYD62-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: WXXviJD558Ge6XCbTUFNQrWDSVPiw9GWvCQRuz7aH4M0Om2fbEot4Q==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 16ms
2ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 04:02:38 GMT
content-encoding: gzip
age: 1171478
x-guploader-uploadid: ABPtcPpabVW4fC9SAqeRyi4UdAtt1Me-Lym_aa_kJwkYgNgrJpG5oL43bgAcE_Xov2WHGtJy4LyvQcURnwXAJwZQ65ADXw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 28 Nov 2024 04:02:38 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
34 KB 325ms
13ms Script
text/javascript 104.22.53.86

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: YXYN28D3CQZW60H5
age: 2385
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8347ad5a0c78a7e9-SYD
x-amz-id-2: VSbSHJBmw1A0+wj1Q4HG95YTJrizBHPf4suOi8ePYvQGeJ50Tb2dWDJF/8zZa+duT+Y9kT9aZJctzLV1hTIVPg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 849ms
180ms Script
text/javascript 13.33.89.72

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.89.72 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 11 Dec 2023 21:20:34 GMT
Via: 1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN2-P2
Age: 72405
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 68eMXqa3K7MNKSXakv5fam_La77iShWtMW68nj4ejmH5SU2fZrbh5w==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 482ms
13ms Script
application/javascript 151.101.193.229

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 -, , ASN (),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 17:27:16 GMT
x-content-type-options: nosniff
content-encoding: br
age: 32414
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-bne12522-BNE
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp&cc=1

85 B
193 B

179ms
179ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 66969e5a29daaad959c1cb847d43042a1f2ccbeb96087a0c3f03573087966fce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:16 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-6JtXHqaJ912tL+sjpgvbMiMBUrs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 12 Dec 2023 17:27:16 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.heraldonline.com
location: /esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 122 KB
25 KB 809ms
170ms Script
text/javascript 18.155.204.188

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.204.188 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3329da9aedcce87c04359959cf089356176f096f7c1b158c1c09e65bc6c0ed0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 16:35:51 GMT
x-amz-version-id: UdgQiPHswpUxyD9piZQU9THUNNVB7zLp
content-encoding: gzip
last-modified: Tue, 12 Dec 2023 16:35:45 GMT
server: AmazonS3
via: 1.1 1c4c65e5223e10e3b9e99a624fe0a8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P2
etag: W/"2c4e6d8a6982aaae224f9ab8d5ac403b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
age: 3087
x-amz-cf-id: ZYW2hZ-IbHdDpM8xwzvXpKZdt_uIofwtLVjCouk_iW30ttmWpsUFAQ==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 589ms
202ms Image
image/png 16.182.66.73

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1d88a2178bf1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.66.73 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 17:27:18 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: HSDE1A7DWD18YS3B
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: 28aQg2FhqtxW5SS7BTGZra/ML3oDh+SJWekDBaIH+70GRGrKxdQBxOpl7qkq66NVHfez/XbDPY0=

GET increment
id5-sync.com/api/esp/ 0
0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 7403 484 B
723 B 213ms
100ms Document
text/html 35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: a449e2a8afe48bdd5fa301aa1c39e02655fbe4d080838bed974b4b09fc447b81

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 307
content-type: text/html
date: Tue, 12 Dec 2023 17:27:17 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7403
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=076ba7c5-b095-795b-fed0-363778e2f46b&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e69ba750-9c5f-4bdf-a950-70b39bc43fc0&ttd_puid=076ba7c5-b095-795b-fed0-363778e2f46b&gdpr=0&gdpr_consent=

43 B
314 B

101ms
98ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=e69ba750-9c5f-4bdf-a950-70b39bc43fc0&ttd_puid=076ba7c5-b095-795b-fed0-363778e2f46b&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=e69ba750-9c5f-4bdf-a950-70b39bc43fc0&ttd_puid=076ba7c5-b095-795b-fed0-363778e2f46b&gdpr=0&gdpr_consent=
date: Tue, 12 Dec 2023 17:27:17 GMT
server: Kestrel
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 7403
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXiX9cCo5sAAAOAZN9EAAAAA

43 B
97 B

96ms
96ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXiX9cCo5sAAAOAZN9EAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Tue, 12 Dec 2023 17:27:17 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.161","key":"ZXiX9cCo5sAAAOAZN9EAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad104"}
X-SO-Key: ZXiX9cCo5sAAAOAZN9EAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad104
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXiX9cCo5sAAAOAZN9EAAAAA
Cache-Control: private
X-SO-HostName: m-ad104.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: a-tgng40002.dc2p.scaleout.jp
X-SO-IP: 66.203.112.161

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 7403
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfB6H77jd7Txks8AED41tQmefM8AAAGMXxGWXg

43 B
97 B

100ms
97ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfB6H77jd7Txks8AED41tQmefM8AAAGMXxGWXg
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:17 GMT
via: 1.1 52fa887ba82513d16e3f586c3db681fe.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SYD1-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfB6H77jd7Txks8AED41tQmefM8AAAGMXxGWXg
cache-control: no-cache
content-length: 0
x-amz-cf-id: qvynP2GwFXU6d2CK_RN2M-C8RAt0MU1vl4R40rZ9T8wgU1HiCmQDjQ==
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7403
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmIwNDc0MGYtNzllMi0yN2ZmLWViMzAtNmM4ZWIyMDAzYTBi
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmIwNDc0MGYtNzllMi0yN2ZmLWViMzAtNmM4ZWIyMDAzYTBi&google_tc=

170 B
243 B

102ms
102ms

Image
image/png

142.250.204.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmIwNDc0MGYtNzllMi0yN2ZmLWViMzAtNmM4ZWIyMDAzYTBi&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

142.250.204.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Dec 2023 17:27:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmIwNDc0MGYtNzllMi0yN2ZmLWViMzAtNmM4ZWIyMDAzYTBi&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

sd
us-u.openx.net/w/1.0/ Frame 7403
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVUotZeacxe-KdA2XWojwQ&google_cver=1

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: id5-sync.com
URL: https://id5-sync.com/api/esp/increment?counter=no-config

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVUotZeacxe-KdA2XWojwQ&google_cver=1

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 02:29:22	Name: lidid Value: b4a41178-c8b7-4859-9248-3e6915819350
i.liadm.com/s	1970-01-20 17:36:34	Name: _li_ss Value: ChMKBgjdARDbFgoJCP____8HEOUW
.heraldonline.com/	1970-01-20 16:53:29	Name: ak_bmsc Value: 088E0AC115D952EAFD2ED0D1DF0E5FA2~000000000000000000000000000000~YAAQFEDbFyGXyFeMAQAABncRXxZm0jCYGhD5b9d+u4WhBMUjY7g44ImGaqejx4Bp3YhjFRONz7IIhHCY3FymW8GcmNUSbFtJqWypUXHl59KFsQOLwV+gIQyBhUf0OfetwVrQW6M92qjDrDLghSkN190/61fxNg1r6UCuJiGQDaOWGrKvtW0tZx4qTNdB5JsURq4iwnWgFctxLCb6Xi1kzH22HzNGtCNd2PHKlanm2B9kmyyDRw+GXSdxnKIygEDomUdC6CAV6th81yhXOS4FLbdBIKfps962pKfTGaGqinaByxPl+VKLUf8jYfWoNhec45GFiauHj9CmvtIY6aQK21A4cTKeZUvLGOGta3QOqJhPctecCrPIaq3AWVK4Axr/c5utpVpatc+dn5/SnFc3404=
.scorecardresearch.com/	1970-01-21 02:29:22	Name: UID Value: 1B812a9ee84540c2f3f77381702402030
.postrelease.com/	1970-01-21 01:38:58	Name: visitor Value: e38ea791-d3aa-4131-b08c-f324b4a5b009
.postrelease.com/	1970-01-21 01:38:58	Name: status Value: 0
.imrworldwide.com/	1970-01-21 02:14:58	Name: IMRID Value: aeb10850-9913-11ee-85b1-f1f7dfddf28a
.ml314.com/	1970-01-21 01:40:24	Name: pi Value: 3640584906208706560
.ml314.com/	1970-01-20 17:13:31	Name: tp Value: 3%253b12%252f12%252f2023%2B17%253a27%253a11%253b0
.liadm.com/	1970-01-21 02:29:22	Name: lidid Value: b4a41178-c8b7-4859-9248-3e6915819350
.adsrvr.org/	1970-01-21 01:40:24	Name: TDID Value: e69ba750-9c5f-4bdf-a950-70b39bc43fc0
.adsrvr.org/	1970-01-21 01:40:24	Name: TDCPM Value: CAESFgoHZDB0cm8xahILCI6JobSz0L08EAUYBSABKAIyCwiOnZ_hydC9PBAFOAE.
.ml314.com/	1970-01-20 16:53:22	Name: u Value: aHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8%3D
.eyeota.net/	1970-01-21 01:40:24	Name: mako_uid Value: 18c5f117e92-235f0000010d4da7
.eyeota.net/	1970-01-20 16:53:22	Name: SERVERID Value: 19879~DM
tags.srv.stackadapt.com/	1970-01-21 01:38:58	Name: sa-user-id Value: s%3A0-4f924675-93a1-596c-7da8-efeb2dbc1690.8S6NTx51zXfmrng2kA7Gz1FHLMWcmx3RD44TlEbytLo
.srv.stackadapt.com/	1970-01-21 01:38:58	Name: sa-user-id Value: s%3A0-4f924675-93a1-596c-7da8-efeb2dbc1690.8S6NTx51zXfmrng2kA7Gz1FHLMWcmx3RD44TlEbytLo
tags.srv.stackadapt.com/	1970-01-21 01:38:58	Name: sa-user-id-v2 Value: s%3AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao
.srv.stackadapt.com/	1970-01-21 01:38:58	Name: sa-user-id-v2 Value: s%3AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao
tags.srv.stackadapt.com/	1970-01-21 01:38:58	Name: sa-user-id-v3 Value: s%3AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EHwYBCDvr-KrBjABOgQtwj9GQgQokEXK.f6qyDptaBFA2vrCTkSw2ni9frpmfvf3wsB2%2BnHWUExU
.srv.stackadapt.com/	1970-01-21 01:38:58	Name: sa-user-id-v3 Value: s%3AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EHwYBCDvr-KrBjABOgQtwj9GQgQokEXK.f6qyDptaBFA2vrCTkSw2ni9frpmfvf3wsB2%2BnHWUExU
.demdex.net/	1970-01-20 21:12:34	Name: demdex Value: 91885472651483729943351901127074966951
.dpm.demdex.net/	1970-01-20 21:12:34	Name: dpm Value: 91885472651483729943351901127074966951
.crwdcntrl.net/	1970-01-20 23:22:08	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 23:22:08	Name: _cc_id Value: c16f3e3db34e55a1a1a39631d80e2fdb
.quantserve.com/	1970-01-21 02:23:36	Name: mc Value: 657897f0-34c5c-1a1f0-40b4d
.heraldonline.com/	1970-01-20 16:53:29	Name: bm_sv Value: 79DE6C4CE2D6F0F34151A8412E13BD36~YAAQFEDbFyeXyFeMAQAATIQRXxaHHsrAWQhFHMlnhvyhoHKI1Jq4UaXWZdJYF242+KABvtYPl8ObUprhEQthckT3gSQs7F3tjZlDTZKOrO08uGuQEUnksZACTfzcXBwcbLj7J8lLxUtOmm35hmWbU+SG50qao/pTN6514Vmt8EV8FEjW4EVbq2debK3OzE6s8ZbQhIrgaGINUR5j/lq0Lv0CX9RIMDeJeO5433ZDWDhJcf+csrfnWaXo183FsWR1/ZxUtmVT~1
.heraldonline.com/	1970-01-21 02:29:22	Name: _lc2_fpi Value: b76eb2e26895--01hhfh31yfp6jnvvxsk392r1td
.openx.net/	1970-01-21 01:38:58	Name: i Value: d4c7989c-1912-46ac-a406-fedf1cc5c796\|1702402036

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/obosizny-l/quarantine.b5f80c2797408b6c48a2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://profile-api.amplitude.com/v1/userprofile?device_id=60d1e308-9ce4-418e-bbea-3e7c72dc2e44&user_id=&comp_id=apflrqef Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.heraldonline.com/obosizny-l/messaging/webpush_desktop_.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dyv1bugovvq1g.cloudfront.net/11/www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ams-pageview-public.s3.amazonaws.com
api.fullcontact.com
api.lab.amplitude.com
api2.amplitude.com
app.securiti.ai
b-code.liadm.com
bcp.crwdcntrl.net
bidder.criteo.com
bidder.newspassid.com
c.amazon-adsystem.com
cdn-prod.securiti.ai
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.prod.uidapi.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
cr-p3.ladsp.com
d15kdpgjg3unno.cloudfront.net
direct.adsrvr.org
dis.criteo.com
dpm.demdex.net
dyv1bugovvq1g.cloudfront.net
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
heraldonline.com
htlb.casalemedia.com
htlbid.com
i.liadm.com
i6.liadm.com
id5-sync.com
idx.liadm.com
jadserve.postrelease.com
jp-u.openx.net
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
match.adsrvr.org
mcclatchy-next-apps-prod.s3.amazonaws.com
ml314.com
oa.openxcdn.net
oajs.openx.net
p1.parsely.com
pixel.quantserve.com
profile-api.amplitude.com
ps.eyeota.net
rp.liadm.com
rules.quantcount.com
s.ntv.io
sb.scorecardresearch.com
sdk.iad-05.braze.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sli.heraldonline.com
sync.crwdcntrl.net
tags.crwdcntrl.net
tags.fullcontact.com
tags.srv.stackadapt.com
targeting.unrulymedia.com
tg.socdm.com
us-u.openx.net
vi.ml314.com
www.google-analytics.com
www.googletagmanager.com
www.heraldonline.com
www.i.matheranalytics.com
id5-sync.com
targeting.unrulymedia.com
us-u.openx.net
103.229.10.211
104.22.53.86
104.74.36.170
107.178.250.234
13.215.134.10
13.224.181.10
13.224.181.100
13.224.181.72
13.227.21.162
13.251.194.25
13.33.89.72
13.35.147.9
142.250.204.14
142.250.204.2
142.250.204.8
142.250.71.74
142.250.76.98
142.251.221.67
151.101.130.133
151.101.193.229
151.101.194.132
16.182.66.73
166.108.36.245
172.64.144.166
172.64.151.101
18.155.204.188
18.244.214.70
18.67.111.14
18.67.111.4
18.67.111.60
18.67.111.71
18.67.111.98
18.67.113.158
18.67.114.43
18.67.93.103
18.67.93.116
18.67.97.57
182.161.73.145
182.161.73.146
211.120.53.201
23.52.224.26
3.210.154.160
3.33.241.113
3.33.255.181
34.102.146.192
34.117.77.79
34.120.107.143
34.200.116.119
35.201.104.135
35.244.159.8
35.82.226.172
44.205.176.247
44.242.33.86
52.223.40.198
52.39.142.139
54.153.211.209
54.186.140.101
54.197.68.230
54.198.156.105
54.208.70.34
54.231.193.201
54.253.168.253
54.82.17.205
54.84.121.54
54.86.156.123
74.118.186.106
99.84.238.146
022b18dc9d02df13dccfcffcf8ceac006ea09f9ab54bfb48c1fba9dd143c5531
0432fd7eded99738858707d696559170f6838bed35bb639b1a9aaa6173b62ac9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0863c61c5ac41ff4c1831406f02e4eff3959feaad5eb4c4db3e5c9cafd15b740
0aea5f120a20b1ea5420d77bbafc9b25243efbe5ccc44d8402d3f1c83afd5d97
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc92ca69274a35e7ffb230d1e4e84e460811a04edb62bf303c3c74404053d92
0daa8d82b251242677bab38547bbe7f7695e9e156b9e730dc95877564ab7cec8
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
12eec45f0b78884f3d84ce262d2a8abb1048c8c3ba163977db286268cb46400a
147a18f3a2fbe9c12fc39f4306937fd3ffb54e152a59bd1060ec4cfa2febad31
16641e198d58b0c43813964dabb6b8812174ddd1e55c949c7aea9a9437a85c27
168e4013f995095102fdb7f573944774c6f17be5365427a5e7d8106272fbaaff
18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bd11f89a6f79c3862936ff226aefc450c0799a9b8a1a42604d940c89137cd2f
1e6bedfa014033834f33143d051b44e6c40e73c9b9f90d94484744297d7dd8c3
1f606960a8939a804fd05fbd3f0b0d53512413dd9e1feb44beef6e7f0a38c5e5
1f9feaee1d6f833d39388a99335d5e5d8e36e013e7e398b9ced9dbaf5360d9e3
238179c06067283a19c75493d6a1568f09ab3417959b16acf62054e83dc722f7
2d6bb8fc8403b733dcdb4e554accb225fbe83d4e707418f73a8e41fd5fdd4cf0
2deba40487a51cfd4bdcb4f2ba909b66ed848e73682ebe48b6cd3499b7114ed2
30996b95b3e744a2122ad1a003d33bd79e95b0a139653cf036a0f0c53959aa27
320e2129ea93a85bfcb9c295c9eb7194a47c67f57297b7162cd25b9e6b492cc1
338fdf68201af5c6ba0f68b48af883ec110ce43c51aeb3a044ae94594ef2d610
3dd4fd4a281e5e24d3d66095d403b71713790caed7796e781b6da5cd400bc6cc
3f2282cd50f32942deea9adb34fd29ab026c03f9de8558d7ad55a622f556dbf6
448d910fa07291bfcdd8ede58f50fc2770f68948c68e4d1ad5eb068620679ead
4aa7b9511e1ce89c10dbc8c188d8d0b80989136d05aeaba0ba9c6b42581452ba
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4d17e9fe9a43c70a5f0f9116f55f5bcef2c9131d08a5a22bf35542ff193605b4
4dcc62412f680047c746e6a01da8df55975d718dc3b1e892404ea8703960442a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
524735aefc06518dbb80ef21a645965e9e31909609ceec0e45ecf0e827eb6cf1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5456ae17e8a7d0418a01fbb4ff0b0e15178009479861742a9874beea46ba1f81
54e65529c34a13adf1ba88aa5d10514dc5a67cc72ca5a9328eaf3465b788fe91
551af58c2ce33c58ebc151a61b8d1d28e54ab9ce177d4fac749f0ebc50054cb9
556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1
56ba66ae09f81233fc0266d0f1752d3f82a866263c7a764755fa2230c8690207
583f202784d59e3cc69a3792597ba76badce873397471352ae01aca339740637
5d461dbcdf6c751eb21d83ca13f9f8b2a10c352f46d926732dd3fccb2d665df9
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61147ade1da9b49ebbc02138d3e14ec13762c12aa9f3a837e55e7ebe01bdd5fc
62af5ab25b8eb96c75028db30a02c33b24b0e808cdb123e72e71969300689a8d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6476e58a4c7d9ff8db9644253184c9c562608d6c736f8dd536766b8431074892
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
66969e5a29daaad959c1cb847d43042a1f2ccbeb96087a0c3f03573087966fce
6b8bf8ded904c595022cb4d828ba37914dc0912fd89940f5a74819325d6c647d
6e58a5375befb866d72a1a45c40a83d0396d5cb8e9a9c7fa8bb3190618d7eb06
6eebacb4467fcf863339daac6eb21e851dabb9ee73cd7c038e5cd7f5e9e375dc
713dec5f6e40bd3afba833e8fc51276e4b71c91a32a64f2031d55acb2acb7562
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7422a85a653f74d6aca8bdbdfd81886dba02cc32a08587d3be883d8e67ee6923
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d
752f9ae0f49762a02dd5007e2fdba28577f443db48515c38089f6e764257db04
75b83272e469e0f6134ee26e67723d3be1423236eb1627d6964c757cd48e50b1
75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7be43759eea575dd1fc19230323af6adbf37ade4569f155164f2b87eff05a5a6
7c560fbe3d1a83a71dbf248984b5a84b172b1d764e1068f29ac68bb9a34664ab
7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926
7e6f46b7bac7345de8666b80d10084702f163727054cec5707958b21c03eecb2
7ebdb47af4c57fa699fd3228a955ad6be1e7be6e797efc13264b66056110c0a4
7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767
7f141d70303734c5e6b43ffec0495526573a43f69842a92b346476f35b0fd6c5
8069ed26ebc67dc07664edf4ac44535e9d4c1aaf6088430c779f801a09167fea
809a37bd42adff1c5c0e4f42d93c88fd205c1a341c90de56276797b47c7ffaa6
8353d0f195ddb6deb536c1e0ab5e4943d5a8a6e6be42cfac5d0891ba3b9a919d
83a95fc7585a29759eaa3e36230c44fc205b8057b8f1830ed1cf932489fcc894
865cf4e6d16e7b9b50acc5825874547ca8154c6b973470dc78b55801ea49ac3a
8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8
8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e
8f3aab042e219aedb99bfd80766f2c9797109f38fc9c1b6d11b366369ca7debd
92994d6813041797a378ea4a85c09628aecdaf57a9918c3e6d8e95b8009b6386
9675fb1a9f8fb479477f9261f05709910ca84e7fefd70fffab56ce757cd2b51a
9767a15f0fe9626f2b1c6a03d34c87768bc3866488f231624cdecf8f2d9323b2
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16f46c68f52e3bd2ee463c9cc573e83141e3e2d6e20c94521ecabd2523e52db
a449e2a8afe48bdd5fa301aa1c39e02655fbe4d080838bed974b4b09fc447b81
a4a5389b360ea70e4abf48ea0e0b7d25d7a6076f0c149bbd33f25711412e5c84
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6723c3e2b19aef28cb5c38c0844bda4c2eeb657b1503cd122968a4fec28baf4
a7e5fc6e0513dea13e2e9d682d001735ea6a8967411732ac36777fb65b92f99c
aa99de6d76b0339e7722df6cac60707d2dcc3cb33fc41e5d8788d78be7429683
afce3de85b85d9f49e730197505de7a8299cc2d06399563b0199a24c281e50bb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37450191a725333bfc7bbbccc90c46f16100c799741a849f650fa7a0e55c4b1
b761595301fa26ec4432de9381a708a5adc5828747d678bc1c49418749c58be7
b775fd5779d1b77292f5b4bdbb2501b3a307c086d05750950b1ca87e4ef217f0
b9984c8c2db6be88394af7aaea6a3e815012cc4b6a3579bdb76919a3bd0ec0f3
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
c1f45712fc1017c00e04f809fbaf6cd1e4b0bb68072159b1f122099ec32e8a77
c3f375a063a147bd14344bbcff2c42d7a2d49a8114a00ca7376b4a9fa4df09d5
c5d0343dcc66a7e49d2d672b4c4a9e751f91c8be8260f112b2707a2f9c1c18ef
c98a1f143c0f88b6b92f12ba4d1532d07cad0d265e5d435c3fc78401e9c0154d
ce1291cf2a019af2aa4032a413eaead39ebaef0554c33e32ee8950ccad95b042
cef520e87f175cf9975e154c4fb8a57588da364ceebc7a5bc9367cf77e1c7837
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a
d1798f00809f57a10e52dd47948ceabfb7a5d6166ee026f06c885ec67076d4ee
d3329da9aedcce87c04359959cf089356176f096f7c1b158c1c09e65bc6c0ed0
d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83
d36b97832b3c94a65881f0b9f2bbcb4d2c8750f406c5094158d714e0f85d55b9
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b
d891e339690b4d92ebf38c3448896babdd45cda3dda34a98730570632a8fb2ba
d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df63876ad6379f2977e7abdd1302bc6b3f97ad7808ccdcdcafed334af92edff8
e274750420dcb24fdf142f28233abce8e75a37b5e1799bc2d3592e270b480a84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b905a0878274b4486ce276be79c4409305e83ae0a836e444b6c5a17d37f686
e4cb1d71fb72f4874948c77241d999b11b77082bc44d53870775b5a39fa15122
e73c544e2b2e9d3c4b8b1abd373b9a6b80e0c13f0cd4afe3deb9b75eac0aa54b
e8c774f42783bb8da914e19bf6948525c9c2b1265236b7dc7533f04428c886be
ead6e2801dc33d6f9fd61e347cdcc076fca551033d18d008be9eb717f10da7ed
ee696bcd360cf214c0e7dba6e852fc9cbd1aa737df2a37c620103018c9b12130
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
f23a7571bc801ca854bc9f3adf6e654f07a2fca29e25c501e845b986784d9137
f52ff0863c005ee866912807e87887282b324892db804b1145cf062f3425b77a
f6dd50133ddf38755973676f5f279bef2c7dc4521ec6f54742c06f97ddce0f32
fbb9b9f9d2fbf1c72a42cfe12f328a32132577cc03700361dc4373d26812b237
fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

www.heraldonline.com Open in urlscan Pro 23.52.224.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

172 Requests

74 %HTTPS

0 %IPv6

42 Domains

71 Subdomains

63 IPs

3 Countries

1783 kBTransfer

5834 kBSize

29 Cookies

27 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldonline.com Open in urlscan Pro
23.52.224.26 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

74 %
HTTPS

0 %
IPv6

42
Domains

71
Subdomains

63
IPs

3
Countries

1783 kB
Transfer

5834 kB
Size

29
Cookies

172 HTTP transactions
0 data transactions